An implementation for the XML Security Standard using the W3C WebCrypto API
PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach to improve the security of OpenID Connect implementations by systematically detecting vulnerabilities.
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (http://nds.rub.de/ ) and the Hackmanit GmbH (http://hackmanit.de/).
A tool to generate media files with malicious metadata
SOAP webservices of different SOAP frameworks including samples for WS-Security.
Breaking the security of Microsoft's RMS
Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
Sec2 is a project funded by Federal Ministry of Education and Research: http://www.sec2.org
Simple application for playing with elliptic curves
Simple proxy designed to intercept and modify connections on the transport level. This means you can also modify TLS raw bytes.