phpLogin is a user login and authentication module for the phpNova framework. It contains all user authentication-related tasks and UI. Dependencies include: phpSession, phpHash, and phpSQL. This module is part of the phpNova framework for PHP, which is currently in the alpha stages of development.
RedWolf is a security threat simulator that tests security system effectiveness. Its threat generation capabilities include email, IM, malware, P2P, social networking, VoIP, DDoS, and many more. The guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the effectiveness of network defenses. The scenario suite allows one to verify compliance with PCI-DSS, Sarbanes-Oxley, or HIPAA controls. RedWolf helps identify data loss risks and provides expert recommendations concerning risk mitigation. It reports present findings, recommendations, best practices, and blocking guidance in a straightforward, easily readable format. RedWolf also acts as a 'Red Team' agent, running drills to measure the readiness of your operations staff.
Lasso (Liberty Alliance Single Sign On) is an implementation of the Liberty Alliance specifications. These specifications define protocols for federated identities, single sign-on, etc. Lasso supports ID-FF 1.2, SAML 2.0, and parts of ID-WSF. It provides both a C library and bindings for several languages (Python, Java, Perl, PHP 4, and PHP 5).
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
Security Management and Risk Tracking (SMART) is a Web-based application to manage an information security program. This is a comprehensive solution that enables a corporation to manage an information security policy, information security policy exception handling, security certification and accreditation (SC&A), third party connection management, asset and vendor management, and issue tracking for different types of projects like security audit, pen testing, SOX, and so on.