Ganymed SSH-2: Java based SSH-2 Protocol Implementation
The Ganymed SSH-2 library allows one to connect to SSH servers from within Java programs. It supports SSH sessions (remote command execution and shell access), local and remote port forwarding, local stream forwarding, X11 forwarding, SCP and SFTP. There are no dependencies on any JCE provider, as all crypto functionality is included.
Ganymed SSH-2 for Java is the de-facto standard for open source based SSH communication in Java software. The library is used in many industrial products but also in open source software, e.g., in the widely used SVN plugin for Eclipse and in Cyberduck (a popular SFTP client for the Mac).
Originally, Ganymed SSH-2 for Java was developed by Dr. Christian Plattner for the Ganymed replication project at ETH Zurich, Switzerland, back in 2005. In the meantime, its clearly structured code has been ported by different people to other languages as well. Confusingly, there are also Java branches with slightly different names. However, Ganymed SSH-2 for Java is the original implementation with a stable interface that is backwards compatible to the first implementation written in 2005 (!).
Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
verinice ist ein ISMS-Tool für das Management von Informationssicherheit. Die Software wird unter der Lizenz GPLv3 zum freien Download als OpenSource-Software kostenfrei bereit gestellt.
verinice unterstützt die Betriebssysteme Windows, Linux und MacOS und hat die Grundschutzkataloge des BSI lizenziert.
Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
JUG is a pure java UUID generator, that can be used either as a component in a bigger application, or as a standalone command line tool (a la 'uuidgen'). UUIDs are 128-bit Universally Unique IDentifiers (aka GUID, Globally Unique IDentifier used in Windows world).
JUG generates UUIDs according to the IETF UUID draft specification (and further clarified in UUID URN name space IETF draft ) – all 3 'official' types defined by the draft – is fast, portable and Open Source (as well as Free Software ).
You can use JUG in your application according to the license terms of LGPL (Lesser General Public License); or, from version 2.0 on, ASL . See Download page for more details.
From version 1.0.0 on, native code (invoked via JNI) for accessing Ethernet MAC address is included with Jug distribution. Big thanks to Paul Blankenbaker and DJ Hagberg (amongst others) for their code contributions!
Note that using this functionality is optional: only time+location - based generation needs MAC address, and even with it, one can just pass the address from a configuration file.
Currently JNI-based Ethernet MAC address support is available on following platforms:
* Linux / x86
* Windows (98, ME, NT, 2K, XP?) / x86
* Solaris / Sparc
* Mac OS X
* FreeBSD / x86
Note: if anyone can recompile Mac OS X JNI code on Open/NetBSD and try if if it works, that would be useful (FreeBSD JNI code was compiled this way).
VELO is an Open Source Identity and Access Provisioning server.
Features
* SPML V2 compliance. new!
* Role Based Access Control (RBAC)
* Consolidated Employee Identity Attributes repository
* Accounts Attribute Synchronization
* User and Access Reconciliations
* Integrated work-flow engine for complex business processes
* Self Service interfaces
* Support many resources
* Support Complete Account Operations
* Specific typed actions can be added easily
* Centralized Password Policy and Password Synchronization.
* Auditing & Compliance.
* Powerful scripting support for complex processes via Scripting expressions
* Supports more than 20 different scripting languages! new
* Remote services access via Web-Services.
* Extensible via Events.
* Advanced Report Designer & Web-based Reporting Manager.
* Pluggable Authentication Handlers.
* Jboss and Glassfish Support
Features
* On Demand
o Can load keys when ssh is launched.
o Can load keys when the Apple Keychain is unlocked.
* Security
o Can unload keys on sleep (or after a period of sleep).
o Can unload keys when the screenssaver kicks in.
o Can unload keys when the Apple Keychain is locked.
o Can lock the Apple Keychain when the screensaver kicks in.
o Can ask for confirmation when keys are accessed (useful for agent forwarding).
* Display
o Icon can be displayed in the statusbar, dock, or both.
* Integration
o Apple Keychain
+ Can store SSH key passphrases in the Apple Keychain.
+ Can lock/unlock the Apple Keychain from a menu item.
o Global Environment
+ Can add the necessary variables to the global environment, so you can use SSHKeychain with Project Builder, etc.
o SSH Tools
+ Works seamless with the commandline tools (adding keys from the commandline also updates the UI).
+ Can generate new keypairs from the UI.
* Networking
o Tunneling
+ Local ports can be forwarded over a ssh connection from the tunnel menu.
+ Tunnels can be launched when your keys are loaded.
+ The tunnel menu indicates the status of your tunnels.
+ Tunnels are automatically closed when the system goes to sleep.
+ Multiple ports can be forwarded over one ssh connection.
o Can handle agent requests through Agent Forwarding.
The SOBF Tool is an Information Security Risk Analysis and Management tool. It is the reference implementation of the SOMAP.org Guide and follows the risk analysis workflow as described in the Guide.
The SOBF Tool is currently in development and there are public preview downloads from time to time. Please see below under Status/Download for further details.
The PermissionSniffer is designed to help developers determine the minimum set of permissions that their application requires in order to run.
The PermissionSniffer is still under development. Comments, feedback, contributions, etc. are greatly appreciated.
The Security Officers Management and Analysis Project (SOMAP.org) is all about Open Source Information Security Risk Management. It is our belief that risk management processes and best practices need to be offered in an open kind. Only freely available risk management informations can potentially lead to a better security management and further development of the whole risk management field.