About | FAQ | Backlog
Open Source projects, categorized.
add filters by typing...
...or clicking
activedirectory asm authentication authorization backup blacklist bsd c c++ certificate crypto cryptography csrf cvs cypherpunk datamapper decentralized developerfriendly distributed dsl education encrypted encryption engineering exploit exploits file file-transfer-protocol-(ftp) firewall free freebsd frontend git github glade gnupg gpg gpl gpl2 gps gtk hack hacker-friendly hacking honeypot html i18n identity ids injection insecurity ip irb j2ee jaas janrain java javaee javascript jquery ldap lfi libpcap log mathematics metasploit middleware modular netflow network networking non-corporate non-profit openbsd openid openpgp open-source openvpn osx overlay packet packetfilter packet-fu parallel pcap pcaprub pentest pf pgp php platform plot plugin plugins portable python rails rake rdoc realtime remote repertoire repository reverse-require rfc4880 rfi ror rpc rspec rubygem rubyonrails sake saml scan scientific scm scruby secure server shellcode shells simulation singlesignon single-sign-on sql ssh ssl sun svn sysadmin system systems-administration tcp template token udp unix url utility visualisation vpn wardriving web web2.0 webservices wireshark ws-federation ws-trust xacml xss
[42 users on Ohloh]
The Open Web SSO project provides core identity services to simplify the implementation of transparent single sign-on as a security component in a network infrastructure. It provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.
Metasploit Framework
[26 users on Ohloh]
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
[3 users on Ohloh]
DenySSH monitors the auth log of a BSD system for failed SSH login attempts and adds repeat attackers to a Packet Filter table, allowing you to define PF rules to block the attacking hosts or redirect them to a honeypot for your amusement.
[2 users on Ohloh]
Tags: backup security remote encrypted ruby
Crackup is a pretty simple, pretty secure remote backup solution for folks who want to keep their data securely backed up but aren't particularly concerned about bandwidth usage.
[2 users on Ohloh]
Tags: ruby security
Net::SSH is to SSH as Net::Telnet is to Telnet and Net::HTTP is to HTTP. Perform non-interactive SSH processing, purely from Ruby!
[1 users on Ohloh]
OpenPGP.rb is a pure-Ruby implementation of the OpenPGP Message Format (RFC 4880).
[1 users on Ohloh]
PacketFu is a mid-level, cross-platform packet manipulation library for Ruby, allowing for easy Layer 4 and below packet creation and parsing.

It requires:

Ruby (1.8.6 or later)
PcapRub (0.8-dev or later)
BinData (0.9.3 or later)

Both PcapRub and BinData are distributed as part of PacketFu distro.

PacketFu is also itself packaged with Metasploit for packet crafting goodness.

[1 users on Ohloh]
Ronin is a Ruby platform designed for information security and data exploration tasks. Ronin allows for the rapid development and distribution of code over many of the common Source-Code-Management (SCM) systems.
[1 users on Ohloh]
Tags: ssl c++ ruby cryptography security
PKI programs for Ruby scripting language (Ruby: www.ruby-lang.org): OpenSSL for Ruby (checkout homepage, CVS, files), RubyCA (not started yet)
[0 users on Ohloh]
Tags: ruby security file-transfer-protocol-(ftp)
Net::Netrc is a pure Ruby library providing ftp(1)-compatible .netrc file parsing
[0 users on Ohloh]
The Sulawesi Software Collective have no illusions about making lots of money, attracting hordes of code-groupies, or saving the world. We don't even think we are all that clever. But coding can be fun, and we aim to have fun.

All software you may find in this project is subject to the Apache License, Version 2.

[0 users on Ohloh]
Tags: tld ruby urlhijacking typosquatting url typo security
UrlCrazy is for the study of domainname typos / url hijacking.

It generates domainname typo permutations then tests them to learn if they are in use, estimates their popularity and more.

TYPES OF TYPOS SUPPORTEDCharacter Omission.These typos are created by leaving out a letter of the domain name, one letter at a time. For example, www.goole.com and www.gogle.com

Adjacent Character Swap.These typos are created by swapping the order of adjacent letters in the domain nam...

[0 users on Ohloh]
Details will follow - soon.
[0 users on Ohloh]
Two-factor authentication from WiKIDThe WiKID Strong Authentication System is a public key-based two-factor authentication system. It is flexible, extensible, and secure alternative to tokens,certs & passwords. Application support for Java, Windows, PHP, Ruby, Python, SugarCRM, webmail, OpenVPN, LDAP, TACACS+, etc. Open source token clients include a J2SE client and a Firefox extension (in beta).

The token client encrypts the user's PIN with the WiKID server's public key and sends it...

[0 users on Ohloh]
Tags: ruby xss security web rails
XSS Shield protects your views against cross-site scripting attacks without error-prone manual escaping with h().

Instead of:

<%= h(item.name) %>
<%= link_to "#{h(item.first_name)}'s stuff", :action => :view, :id => item %>

You will be able to write:

<%= item.name %>
<%= link_to "#{item.first_name}'s stuff", :action => :view, :id => item %>

and all your views will be automatically protected. ...

[0 users on Ohloh]
OverviewActive Authentication is a modified version of acts_as_authentication designed to authenticate users against Active Directory and automatically adds them to the database.

InstallationInstallation is similar to acts_as_authenticated, first you install the plugin:

./script/plugin install http://activeauthentication.googlecode.com/svn/trunk/activeauthenticationNext generate your model and migrate the database:

./script/generate authenticated user account

[0 users on Ohloh]
Work in progress: This project has not yet been moved to google code. See also the official homepage.

YaptestFE is a Web Frontend for Yaptest. As of version 0.9 it allows viewing of much of the information in the database used by Yaptest.

The Frontend is designed to complement the command line interface. Sometimes it's more convenient to browse the database using this web interface. Other times it's more appropriate the use the command line utilities to grep and cut the data re...

[0 users on Ohloh]
Tags: exploit rake massassignment security plugin rails ruby
This SVN repository is no longer active! The project has been MOVED to GitHub:



The audit_mass_assignment Ruby on Rails plugin contains a rake task that checks the models in your project for the attr_accessible whitelist approach for protecting against "mass assignment" exploits. It does not check for use of attr_protected!

If a Rails model does not use attr_accessible, it fails this audit. The audit does not chec...

[0 users on Ohloh]
Tags: security template rails ruby
Liquid is a templating language developed for Shopify.

Its available in full source and has been deployed in production in many hosted and non hosted rails applications, allowing them to offer unparalleled customizability to their users and customers while maintaining server security.

Liquid users should read UsingLiquidTemplates

MovedThis project's code moved to git and github. Please go to http://www.liquidmarkup.org for the latest links.

[0 users on Ohloh]
Tags: simulation security networking ruby honeypot
What is myvnet?It's a virtual honeypot for GNU/Linux systems, written in Ruby. A C++ version is planned after the architecture is fully stable.

DocumentationGo to the myvnet Wiki.

DevelopersFilipe David Borba Manana, fdmanana (at) gmail (dot) com

Development environmentDebian GNU/Linux Ruby 1.8.7 NetBeans IDE 6.1 Getting myvnetMake sure you have the Subversion client installed on your machine. Then run:

svn checkout https://myvnet.googlecode.com/svn/tags/myvnet-v0....