Repositories list

• stfbk.github.io

  Public
  Website of the Security & Trust Research Unit, in Fondazione Bruno Kessler

  HTML

  •18•4•0•0•Updated Nov 8, 2024Nov 8, 2024

• tlsassistant

  Public
  An open-source modular framework capable of identifying a wide range of TLS vulnerabilities and assessing compliance with multiple guidelines. Its actionable report can assist the user in correctly and easily fixing their configurations.

  tlshstsnist+ 17robothttpscrimerc4certificate-transparencycompliancepoodle+ 10

  Python

  •

  Apache License 2.0

  •13•39•0•1•Updated Nov 8, 2024Nov 8, 2024

• mig-t

  Public
  A web pentesting and compliance tool to help security testers automate their testing activites.

  cybersecuritypenetration-testingautomated-testing+ 3security-toolsburp-extensionspenetration-testing-tools

  Java

  •

  Apache License 2.0

  •5•4•7•1•Updated Nov 8, 2024Nov 8, 2024

• mig

  Public
  Micro-ID-Gym is a software suite designed to aid security researchers and developers in testing Identity Management protocols implementations

  testingoauth2compliance+ 3security-testingsecurity-compliancepenetration-testing-tools

  Python

  •

  Apache License 2.0

  •4•2•0•0•Updated Nov 4, 2024Nov 4, 2024

• PILLAR

  Public
  An AI-Powered Privacy Threat Modeling tool based on the LINDDUN framework by leveraging Large Language Models.

  privacyrisk-analysismultiagent+ 5threat-modelingrisk-assessmentprivacy-toolslinddunllms

  Python

  •

  Apache License 2.0

  •2•10•0•0•Updated Oct 31, 2024Oct 31, 2024

• pullprinting

  Public
  Pullprinting project developed in Security&Trust in FBK

  Java

  •0•2•0•6•Updated Oct 23, 2024Oct 23, 2024

• tls-compliance-dataset

  Public
  A dataset containing TLS requirements to assess a webserver's compliance with national cybersecurity agencies

  recommendationstlsnist+ 7mozillacomplianceguidelinesagidcipher-suitesbsianssi

  Python

  •

  Creative Commons Attribution 4.0 International

  •0•0•0•0•Updated Oct 10, 2024Oct 10, 2024

• tlsassistant-testbed

  Public
  Simple and automatic test bed implementation for tlsassistant

  Shell

  •

  Other

  •0•3•0•0•Updated Sep 15, 2024Sep 15, 2024

• TLS-Scanner

  Public
  The TLS-Scanner Module from TLS-Attacker - based on @IvanValentini's work

  Java

  •

  Other

  •39•0•0•0•Updated Jul 23, 2024Jul 23, 2024

• A-Secure-and-Quality-of-Service-Aware-Solution-for-the-End-to-End-Protection-of-IoT-Applications

  Public
  Kotlin

  •

  Apache License 2.0

  •0•0•0•0•Updated Jun 12, 2024Jun 12, 2024

• mqttsa

  Public
  A tool to assist IoT developers in securing MQTT-based IoT deployments

  mqttsecurity

  Python

  •

  Apache License 2.0

  •8•40•0•0•Updated Mar 26, 2024Mar 26, 2024

• CryptoAC

  Public
  CryptoAC is an open-source tool for the E2E protection of sensitive data through cryptographic enforcement of access control policies.

  open-sourcecryptographysecurity

  JavaScript

  •

  Apache License 2.0

  •0•2•0•0•Updated Jan 17, 2024Jan 17, 2024

• micro-id-gym

  Public
  JavaScript

  •1•4•1•19•Updated Jan 16, 2024Jan 16, 2024

• tls-table

  Public
  Generates mappings between IANA TLS hex values and their corresponding cipher names in GnuTLS, NSS, and OpenSSL

  Python

  •

  Mozilla Public License 2.0

  •12•1•0•0•Updated Jan 11, 2024Jan 11, 2024

• ACME

  Public
  Access Control Mechanisms Evaluator

  Python

  •

  Apache License 2.0

  •0•1•0•0•Updated Jan 10, 2024Jan 10, 2024

• ACE

  Public
  AC state-change rule extraction procedurE

  Python

  •

  Apache License 2.0

  •0•1•0•0•Updated Nov 5, 2023Nov 5, 2023

• .github

  Public
  0•0•0•0•Updated Oct 10, 2023Oct 10, 2023

• TDSC2022_SymbolicAnalysis

  Public
  ReScript

  •1•0•0•0•Updated Apr 20, 2023Apr 20, 2023

• vc-saml-node

  Public
  Verifiable Credentials issued and verified by SAML service providers -- a proof of concept implementation

  saml2eidasverifiable-credentials

  JavaScript

  •0•2•0•22•Updated Dec 13, 2022Dec 13, 2022

• AuBACE

  Public
  Audit-Based Access Control Enforcement (AuBACE) is a DLT-oriented framework to support controlled information sharing

  Go

  •

  Apache License 2.0

  •0•0•0•4•Updated Dec 11, 2022Dec 11, 2022

• Mitigating-Debugger-based-Attacks-to-Java-Applications-with-Self-Debugging

  Public
  This repository collects complementary material for the article "Mitigating Debugger-based Attacks to Java Applications with Self-Debugging".

  Java

  •0•1•0•0•Updated May 6, 2022May 6, 2022

• MSRMP

  Public
  Multi-Stakeholder Risk Assessment Tool

  Java

  •0•0•0•0•Updated Jan 12, 2022Jan 12, 2022

• SECRYPT2021

  Public archive
  0•0•0•0•Updated May 19, 2021May 19, 2021

• mallodroid

  Public archive
  Find broken SSL certificate validation in Android Apps

  Python

  •

  GNU Lesser General Public License v3.0

  •31•1•0•0•Updated May 13, 2021May 13, 2021

• mIDAssistant_iGov

  Public
  An Android Studio Plugin to Integrate OpenID Connect iGov Profile within Native Apps

  Java

  •0•1•0•0•Updated Sep 18, 2020Sep 18, 2020

• mIDAssistant

  Public
  Java

  •0•0•0•0•Updated Sep 15, 2020Sep 15, 2020

• CODASPY2020_FormalAnalysis

  Public archive
  This repository contains the complementary files referred to in the paper "The Good, the Bad and the (Not So) Ugly of Out-Of-Band Authentication with eID Cards and Push Notifications: Design, Formal and Risk Analysis", accepted to the 10th ACM Conference on Data and Application Security and Privacy (CODASPY ‘20).

  0•0•0•0•Updated Jan 9, 2020Jan 9, 2020

• i2cns-19

  Public archive
  Jupyter Notebook

  •0•1•0•0•Updated Nov 25, 2019Nov 25, 2019

• socrates-replication-package

  Public archive
  SoCRATES is framework for Ethereum Smart Contract test cases generation

  Jupyter Notebook

  •

  Apache License 2.0

  •1•0•0•2•Updated Oct 25, 2019Oct 25, 2019

• ITOTLab

  Public
  An open and flexible cybersecurity training laboratory in IT/OT infrastructures

  C++

  •0•0•0•0•Updated Sep 4, 2019Sep 4, 2019