*OpenSec* is an Open-Source Security API. This project is part of [http://code.google.com/p/openipsec OpenIPSec] project.<br> This API contains all mandatory security algorithms needed to implement an *IPSec Framework*. It contains two types of security algorithms: *authentication* and *encryption...

=Ferruh Mavituna's Freakin' Simple Fuzzer= [http://www.webguvenligi.org/ http://www.webguvenligi.org/wp-content/themes/ocean-mist-10/images/owasp.png] [http://labs.portcullis.co.uk http://labs.portcullis.co.uk/mg/logo.gif?googlecode] FSF is a plug-in based freakin' simple fuzzer for fuzzing ...

===Version 2 Released!=== *[http://mushpup.org/ Version 2] of Mushpup has been released offering compatibility with a wider variety of sites. For more information, [http://mushpup.org/wiki/MushpupVersion2 click here].* Passwords obviously are important and most people know by this time how to p...

=Webpentools= Tools to assist in pentesting web servers. The're written en c and highly customizable in order to be usable in all kinds of different circumstances. Check out the [http://code.google.com/p/webpentools/wiki/Examples examples] page to get an impression. ==webbrute== Brute URLs ...

*OWASP ESAPI for PHP: Strong, Simple Security Controls for PHP Developers* Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Sec...

=nschaind= nschaind is a tool that detects if a certain DNS resolver is vulnerable to cache poisoning according to VU#800113 (the Dan Kaminsky bug). This report covers weaknesses in BIND 9, BIND 8 and MS Windows DNS Server. This tool tests only the BIND weaknesses, which are described in VU#252735...

=WAAT (Web Application Audit Tool)= WAAT is a framework and audit tool which dynamically detects/scans vulnerability points in a web application. [http://www.mitre.org MITRE] found that all application security tool vendors claims put together cover only 45% of the known vulnerability types ...

= !SourceSec Security Research Group's Miranda UPNP Administration Tool = Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devic...

=== With backmail you can track and control a remote machine even if has dynamic IP or if it's behind (almost) any firewall or strict NAT settings. === Installing backmail on a target machine, it periodically checks one of your webmail, waiting for special mails containing commands to execute. It...

= SecureHashing = == Password Hashing == This PHP class file implements (more) secure password hashing. It hashes passwords n times, highly dependent on the maschine its running on: it hashes until 1 second is over. The hashing algorithm is SHA512 by default, but one can implement providers to...