About | FAQ | Backlog
Open Source projects, categorized.
add filters by typing...
...or clicking
activedirectory asm authentication authorization backup blacklist bsd c c++ crypto cryptography csrf cvs cypherpunk datamapper decentralized developerfriendly distributed dsl education encrypted encryption engineering exploit file file-transfer-protocol-(ftp) firewall free freebsd frontend git github glade gnupg gpg gpl gpl2 gps gtk hack hacker-friendly hacking honeypot html i18n identity ids injection insecurity ip irb j2ee jaas janrain java javaee javascript jquery ldap lfi libpcap log mathematics metasploit middleware modular network networking non-corporate non-profit openbsd openid openpgp open-source openvpn osx overlay packet packetfilter packet-fu parallel pcap pcaprub pentest pf pgp php platform plot plugin plugins portable python rails rake rdoc realtime remote remoteaccess repertoire repository reverse-require rfc2440 rfc4880 rfi ror rpc rspec rubygem rubyonrails sake saml scan scientific scm secure server shellcode shells simulation singlesignon single-sign-on sql ssh ssl sun svn sysadmin system systems-administration tcp template token typo udp unix url utility visualisation vpn wardriving web web2.0 webservices ws-federation ws-trust xacml xss パケット パケットフ
[42 users on Ohloh]
The Open Web SSO project provides core identity services to simplify the implementation of transparent single sign-on as a security component in a network infrastructure. It provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.
Metasploit Framework
[26 users on Ohloh]
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
[3 users on Ohloh]
DenySSH monitors the auth log of a BSD system for failed SSH login attempts and adds repeat attackers to a Packet Filter table, allowing you to define PF rules to block the attacking hosts or redirect them to a honeypot for your amusement.
[2 users on Ohloh]
Tags: backup security remote encrypted ruby
Crackup is a pretty simple, pretty secure remote backup solution for folks who want to keep their data securely backed up but aren't particularly concerned about bandwidth usage.
[2 users on Ohloh]
Tags: ruby security
Net::SSH is to SSH as Net::Telnet is to Telnet and Net::HTTP is to HTTP. Perform non-interactive SSH processing, purely from Ruby!
[1 users on Ohloh]
OpenPGP.rb is a pure-Ruby implementation of the OpenPGP Message Format (RFC 4880).
[1 users on Ohloh]
PacketFu is a mid-level, cross-platform packet manipulation library for Ruby, allowing for easy Layer 4 and below packet creation and parsing.

It requires:

Ruby (1.8.6 or later)
PcapRub (0.8-dev or later)
BinData (0.9.3 or later)

Both PcapRub and BinData are distributed as part of PacketFu distro.

PacketFu is also itself packaged with Metasploit for packet crafting goodness.

[1 users on Ohloh]
Ronin is a Ruby platform designed for information security and data exploration tasks. Ronin allows for the rapid development and distribution of code over many of the common Source-Code-Management (SCM) systems.
[1 users on Ohloh]
Tags: ssl c++ ruby cryptography security
PKI programs for Ruby scripting language (Ruby: www.ruby-lang.org): OpenSSL for Ruby (checkout homepage, CVS, files), RubyCA (not started yet)
[0 users on Ohloh]
Tags: exploit rake massassignment security plugin rails ruby
This SVN repository is no longer active! The project has been MOVED to GitHub:



The audit_mass_assignment Ruby on Rails plugin contains a rake task that checks the models in your project for the attr_accessible whitelist approach for protecting against "mass assignment" exploits. It does not check for use of attr_protected!

If a Rails model does not use attr_accessible, it fails this audit. The audit does not chec...

[0 users on Ohloh]
Tags: security template rails ruby
Liquid is a templating language developed for Shopify.

Its available in full source and has been deployed in production in many hosted and non hosted rails applications, allowing them to offer unparalleled customizability to their users and customers while maintaining server security.

Liquid users should read UsingLiquidTemplates

MovedThis project's code moved to git and github. Please go to http://www.liquidmarkup.org for the latest links.

[0 users on Ohloh]
Tags: simulation security networking ruby honeypot
What is myvnet?It's a virtual honeypot for GNU/Linux systems, written in Ruby. A C++ version is planned after the architecture is fully stable.

DocumentationGo to the myvnet Wiki.

DevelopersFilipe David Borba Manana, fdmanana (at) gmail (dot) com

Development environmentDebian GNU/Linux Ruby 1.8.7 NetBeans IDE 6.1 Getting myvnetMake sure you have the Subversion client installed on your machine. Then run:

svn checkout https://myvnet.googlecode.com/svn/tags/myvnet-v0....

[0 users on Ohloh]
Tags: ruby security file-transfer-protocol-(ftp)
Net::Netrc is a pure Ruby library providing ftp(1)-compatible .netrc file parsing
[0 users on Ohloh]
pp-VIS (spelled pipi-VIS, germans with bad humour will understand the joke) is a tool that can visualize different fields of network packets in a parallel coordinate plot. This tool was made in search of a Linux and realtime version of Rumint. Its written in Ruby with support for pcap and netflow. pp-VIS uses Opengl for displaying data.
[0 users on Ohloh]
PKI build on Ruby on Rails.
[0 users on Ohloh]
Pure Ruby tempfile implementations appear to suffer from well-known race conditions. The 'mkstemp' family of functions now popular on Linux & *BSD attempt to work around these issues. This module makes them available to Ruby programmers on platforms where they are present.
[0 users on Ohloh]
Tags: rubyonrails csrf xss web janrain security plugins rails ruby
secure_action is a ruby on rails plugin which makes it easy to defend your site against assumed logged in attacks, also called CSRF(cross site request forgery) attacks.

In an assumed logged in attack, a malicious site assumes the visitor is logged into a target site. The malicious site crafts a URL to a destructive action on the target site (change email, delete account, etc) and opens the URL to that action in a hidden iframe. The browser then sends the user's cookies and actions may be...

[0 users on Ohloh]
Tags: ruby xss security web rails
XSS Shield protects your views against cross-site scripting attacks without error-prone manual escaping with h().

Instead of:

<%= h(item.name) %>
<%= link_to "#{h(item.first_name)}'s stuff", :action => :view, :id => item %>

You will be able to write:

<%= item.name %>
<%= link_to "#{item.first_name}'s stuff", :action => :view, :id => item %>

and all your views will be automatically protected. ...

[0 users on Ohloh]
OverviewActive Authentication is a modified version of acts_as_authentication designed to authenticate users against Active Directory and automatically adds them to the database.

InstallationInstallation is similar to acts_as_authenticated, first you install the plugin:

./script/plugin install http://activeauthentication.googlecode.com/svn/trunk/activeauthenticationNext generate your model and migrate the database:

./script/generate authenticated user account

[0 users on Ohloh]
Work in progress: This project has not yet been moved to google code. See also the official homepage.

YaptestFE is a Web Frontend for Yaptest. As of version 0.9 it allows viewing of much of the information in the database used by Yaptest.

The Frontend is designed to complement the command line interface. Sometimes it's more convenient to browse the database using this web interface. Other times it's more appropriate the use the command line utilities to grep and cut the data re...