Open Source Frameworks

Laravel Notify is a package that lets you add custom notifications to your project. A diverse range of notification designs is available.

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for auditing Wi-Fi security check the list of features is quite broad.

Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs to support OAuth2, then you should use Laravel Passport. However, if you are attempting to authenticate a single-page application, or mobile application, or issue API tokens, you should use Laravel Sanctum. Laravel Sanctum does not support OAuth2; however, it provides a much simpler API authentication development experience.

Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted files to database records. Use Secure Cell to encrypt data at rest. Secure Cell is built around AES-256-GCM, and AES-256-CTR. Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. Based on ECC + ECDSA / RSA + PSS + PKCS#7.

The Password Guessing Framework is an open source tool to provide an automated and reliable way to compare password guessers. It can help to identify individual strengths and weaknesses of a guesser, its modes of operation or even the underlying guessing strategies. Therefor, it gathers information about how many passwords from an input file (password leak) have been cracked in relation to the amount of generated guesses. Subsequent to the guessing process an analysis of the cracked passwords is performed. In general though, any guesser that prints the password candidates via STDOUT can be used with the framework. The aforementioned password guessing / password cracking software is not part nor shipped with the framework and need to be installed separately.

Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for.

Sentinel is a PHP 8.1+ framework agnostic fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features.

Focus on building your startup, not fighting your framework. Redwood is the full-stack web framework designed to help you grow from side project to startup. Our mission is to help more startups explore more territory, more quickly. We begin by crafting a more integrated framework. We’ve chosen the world’s most popular rendering engine to power Redwood’s web frontend. With React, you’ll have your pick of learning materials, design systems, and trained employees. As your project grows, so will the number of client apps that need to talk to your backend. With a GraphQL API as your foundation, you can live in a multi-client world with ease. Interacting with your database has never been easier. Prisma’s extremely popular ORM allows you to focus more on your business logic and less on the intricacies of SQL. Optional TypeScript support gives you the best of JavaScript AND the best of a type system.

The PKI Framework (PKIF) is a cross-platform library for performing PKIX-compliant certificate processing. It includes support for SCVP, OCSP, CMS and Timestamps. It uses Windows CAPI, NSS or Crypto++ for cryptographic services and hardware support.

tirreno is an open-source security framework. tirreno [tir.ˈrɛ.no] helps understand, monitor, and protect your product from threats, fraud, and abuse. While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. tirreno is a few-dependency, "low-tech" PHP/PostgreSQL application. After a straightforward five-minute installation, you can ingest events through API calls and immediately access a real-time threat dashboard.

MathX is a fixed-length arithmetic-types written in pure c++ templates. The goal is to provide signed-integer, unsigned-integer, IEEE-754 float-point and fixed-point types, all with specific number of bits. To this moment, only signed-integer and unsigned-integer are completed for little-endain architecture. Any compiler that support c++03 or c++11 can successfully compile MathX. Refer to README for more information.

NimpSmartCard is a framework to interact with smart cards through PC/SC readers as well as test/production readers such as Micropross and Smartware. The framework comes with sample tasks and a sample terminal manager which supports scripts and logs

DNA is an open, flexible and extensible deep network analyzer software server and software architecture for gathering and analyzing network packets, network sessions and applications protocols, passively off enterprise class networks.

Open Source Single Sign-On (SSO) and Identity Management

The purpose of this project is to demonstrate Information Card interoperability on heterogeneous platforms written using Java language to support Apache Tomcat, JBoss & SUN Application Server platforms running on Linux.

JPA Security is an Access Control Solution for the Java Persistence API. JPA Security enables you to configure access control to your JPA Entity Beans based on the currently authenticated user and its roles via XML or Annotations.

JSecurity is a powerful and flexible open-source Java security framework that cleanly handles authentication, authorization, enterprise session management, and cryptography services.

A test framework for penetration testing Java classes and methods with randomized parameters and testing the results.

Java Crypt Framework (JCryptFX) is a java-based education project for de-/encrypting streams. It has a implementation of DES and TripleDES in it but the framework user can write own cryptography algorithms and stream types for it - includes a console app

The Java Object Instance Security Toolkit

** Guys I have built a much more powerful Fully Featured CMS system at: https://github.com/MacdonaldRobinson/FlexDotnetCMS Macs CMS is a Flat File ( XML and SQLite ) based AJAX Content Management System. It focuses mainly on the Edit In Place editing concept. It comes with a built in blog with moderation support, user manager section, roles manager section, SEO / SEF URL

Nubric (Near-real-time user behaviour and resource interaction control) is a framework for security and authentication-related modules written in Java. Its origin focus lies on network monitoring, dynamic, transparent firewalling and traffic control.

Open eSign allows software developers and technical parties in a company to create secure, online (web-based) forms and documents that follow a business process flow and enable legally recognized electronic signatures using digital signature technology.

Open Legacy Storage Document: Generic Document Archiving on Disk and Network(using MINA) Framework in Java for huge number of docs(up to 2^192 documents), efficient(Java NIO), crypto, net transfert, web retrieve, J2EE and eMail archiving compatible.

OpenUAT is a toolkit for authentication in ubiquitous computing systems.