Open Source Mac Protocols

mendelson AS4 is a free JAVA-based open source AS4 solution. Contains a monitoring- and configuration GUI (SWING), supports PUSH and PULL messages, ENTSOG AS4, e-SENS AS4, ebMS AS4, BDEW AS4, PEPPOL AS4, ICS2 AS4, signatures (SOAP, payload), selectable profile per trading partner, encryption (SOAP, payload), UserNameToken, TLS, pluggable into any servlet container, trading partner management, compression, certificate management

OpenVPN ALS is a web-based SSL VPN server written in Java. It has a browser-based AJAX UI which allows easy access to intranet services. OpenVPN ALS is a direct descendant of Adito, which was a fork of SSL-Explorer.

A Python library to provide and automate XMLRPC over a SSH2 encrypted tunnel.

The Secure Mobile Agents (SeMoA) platform constitutes a secure runtime environment for Java-based mobile software agents.

SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So, SuStorID is a host-based Intrusion Detection System, and by means of modsecurity can access internal web server’s data (i.e. http request/response fields) exactly as Apache does.

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be teste

Samizdat is a toolkit for Java for building Kerberos secured distributed, message-oriented applications. The toolkit contains base classes that simplifies the management of Kerberos login contexts as well as flexibly sign and seal messages between principals using the Java GSS API. The toolkit contains Transformation classes for Kerberizing JMS traffic as well as a super-lean HTTP based protocol stack that supports both Synchronous (RPC) and Asynchronous modalities.

APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter in an API. The application is available as a Windows exe file.. In progress and planned features: -More test cases to attack target API. -Add APIs and define sequence. -Read APIs from doc link. -Business Logic test. TODO: Build for Linux (and may be OS X).

FedStage FedSAML is a software aiming to implement security SAML2.0 standard, supporting low ((de)serialization) and higher level (easy way of creating and verifying security-related data, own extension elements,...) of creating SAML-related data for Web

Gateway Anti-Virus allows applications across the enterprise to check files for viruses by providing a SOAP-based virus scanning web service. The system uses clamav for virus definitions and detection.

This is actualy a modificated version of the well known phpMyID. The goal is to keep the simplicity of phpMyID, but yet make it possible to use it as a multiuser openID that draws its data from an existing MySQL database.

Identityflow provides a framework for building protocol flows that perform distributed Identity operations. Examples of Identity Operations are Single Sign-On (SSO) and Attribute queries.

A basic platform for enterprise informatization development, it is planned to integrate common business functions of OA (office automation), CMS (content management system) and other enterprise systems. The JeePlatform project is a SpringBoot core framework, which integrates ORM framework Mybatis and Web layer framework SpringMVC A common basic platform with a variety of open source component frameworks, the code has been donated to the open-source Chinese community. The JeePlatform project is a general basic platform with SpringBoot as the core framework, ORM framework Mybatis, Web layer framework SpringMVC and various open-source component frameworks. The code has been donated to the open-source Chinese community.

The project consist in an open source implementation of the W3C Recommendation of the XML Key Management Specification 2.0 XKMS 2.0. It is compound of a XKMS Server and a Client API to access to the Server via Web Service.

IMPORTANT : The project is now being hosted at http://code.google.com/p/ciform Plug'n Auth is an API providing easy integration of different authentication mechanisms into web applications. Within a few steps web admins will be able to change both the authentication backend and the logon frontend at any time with no further effort

Java-based security platform which provides a multi-user service middleware for distributed systems. Features: service environment, Shell-based interaction, user authentication (password, soft-token, smard-card), policy enforcement, Web services support

Terrier is a RBAC framework, business oriented and with focus on manageability and access control. Integrating all company tecnhnologies (java, ruby, delphi and others). The owner of a system can manage and delegate manageability to the systems, reducing

WAPI, or WOMBAT API, is a SOAP-based API built in the context of the WOMBAT FP7 project (http://www.wombat-project.eu) to facilitate the remote access and exploration of security-related datasets.

The purpose of eAudit is to provide a comprehensive reporting capability relating to Electronic Auditing for various industries.

Tcpconns:simple package for rapid development of multi-threaded client/server solutions (JAVA OpenJDK17+) with TLS (V1.3).