Open Source PHP Security Software for Mac

RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/

X-Itools: eXtended Internet Tools. Suite of tools composed of several collaboration modules. Old and initial project born in 1999, 1st published in 2001 on Sourceforge. X-Itools E-mail management module (log analysis) initiated in 2004 with Web 1.0 technologies (private SVN server). X-Itools development restarted since 2011, on the basis of a unique module: E-mail management module (log analysis). Now based on web 2.0 technologies (ExtJS 4.1) and devel restarted because of a particular interest given to it by a world wide Organization (United Nations). Module renamed "X-Itools ELSE", for "X-Itools E-mail Log Search Engine". Some features: Log analysis and correlation of Postfix and Exchange servers, statistics, policy manager, in-deep analysis, automated network graphs for e-mail tracing, CSV export... The Swiss knife of Messaging Admins. In 2015, X-Itools ELSE is no more limited to E-mail logs: Apache logs are also processed and related stats and dashboards will be there!

BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL Redirection *Server Side Includes(SSI) Injection and more... Java version of this application can be found here: https://sourceforge.net/p/javavulnerablelab/

** Guys I have built a much more powerful Fully Featured CMS system at: https://github.com/MacdonaldRobinson/FlexDotnetCMS Macs CMS is a Flat File ( XML and SQLite ) based AJAX Content Management System. It focuses mainly on the Edit In Place editing concept. It comes with a built in blog with moderation support, user manager section, roles manager section, SEO / SEF URL

PHP script to protect DIV content (e.g. private data) from indexation by bots, spammers etc...The content is encrypted in the source and decrypted by entering the key in the CAPTCHA.

PHP functions and classes to add a Domain Key Identified Mail (DKIM RFC 4871) signatures to emails sent by PHP. It is based on the openssl extensions of PHP. It can generate DKIM signature but cannot verify them. Developped and tested on PHP 4.0.

This project is an attempt to redesign the snort database schema and to provide a new analysis frontend and associated tools.

Yokoso is a project geared toward fingerprinting infrastructure. Yokoso will determine what web interfaces are available on a specific network.

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques This is a fully functional web site with a content management system based on fckeditor. You can download it as source code or a pre configured

A Web Based Self Service Active Directory Password Reset Tool

AVirCAP is a system for manual and / or automated detection of CodeRed and Nimda type of hack attempts and virtually all other kinds of "logable" intrusion attempts. It can work stand alone or together with other additional AVirCAP machines in the LAN/W

Amnesia is a design-rich 'host-proof' web application that encrypts and remembers all sorts of personal information from passwords to private notes. Project now hosted at Google Code: https://code.google.com/p/amnesia-app/

ACID is a PHP-based analysis engine to search and process a database of security incidents generated by security-related software such as IDSes and firewalls (e.g. Snort, ipchains).

AIRT is an application for Computer Security Incident Response. The target audience of AIR is incident response groups which provide end-user support. AIRT is fully built using PHP4 on a Postgresql database.

Automated Security Tools (autosec) aims to provide automatic tools which network administrators may use to help check and test the security of their network.

You can encode your php files with this class

A simple access control app that intends to replace declarative jaas security in web.xml for web applications deployed on Jboss app server and TOMCAT container. Also include an extension for PHP applications.

CECID is a PHP script designed to anonymize and cloak HTTP requests on restrictive connections. CECID is run on a remote, unrestricted server, and accesses pages for users, editing the page's source in realtime to evade content filtering software.

Cancerbero (the watchdog of the ports) is a portscan frontend based in nmap. Scans the hosts of net ranges every configured interval and it'll store the results in a mysql DB. Detect changes in ports, services and OS and notice you with an email ale

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

Want to create your own CA? Have a pain typing openssl command? With Certificate Utilities, we include many functions like create private key. This is the most professional and free certificate toolkit based on openssl and lisenced under under GPL!

ClearPass (formerly BlowPass) is web based password storage system that uses the Blowfish algorithm and a Host-Proof design pattern.

This project is intended to host developer clients for openhuman.org web services - free collaborative protection system against userbase contamination by disposable email addressing (DEA) and public accounts.

Elemata is a free content management for personal use and commercial use at the moments. Elemata will provide you with the best CMS experience. Learn how to turn any html/css document into a theme at elematacms.com

Server/client suite which provides per-user access control/firewall/QOS. Robust and high speed implementation is secure against MAC/IP spoofing, and can scale to large networks with many clients. Options for additional monitoring and captive portal.