Software Map

py-bcrypt is a Python wrapper of OpenBSD's Blowfish password hashing code, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazières. This system hashes passwords using a version of Bruce Schneier's Blowfish block cipher with modifications designed to raise the cost of off-line password cracking and frustrate fast hardware implementation. The computation cost of the algorithm depends on a parameter, so it can be increased as computers get faster.

pam_imap is a PAM module that authenticates against a remote IMAP or IMAPS server. It supports multiple servers, SSL, password caching, user blacklists (for admin users), and many configuration abilities.

Smit is an ARP-level transproxy/sniffer, capable of relaying local traffic even in switched environment. The source is based on the arprelay and arpmitm tools, but offers a nice command line interface and option of saving raw packets into a file. It includes some tricky techniques for ARP-cache consistence. You can also run Smit in transproxy-only mode and use your favourite sniffer to capture 'hijacked' packets, and it includes a ring buffer option for high performance packet capture.

FakeBO fakes trojan server responses (Back Orifice, NetBus, etc.) and logs every attempt to a logfile, stdout/stderr or syslog. It is able to send fake pings and replies back to the client which is trying to access your system.

Jeta is a Horde wrapper around various Java SSH applets. Currently, it supports the SSHTerm applet from the SSHTools Project and the JTA applet (for non-commercial use only).

Barada (Barada Aint Respecting Any Deceptive Adversaries) is a PAM module that provides two-factor authentication support. There is companion software called Gort which runs on Android devices, essentially turning your phone into a SecureID token.

JVerify is a Java application that enables you to monitor for changes to any file on your Unix system, but most notably executable binaries, thus alerting you to a possibly backdoored binary. The minimum requirements are JDK1.5.

xbasics FireHash helps test the integrity of any
file through the generation of checksums/hashes.
It provides a simple, yet effective way for
generating cryptographic hashes based on many
different standard algorithms, including MD5 and
SHA512, among many others.

The Information Currency Web Services distribution provides an
interface to create tradable economic instruments from submitted
information. Information currency enables the cooperative mechanisms of
"economic calculation" to be directly applied to the management of that
information.

This script makes adjustments to the FreeBSD core and maximizes operational system security.

jEncrypt is a commandline file encryption archiver. Files are encrypted with the AES-CTR mode, which was recommended by the National Institute of Standards and Technology in 2001 (NIST SP 800-38A). AES-CTR mode only provides confidentiality. It requires a message authentication code such as CBC-MAC to ensure an encrypted message is not accidentally modified or maliciously tampered with, which jEncrypt currently does not provide.

Passcheck is a drop-in replacement or rewrite of
the original cracklib, and shares no code with the
original. It features an enhanced dictionary
check, and the ability to use the standard system
wordlist.

gpgwrap is a wrapper for gpg and its --passphrase-fd option.

MP3nema is a tool aimed at analyzing and capturing
data that is hidden between frames in an MP3 file
or stream, otherwise noted as "out of band" data.
This utility also supports adding data between
frames and capturing streaming audio.