Analysis Console for Intrusion Databases: a PHP-based analysis engine to search and process a database of incidents generated by security-related software such as IDSes and firewalls
Andrisoft WanGuard Network Security Platform
(commercial) Andrisoft WanGuard Network Security Platform is an enterprise-grade network monitoring and protection solution that delivers the functionality NOC, IT, and security teams need to effectively monitor and protect their network through a single, integrated package.
BinarySEC is an intelligent Web application firewall. It suppresses 99.9% of malicious traffic on Web sites and applications. Its artificial intelligence engine learns normal traffic and blocks malicious requests with very high accuracy. BinarySEC secures against a wide range of attacks, including cross-site scripting (XSS), SQL injection, command injection, PHP includes, parameter tampering, buffer overflow, directory traversal, attack obfuscation, and more.
BlindElephant Web Application Fingerprinter
The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases.
CGI Port Scanner
CGI Port Scanner is a CGI script written in Perl with CGI.pm. It scans the TCP ports of a range of IPs or a host by name.
Codelock uses a unique "key" encryption method to encrypt your pages.
COMU Privacy Guard
COMU Privacy Guard is a Web based shell for GNU Privacy Guard. It enables users to perform the main functions of GnuPG on the Web.
Easy Firewall Generator for IPTables
Easy Firewall Generator for IPTables is a PHP Web application that generates an iptables firewall script.
(commercial) fBuilder is a Web-based utility for building and configuring your Linux firewall.
Firewall Admin allows network administrators to manage iptables rules from anywhere though a simple administration interface through a Web browser. Any user can extend it with plug-ins to interact with netfilter modules.
FreeIPA is an integrated security information management solution combining Linux (Fedora), Fedora Directory Server, MIT Kerberos, NTP, and DNS. It consists of a Web interface and command line administration tools. Currently, it supports identity management with plans to support policy and auditing management.
Gherkin is a web-enabled, multi-threaded, centralized security scan manager incorporating Nessus vulnerability scanning, dns and nmblookup host resolving, and nmap fingerprinting and scanning.
guard bash is a shell wrapper that will execute an authentication phase before any command is executed.
Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing.
Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc
nessquik is a fast Web-based Nessus scanner that is intended to replace the Nessus stand alone client. It uses the prototype.js library to provide a responsive interface even when dealing with all of the available Nessus plugins.
NessusWC provides a simple HTTP Web interface to the Nessus Security Scanner.
Nulog is a firewall log analysis interface written in php. Netfilter is able to log selected packets directly in a database like MySQL or PostgreSQL. Nulog uses this interface to display security events in real-time on a user-friendly interface.
OWASP Zed Attack Proxy
OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications.
p0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for evidence or information gathering on servers, firewalls, IDSes, and honeypots, or for pen-testing.
PHP Screw is a PHP script encryption tool. When you are developing a commercial package using PHP, the script can be distributed as encrypted up until just before execution, preserving your intellectual property.
PHP-NMAP is a PHP Web frontend for nmap, a network exploration tool and security/port scanner.
PHPki is an Open Source Web based application for managing a multi-agency "Public Key Infrastructure" for HIPAA compliance. It may be used to create and centrally manage X.509 digital certificates for use with S/MIME enabled e-mail clients.
PHPkrm is a Web-based GNUPG keyring manager. It allows anonymous visitors to add their own public keys and download all keyrings, and allows synchronization with external servers to refresh the keys and/or upload the keys.
Placid is a Web-based frontend for Snort that uses MySQL. It was created as a replacement for CMU's ACID.
PortWatcher will regularly scan switches in a LAN and record into a DB which MAC/IP addresses are assigned to which ports. The result is that network administrators will be automatically informed of any new devices which are attached to their networks.
ratproxy is a semi-automated, largely passive Web application security audit tool optimized for accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments.
Security Management And Risk Tracking
Security Management and Risk Tracking (SMART) is a Web-based application to manage an information security program. This is a comprehensive solution that enables a corporation to manage an information security policy, security policy exception handling, security certification and accreditation, third party connection management, asset and vendor management, and issue tracking for security audit, pen testing, SOX, and so on.
SIGOF (Security Information Graphics Oriented Forensic) has been developed as a complement to the ACID or BASE project by implementing useful and detailed graphical presentation of security information/events. This program can exploit any secuity information stored in an ACID/BASE database schema. SIGOF introduces another way to manage security forensics and analysis by providing graphical representation of statistical and security trends. This approach provides the ability to manage a large amount of security events.
Snorby is a new and modern Snort IDS front-end. The basic fundamental concepts behind snorby are simplicity and power. The project goal is to create a free, open source and highly competitive application for network monitoring for both private and enterprise use.
(commercial) SourceGuardian provides bytecode encryption to hide the source of PHP applications by removing the original PHP Source Code.
Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts that can be used separately or in combination. The first part is a small patch against the PHP core that implements a few low-level protections against buffer overflows or format string vulnerabilities. The second part is a powerful PHP extension that implements all the other protections. Suhosin is binary compatible with plain PHP installations.
Thresh is an application for Snort that manages alert thresholding and suppression. It was designed to assist the administrator with tuning one or more Snort sensors. It was designed to run under Red Hat flavors of Linux. It summarizes Snort Alerts by alert count, allows creation and editing of threshold.conf files, prunes your Snort database based on your tunings, and allows you to preview your alert suppressions before deletion.
TreeDiskUsage is a Web based disk usage analysis tool. It is divided into two parts, the scanner and the viewer. It can scan multiple PCs and view the results in one place.
Turtle Firewall is a firewall configuration project based on Linux 2.4.x and iptables. It has a web interface with an intuitive Webmin module. Read more
WAF-FLE is a web application fireall. It provides a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle.
WebCert is a Web application to generate and manage digital certificates in cases where no "full" CA is needed. It is for those who need a cert quickly and don't have the hang of the OpenSSL command line.
WhiteHat Arsenal is designed to be the next generation of professional web application security audit software.