-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy pathtools.yml
More file actions
102 lines (88 loc) · 5.35 KB
/
tools.yml
File metadata and controls
102 lines (88 loc) · 5.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
- id: ALCC
name: Automated Legal Compliance Checking
description: A tool for automated analysis of security policies in IT designs against the EU DPD regulation.
urlDocumentation:
external: https://sites.google.com/view/eu-dpd-gdpr-compliance/home
- id: ASASP
name: ASASP
nameAddon: Automated Symbolic Analysis of Security Policies
description: A tool for the automated safety analysis of administrative access control policies in (extensions of) the Role-Based Access Control (RBAC) model.
urlDocumentation:
unit: /tools/ASASP
- id: CPR
name: CPR
nameAddon: Content-based Information Protection and Release
description: A tool for the analysis and enforcement of access control policies in NATO operations.
urlDocumentation:
unit: /tools/CPR
- id: CryptoAC
name: CryptoAC
logo: CryptoAC_logo.png
description: To facilitate the adoption of cloud by organizations, cryptographic access control is the obvious solution to control data sharing among users while preventing partially trusted cloud service providers to access sensitive data. In this context, CryptoAC implements a state of the art role-based cryptographic access control scheme; CryptoAC comes with an easy deployment process, it supports 81 different architectures and it is cloud-independent, i.e., it can be seamlessly deployed in all major cloud service providers.
urlCode: https://github.com/stfbk/CryptoAC
urlDocumentation:
unit: /tools/CryptoAC
- id: Micro-Id-Gym
name: Micro-Id-Gym
description: A framework where users can develop hands-on experiences on how IdM solutions work and increase their awareness related to the underlying security issues.
urlCode: https://github.com/stfbk/micro-id-gym/
urlDocumentation:
unit: /tools/Micro-Id-Gym
- id: mIDAssistant
name: mIDAssistant
description: An Android Studio plugin that guides native mobile app developers with secure integration of Single Sign-On and Access Delegation solutions within their apps.
urlCode: https://github.com/stfbk/mIDAssistant
urlDocumentation:
external: https://sites.google.com/fbk.eu/midassistant/home
- id: mIDAssistant_iGov
name: mIDAssistant_iGov
description: An Android Studio plugin that guides native mobile app developers with secure integration of OpenID Connect iGov profile (OpenID Connect iGov) solutions within their apps.
urlCode: https://github.com/stfbk/mIDAssistant_iGov
- id: MQTTSA
name: MQTTSA
nameAddon: MQTT Security Assistant
description: A tool designed to increase the security awareness of IoT developers by automatically assessing misconfigurations in MQTT-based environments and by providing a report of potential vulnerabilities and mitigation measures at a different level of details - from natural language descriptions to code snippets that can be cut-and-paste in actual deployments.
urlCode: https://github.com/stfbk/mqttsa
urlDocumentation:
external: https://sites.google.com/fbk.eu/mqttsa
- id: MuFASA
name: MuFASA
description: A tool for high-level specification and analysis of MFA protocols, which aims at supporting normal users and security experts (in the design phase of an MFA protocol), providing a high level report regarding possible risks associated to the specified MFA protocol, its resistance to a set of attacker models (defined by NIST), its ease-of-use and its compliance with a set of security requirements derived from European laws.
urlDocumentation:
unit: /tools/MuFASA
- id: PILLAR
name: PILLAR
nameAddon: Privacy risk Identification with LINDDUN and LLM Analysis Report
logo: PILLAR_logo.png
description: >
PILLAR is a privacy threat modeling assistant that brings the power of large language models (LLMs) to the established LINDDUN framework. Simply feed PILLAR a natural-language system description, and it will transform it into comprehensive threat models with limited input from users. It provides three variants of LINDDUN threat modeling: SIMPLE, LINDDUN GO (by simulating multi-agent collaboration in a virtual threat modeling workshop), and PRO.
urlCode: https://github.com/stfbk/PILLAR
urlDocumentation:
unit: /tools/PILLAR
- id: SATMC
name: SATMC
description: SAT-based Model-Checker for Security Protocols and Security-sensitive Applications.
urlDocumentation:
unit: /tools/SATMC
- id: SecSES
name: SecSES
description: A tool providing a flexible access control mechanism for APIs.
urlDocumentation:
unit: /tools/SecSES
- id: SecurePG
name: SecurePG
description: "A Java-based tool that allows policy administrators to generate, verify and enforce abstract Access Control (AC) policies in two of the most widely used Cloud Service Providers: Amazon AWS and OpenStack."
urlDocumentation:
external: https://sites.google.com/view/securepg/home
- id: STIATE
name: STIATE Toolkit
description: Supports development teams toward security assessment of their under-development applications focusing on subtle security logic flaws that may go undetected by using current industrial technology.
urlDocumentation:
unit: /tools/STIATE
- id: TLSAssistant
name: TLSAssistant
logo: TLSAssistant/TLSAssistant.png
description: A fully-featured tool that combines state-of-the-art TLS analyzers with a report system that suggests appropriate mitigations and shows the full set of viable attacks.
urlCode: https://github.com/stfbk/tlsassistant
urlDocumentation:
unit: /tools/TLSAssistant