Open Source Python Security Software

[[We are in the progress of moving to github]] Metalinks is a project to facilitate data distribution over mirrors and P2P networks. It does so by defining an XML format and the tools to handle these. The metalink files contain all the information needed to download and verify files.

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be teste

The csvdatamix project aims to randomize CSV input data files in order to conceal the original state of the data. Similar to data masking or data transformation. Also has mapping abilities to translate back to the original state of the data.

CryptoPy is a pure python implmentation of cryptographic algorithms and applications. The algorithms are developed for readability more than speed. The collection now includes IEEE 802.11i specific algorithms that generated the test vectors for 802.11i.

Phormat is a dataset format analysis tool to aid in the understanding and comprehension of unknown or undocumented file and protocol formats.

IMPORTANT : The project is now being hosted at http://code.google.com/p/ciform Plug'n Auth is an API providing easy integration of different authentication mechanisms into web applications. Within a few steps web admins will be able to change both the authentication backend and the logon frontend at any time with no further effort

a Project with All the bells and whistles to allow the average user to fully benefit from HTTP,DNS,FTP,SSH through python, allowing quick and easy deploying of servers without compiling, or installing anything but our favorite language.

SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So, SuStorID is a host-based Intrusion Detection System, and by means of modsecurity can access internal web server’s data (i.e. http request/response fields) exactly as Apache does.

WAPI, or WOMBAT API, is a SOAP-based API built in the context of the WOMBAT FP7 project (http://www.wombat-project.eu) to facilitate the remote access and exploration of security-related datasets.

Advanced Modern Web Application Manager for Linux Transform any website into a native desktop application

iTelliHashCSV is a cryptographic “one-way” hashing application designed to securely protect sensitive or private information from disclosure. Proper use of this program allows organizations, businesses, and individuals (i.e., the data owners) to share complete/intact datasets containing sensitive data with others without actually disclosing the sensitive or private information. Additionally, if such datasets are subsequently modified or enhanced through value-added services or products provided by other organizations or individuals and then returned, the data owner retains the ability to “re-map” the hashed sensitive data values back to their original values.

Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications.

Simple pygtk application for create and verify md5, crc32 and other checksum

A Python library to provide and automate XMLRPC over a SSH2 encrypted tunnel.

xmlsig is a multi-language, multi-platform implementation of XML signatures.

Pdf password cracker using password list