Open Source PHP Security Software

This is an open-source introduction to Bash scripting guide/ebook that will help you learn the basics of Bash scripting and start writing awesome Bash scripts that will help you automate your daily SysOps, DevOps, and Dev tasks. No matter if you are a DevOps/SysOps engineer, developer, or just a Linux enthusiast, you can use Bash scripts to combine different Linux commands and automate boring and repetitive daily tasks, so that you can focus on more productive and fun things. The guide is suitable for anyone working as a developer, system administrator, or a DevOps engineer and wants to learn the basics of Bash scripting. The first 13 chapters would be purely focused on getting some solid Bash scripting foundations then the rest of the chapters would give you some real-life examples and scripts.

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo

About GameOver: Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work. GameOver has been broken down into two sections. Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. This section provides a legal platform to test your skills and to try and exploit the vulnerabilities and sharpen your skills before you pentest live sites. We would advice newbies to try and exploit these web applications. These applications provide real life environments and will boost their confidence.

AUM is an extremely fast, small-state, cryptographically secure pseudo-random number generator and stream cipher. AUM exhibits uniform distribution, mixes rapidly, has no detected bias, and comes in three variants: AUM16, with an internal state array of 16+4 32-bit words; AUM32, with an internal state of 32+4 words; and AUM64 with a 64+4-word state. The former permit seeding with a key of up to 512 or 1024 bits, the latter with a 2048-bit key.

CSRmanage is an application that can be used to validate CSRs (Certificate Signing Requests) and store them along with anciliary information about the personnel involved with CSRs and certificate installations and approvals. CSR evaluation is configurable/very strict. With adequate configuration, CSRmanage may save organizations time and money by ensuring that CSRs to be submitted are formatted corrrectly and conform to organizational network/I.T/DNS naming conventions. It can also serve as a historical record of organizational CSRs.

*** NEW PROJECT PAGE https://github.com/RandomStorm/DVWA

home-firewall.sourceforge.net -- Sets up a basic firewall using Linux iptables. Provides a way to add allowed sites dynamically. Home-firewall makes extensive use of shell scripts and Linux's cron utility. Maintain order in your school. ChamTech.net

GuerillaTactics is an effort to bring "Computer Education Through Security Analysis". We aim to create a security education "lab kit" including management software and a curriculum framework.

This simple script is used to make an easy login script without the need for MySql! Perfect for admin accounts, etc.

SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid. SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to efficiently cipher text of arbitrary length or files of any size or type. Use it with confidence. To achieve complete one-on-one privacy, SES traverses several levels en route to its output. The more words in your key-phrase, the more layers of encipherment SES applies. It is part Vigenere, part onetime pad, part cryptographic hash, not to mention the essential scrambler element, each component driven by ISAAC, with all key-derivation and stretching relying on Keccak in 512-bit configuration.