(Page 3 of 3)   < Prev  1 2 3 

Category: Authentication » Web

Added 2002-06-26
by Matthew Mueller
ssh-multiadd adds multiple ssh keys to the ssh authentication agent. These may use the same passphrase. When run without arguments, it adds $HOME/.ssh/identity and $HOME/.ssh/id_dsa. Alternative file names can be given on the command line or in the configuration file. It uses ssh-askpass if necessary. Unlike ssh-add, if any of the keys use the same passphrase, you will only need to enter each unique passphrase once, and keys that are already added will not be prompted for again.

Added 2002-04-23
by Henrik Edlund, henrik@edlund.org
Averist is a module that adds an authentication layer to any CGI application written in Perl. It supports initial authentication through CGI (form), and it can use CGI (hidden form fields) or cookies for reauthentication after a configurable timeout. It can also use a local or remote SQL database or DBM file for storing the session keys for increased security. The username and password check at the initial authentication can be done via an LDAP directory, an SQL database, a DBM file, or a passwd style file. Averist is written in Perl for easy customization and expansion.

WASAT (Web Authentication Security Analysis Tool)
Added 2002-02-20
by Instituto Seguridad Internet
Web Authentication Security Analysis Tool is a Win32 application designed for the assessment of the security of different Web related authentication schemes, namely Basic Authentication and Forms-Based Authentication. WASAT is able to mount dictionary and brute force attacks of varying complexity against the target Web site. Password files can be easily configured to perform exhaustive searches. In order to improve speed, some different tricks and variations have been implemented.

Added 2002-02-13
by Paul Kruyt,
phpSecurePages is a PHP module to secures pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify your Web site viewers. It also has multiple language support and session support for both PHP3 and PHP4.

CHX-I Universal Application Firewall and Intrusion Detection Engine.
Added 2001-12-06
by IDRCI Inc.
CHX-I is a TCP Application firewall. New in version 1.7: - SSL taffic analysis engine allows for in-transit TCP payload firewalling - SSL server side transparent encryption allows encryption of TCP application services - In-transit TCP packet data modification allows for manipulation of sensitive or undesired data - Asynchronous reverse data flow search allows for traffic direction specifications - Multiple engine actions on traffic flow such as Drop, Log and Replace

Added 2001-10-24
by Leo Fellermayr
squid_auth_shadow is a small authentication module for squid. It uses information from /etc/shadow for authentication. Aliases for UNIX user names may be used and certain users may be explicitly blocked. The module works on every system which uses shadow passwords.

Form Scalpel
Added 2001-10-22
by curryman
"Form Scalpel" is designed to aid security professionals to assess the resilience of a web sites forms to various forms of attack. Supports HTTP/HTTPS, Proxy servers, Cookies, Java/javascript/vbscript/XML pages and forms - GUI interface. Detailed analysis of certificates and real-time manipulation of HTML data.

Added 2001-10-22
by Professional Web Design
The Gate Keeper is a cool snippet of JavaScript code that you can use to restrict access to some or all of your web pages without the need for any CGI scripting. Anyone who wishes to visit the protected pages will have to know the password.

Added 2001-10-22
by Michael Ströder, michael.stroeder@inka.de
pyCA is a project to create Certification Authority in Python. It will generate a CA certificate hierarchy and initial CRLs, generate certificate requests with widely used web browsers, provides a search tool for client certificates in the OpenSSL certificate database, download of client certificates/certificate revocation lists with appropriate MIME types, storing all certificate data in LDAP repositories, scripts for the handling of the certification process on a non-networked system holding the CA's private key(s) and fairly easy configuration based on the OpenSSL configuration file.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus