These two files should help you to import passwords from mac OS X keychains to 1password.

mitmproxy is an SSL-capable man-in-the-middle HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.

Intercept and modify HTTP traffic on the fly
Save HTTP conversations for later replay and analysis
Replay both HTTP clients and servers
Make scripted changes to HTTP traffic using Python
SSL interception certs generated on the fly

Tarsnap is a secure online backup service for BSD, Linux, OS X, Solaris, Cygwin, and can probably be compiled on many other UNIX-like operating systems. The Tarsnap client code provides a flexible and powerful command-line interface which can be used directly or via shell scripts.

At the present time, Tarsnap does not support Windows (except via Cygwin) and does not have a graphical user interface.

n a two-part post I'm going to show you some tricks you can do with SSH logins. This post covers setting up two-factor SSH authentication with the Google Authenticator app.

I was recently getting some servers in shape so I can pass the Payment Card Industry standards questionnaire and one requirement was two-factor authentication access to the server. I queried whether SSH key + passphrase was acceptable but didn't get a clear answer so I figured I'd explore setting up another authentication factor myself, plus it piqued my interest.

After a bit of research I found it was possible using a PAM module but it doesn't work along with SSH key authentication (only password authentication) and I only use SSH key logins for my servers.

ollowing on from last weeks post about Simple Two Factor SSH Authentication this post shows you how to use the same SSH trick to create a multi-user private git server. I believe the principles here can also be applied to mercurial or subversion.

I was recently working on a client project that we converted to git, we hired an agency to work on the front-end for the project and they had four users that needed access. I didn't really want to create them individual accounts on the server so I started thinking how I could securely manage multiple-user access to a git repository running under a single git user without giving them shell access.

After a bit of research I identified two possible candidates gitosis and gitolite but they seemed overkill for what I was trying to achieve.

Sorry for the lame title. I was thinking the other day, about how awesome SSH is, and how it's probably one of the most crucial pieces of technology that I use every single day. Here's a list of 10 things that I think are particularly awesome and perhaps a bit off the beaten path.

The 404Project is a snippet of PHP client code you can add to the 404 error page on your web site that submits data to ISC for compiling and reporting. Your participation will contribute to the collection of information ISC monitors, compiles and reports on.

Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. The ATSPI Technology Office created the LPS family to address particular use cases. LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization's private network.

Netcat, also known as the Swiss-army knife for TCP/IP is capable of so many wonderful tasks, many people only know a partial amount of the features so I made a special cheat sheet for all the basic and more advanced features it supports.

Give us five minutes and we'll supercharge your website.

Save the following script in your libexec folder in nagios

Security in-a-box is a collaborative effort of the Tactical Technology Collective and Front Line. It was created to meet the digital security and privacy needs of advocates and human rights defenders. Security in-a-box includes a How-to Booklet, which addresses a number of important digital security issues. It also provides a collection of Hands-on Guides, each of which includes a particular freeware or open source software tool, as well as instructions on how you can use that tool to secure your computer, protect your information or maintain the privacy of your Internet communication.

Last week, Google enabled two factor authentication for everyone. This article explains how to install and configure Google Authenticator in conjunction with SSH for two factor authentication. Two-factor authentication relies on something you know (a password) and something you have (your phone).
You can use this existing implementation and Google Authenticator application with SSH via an included PAM in the Google Authenticator open source application.

LogMeIn Hamachi² is a hosted VPN service that securely connects devices and networks, extending LAN-like network connectivity to mobile users, distributed teams and business applications. You can easily create secure virtual networks on demand, across public and private networks.

When you're browsing from a public Wi-Fi connection—like at your favorite coffee shop—anyone on that network can snoop on what you're doing, with very few exceptions. So can the IT crew at your workplace. Today, we're going to walk through setting up an encrypted proxy server on your home computer so you can secure your browsing session no matter where you're connected, keeping your private data significantly more private.

People often claim that HTTPS content is never cached by the browser; perhaps because that seems like a sensible idea in terms of security. In reality, HTTPS caching is controllable with response headers just like HTTP.

