Open Source C Security Software for ChromeOS

Darik's Boot and Nuke ("DBAN") is a self-contained boot image that securely wipes hard disk drives (HDDs). DBAN is appropriate for personal use, bulk data destruction, or emergency data destruction for HDDs, but is not recommended for solid-state drives (SSDs), sanitization that requires auditable compliance documentation, or technical support.

Msieve is a C library implementing a suite of algorithms to factor large integers. It contains an implementation of the SIQS and GNFS algorithms; the latter has helped complete some of the largest public factorizations known

Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted files to database records. Use Secure Cell to encrypt data at rest. Secure Cell is built around AES-256-GCM, and AES-256-CTR. Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. Based on ECC + ECDSA / RSA + PSS + PKCS#7.

Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

jpcap is a set of Java classes which provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. jpcap utilizes libpcap, a widely deployed system library for packet capture.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

The OpenCA PKI Development Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide.

Recursive computing and matching of Context Triggered Piecewise Hashing (aka Fuzzy Hashing). Supports Windows, *nix, BSD, OS X, etc.

The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers

encrypt is a multi-platform, file encryption application. Binary packages are currently provided for Arch, Debian, Fedora, MS Windows, Android and OS X. For further details, including the latest source code, visit https://albinoloverats.net/projects/encrypt

We moved to https://github.com/frankmorgner/vsmartcard see you there!

[IMPORTANT] Retroshare is now distributed on Github. Please go to http://retroshare.net to find the latest releases and sources. RetroShare is a cross-platform, secured and decentralized communication system. It lets you to securely chat, share photos, videos, and more with family and friends, using OpenPGP to authenticate peers and OpenSSL to encrypt all communication.

AFL (American Fuzzy Lop) is a widely used graybox fuzzer that discovers bugs by mutating inputs and steering execution using lightweight instrumentation. Instead of random mutations alone, it uses coverage feedback to evolve input corpora, pushing programs into deeper and more interesting code paths. Its workflow emphasizes quick start: point it at a target binary with compile-time instrumentation (or use QEMU-based mode when recompilation isn’t possible), seed it with a small corpus, and let it iterate. AFL is known for finding serious security issues in complex software due to its corpus minimization, queue management, and deterministic mutation stages that balance breadth and depth. It provides crash triage helpers and test case minimization so developers can reproduce and fix issues quickly. The design deliberately optimizes for robustness and speed on commodity hardware, which helped it become a standard part of many security testing pipelines.

This is a library for easy accessing chip cards /smart cards via a chipcard reader. It currently works under Linux, FreeBSD and Windows. It is tested with Towitoko and Kobil readers.

readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones.

ReHash is an easy-to-use console-based hash calculation tool written in C++. It supports many algorithms and output formats and it can be fully configured using some of the many command-line arguments which can be passed to the tool.

The Safe C Library provides bound checking memory and string functions per ISO/IEC TR24731. These functions are alternative functions to the existing standard C library that promote safer, more secure programming. The ISO/IEC Programming languages — C spec, C11, now includes the bounded APIs in Appendix K, "Bounds-checking interfaces". This latest upload supports building static library, a shared library and a linux kernel module.

jPBC is a Java porting of the PBC Library, a Pairing-Based Cryptography Library written in C. It supports symmetric and asymmetric pairing. With jPBC it is really easy to use such a strong cryptographic primitive.

Address to hash160 is an efficient multi-threaded tool designed to decode various cryptocurrency addresses (such as Bitcoin BTC,Bitcoin Cash BCH, Litecoin LTC, Bitcoin Gold BTG, etc.) to extract hash160 values. It is often used in research such as brainflayer, keyhunt, BitCrack, ecloop, keyhunt cuda, etc.

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Libkpass is a from-scratch C implementation of reading and writing KeePass 1.x format password databases. Please check github for future updates.

The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set. It works seamlessly in desktop, enterprise, and cloud environments as well. wolfSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2, is up to 20 times smaller than OpenSSL, offers a simple API, an OpenSSL compatibility layer, OCSP and CRL support, is backed by the robust wolfCrypt cryptography library, and much more. wolfSSL relies on the FIPS 140-2 validated wolfCrypt library for all cryptographic functionality. Visit http://wolfssl.com/wolfSSL/fips.html for more info!

TinyCrypt is a simple secure program for encrypting files. The core encryption code is only 76 lines of C code, based on the well known ARC4-D(768) algorithm.