Test Updates for Leap 15.5

Test Updates for Leap 42.1

Test Updates for Leap 42.2

Test Updates for Leap 42.3

Various security tools that don't need their own subproject.

Please have a look at the Subprojects, listed at the 'Subprojects' tab for more tools.

AIDE is an intrusion detection system that checks file integrity

It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used to check the integrity of the file. All of the usual file attributes can also be checked for inconsistencies. It can read databases from older or newer versions. See the manual pages within the distribution for further info.

This is a set of tools that detect rootkit (a program that hides the presence of attackers) symptoms on a system. Rootkits can hide using kernel modules, but they always leave some small traces that can be detected with this program. However, it is always recommended to use this program from a rescue system or a system with a similar purpose.

NOTE: Automatically created during Factory devel project migration by admin.

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in

NOTE: Automatically created during Factory devel project migration by admin.

NOTE: Automatically created during Factory devel project migration by admin.

FIPSCheck is a library for integrity verification of FIPS validated
modules. The package also provides helper binaries for creation and
verification of the HMAC-SHA256 checksum files.

The haveged daemon feeds the linux entropy pool with random
numbers generated from hidden processor state.

For more information see http://www.issihosts.com/haveged/

The hmaccalc package contains tools which can calculate HMAC (hash-based
message authentication code) values for files. The names and interfaces are
meant to mimic the sha*sum tools provided by the coreutils package.

Tools for EVM enrolling of the Integrity Measurement Architecture EVM Tools.

SINIT AC modules for trusted boot on Intel(R) Trusted Execution Technology(INTER(R) TXT) ssystems

NOTE: Automatically created during Factory devel project migration by admin.

libkcapi allows user-space to access the Linux kernel crypto API.

libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.

The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API.

The kernel interface and therefore this library can be used by unprivileged processes.

The focus during the development of this library is put on speed. This library does not perform any memcpy for processing the cryptographic data! The library uses scatter / gather lists to eliminate the need for moving data around in memory.

libkcapi allows user-space to access the Linux kernel crypto API.

libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.

The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API.

The kernel interface and therefore this library can be used by unprivileged processes.

The focus during the development of this library is put on speed. This library does not perform any memcpy for processing the cryptographic data! The library uses scatter / gather lists to eliminate the need for moving data around in memory.

A library providing TPM functionality for VMs. Targeted for integration
into Qemu.

Lynis is a security and system auditing tool. It scans a system on the most interesting parts useful for audits, like:
- Security enhancements
- Logging and auditing options
- Banner identification
- Software availability

Lynis is released as a GPL licensed project and free for everyone to use.

See http://www.rootkit.nl for a full description and documentation.

OpenSCAP is a set of open source libraries providing an easier path for integration of the SCAP line of standards.

SCAP is a line of standards managed by NIST with the goal of providing a standard language for the expression of Computer Network Defense related information.

More information about SCAP can be found at nvd.nist.gov.

openscap report generator