StopHack is a simple to use and easy to install intrusion prevention system. It is fully adaptable and easily customized to your environment. It is built on top of proven bandwidth arbitration technology so the traffic passing through it won't be slowed down. Every packet is analyzed with regular expression-based behavior anomaly detection, and hackers are blocked immediately. It prevents reflected cross-site scripting, SQL injection, directory traversal, reflected URL redirects, login brute forcing, remote shell execution, and more.
Netscape Security Wrapper manages the loading of NPAPI (Netscape Plugin API) plugins and applies simple policy decisions. The intention is to allow administrators to deploy deprecated, unreliable, or unsafe third party plugins while minimizing the security exposure. Safari, Google Chrome, Firefox, and other NPAPI-compatible browsers are supported on OS X and Linux. Use cases include: restricting plugins to certain domains, restricting the use of deprecated plugins to known outliers, allowing internal corporate workflows which use insecure or deprecated plugins without exposing the plugin to the hostile Internet, and allowing multiple outdated plugin versions (e.g., Java) to co-exist for use in whitelisted, trusted enterprise tools.
Caume Data Security Engine is a REST API platform for storing and processing files in uncontrolled environments. It provides a Free Software solution which allows the creation of reasonably secure and isolated workspaces to process and store sensitive data within uncontrolled environments. With concepts such as "the cloud" and "bring your own device", as well as an increasing demand for mobile devices, it has become clear that the way in which companies operate is changing dramatically, and, with it, the way in which we secure information and the infrastructure which supports business processes. CaumeDSE has been designed as a service platform which provides security to data by using free, well-known, and robust cryptographic software, as well as open and simple data structures and interfaces to make portability and extensibility easy.
The Dynamic Router Lite II project is a router project by the Dutch national police agency that allows Web-based client-control over the next-hop router for the client. A Dynamic Router Lite II system is placed as a default gateway between one or more client networks and a router network with multiple gateway-routers on it. The Dynamic Router Lite II system does policy-based routing with policy-based DNS to match the routing policy. By default a client will have no active gateway, and any attempted HTTP traffic to any domain will lead the user to the router's Web interface, where the user can then pick an appropriate next-hop router. Once picked, all traffic for the client including DNS will be forwarded to the next-hop router the user picked.
The Whitewash module allows Ruby programs to clean up any HTML document or fragment coming from an untrusted source and to remove all dangerous constructs that could be used for cross-site scripting or request forgery. All HTML tags, attribute names and values, and CSS properties are filtered through a whitelist that defines which names and what kinds of values are allowed; everything that doesn’t match the whitelist is removed. The whitelist is provided externally, and the default whitelist is loaded from the whitelist.yaml shipped with Whitewash. The default is the most strict (for example, it does not allow cross-site links to images in IMG tags) and can be considered safe for all uses.
jPDFSecure is a Java library which can digitally sign PDF documents and change security settings on PDF Documents. With jPDFSecure, your application or Java applet can encrypt PDF documents, set permissions and passwords, and create and apply digital signatures. jPDFSecure is optimized for performance and is built on top of Qoppa's proprietary PDF technology, so there is no need for any third party software or drivers. jPDFSecure has a simple interface to load PDF documents from files, network drives, URLs, and even input streams, which can be generated at runtime or come directly from a database. After changing security settings, jPDFSecure can save the document to a file, a java.io.OutputStream, or a javax.servlet.ServletOutputStream when running in a J2EE application server to output the file directly to a browser. jPDFSecure is platform-independent and can be used in any environment which supports Java.
log2command was created as a sort of reverse fail2ban or cheap VPN-firewall: a machine with a closed firewall can be told, by a foreign machine, to accept connections from a specific IP. log2command then keeps track of the Web server log file and watches for inactivity from the user's IP. After an amount of time, another command is executed that can remove the user's IP from the firewall, closing down the machine again. The PHP script is a command line program that can be run in the background.
Cura is a mobile phone application bundle of remote server administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature allows you to have Cura's database wiped when you send the compromised phone a secret pattern of your choosing. (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database and receive the location of the compromised phone as an SMS to your emergency phone number or as an e-mail to your emergency email address).