Many Mac OS X users lament the lack of sophisticated network analysis tools, often prevalent and seemingly prolific on Linux systems. What many don't know is that Mac OS X comes with a built-in command-line tool to do all sorts of nifty things with Wi-Fi networks, from packet capture (traffic sniffing) to scanning nearby networks' signal to noise ratios.

Mac OS X ships with a command-line tool called airport that can do all sorts of nifty things with Wi-Fi networks. Unfortunately, it's so squirreled away that most people don't seem to know about it. The utility is part of the Apple80211 Private Framework used to power your Mac's Airport menubar icon.

Password fields.

We all have to deal them, but they’re never a joy to use. Clearly they have to be obfuscated in some way–to keep our passwords safe from bypassers’ prying eyes–but when you’re unable to see what you’re typing, it’s easy to become hesitant, nervous even, and unsure of whether you’re entering the right information.

For the previous post in this short series we looked at a script for creating masked password fields, and I’ve been very much moved by the strength of responses to that post. Boy, did you guys hate it! At the time I published it, I had reservations about certain aspects, but overall I thought it was a good idea.

The install for Macintosh OS X bundles Tor, Vidalia (a graphical interface for Tor), Torbutton, and Polipo (a web proxy) into one package, with the four applications pre-configured to work together. Download either the stable or the experimental version of the OS X bundle for Intel, or look for more options on the download page.

The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine.  The OISF has formed a multi-national group of the leading software developers in the security industry.  In addition to developers and a consortium consisting of leading cyber security companies, OISF has engaged the open source security community to identify current and future IDS/IPS needs and desires. 

The intent of this post is to increase awareness of AppArmor and encourage it's use by Ubuntu users. Although there are portions of this post that may seem quite technical, it is not my intent to give a full technical review of the workings of AppArmor or compare AppArmor to alternate options, such as SELinux.

The MySecTools idea was born when a user sent an email to the handlers at the SANS Internet Storm Center , where I am a volunteer handler, asking about an updated version of Sectools.org, which is a great website.
I decided to create this site with my preferred Security tools, which will be in different sections, like Malware Analysis tools, Network tools,etc...

Emerging Threats is an open source community project. Through the support of our community we are able to produce the fastest moving and most diverse Snort Signature set and firewall rules available. Other related projects find a home here as well. Matt Jonkman manages this project.

Suricata is the OISF IDP engine, the open source Intrusion Detection and Prevention Engine.

The following instructions will help you build and configure a low interaction honeypot based on nepenthes. The version of nepenthes in subversion is really the best one to use, so we'll have to build from source.

A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

Detects and prioritizes broad classes of security problems, such as dynamic cross-site trust model considerations, script inclusion issues, content serving problems, insufficient XSRF and XSS defenses, and much more.

OS X has a built-in sandbox feature for applications, which can restrict their access to certain parts of the system. There isn't a lot of documentation available on the sandboxing system, but I've successfully been able to sandbox Firefox. It has some limitations, but my plug-ins and add-ons work though yours may not.

YAF is Yet Another Flowmeter. It processes packet data from pcap(3) dumpfiles as generated by tcpdump(1) or via live capture from an interface using pcap(3) into bidirectional flows, then exports those flows to IPFIX Collecting Processes or in an IPFIX-based file format. YAF's output can be used with the SiLK flow analysis tools and any other IPFIX compliant toolchain.

This Tooltip will show you how to install SiLK and YAF on a single machine for standalone Flow collection and Analysis.

This instructable will show you how to make an inexpensive network tap to monitor your network.

Companies like Network Optics make incredible taps, for all sorts of media, but if you have 10/100 home network then for $18 in parts from home depot you can make a tap and send the output to YAF/snort/tcpdump/wireshark and see if any data is leaking that should not be.

Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service.

If you want to setup firewall rule with UFW use the one of the following procedure

linuxjournal: Host Identity Protocol for Linux http://tinyurl.com/yb8lspc