Search Results for "web attacks" - Page 3
Sort By:
Showing 139 open source projects for "web attacks"
View related business solutions-
World class QA, 100% done-for-youMuukTest is a test automation service that combines our own proprietary, AI-powered software with expert QA services to help you achieve world class test automation at a fraction of the in-house costs.
-
The AI coach for teams, built on validated assessments.Give managers and teams proactive, contextual coaching to lead effectively, communicate clearly, and navigate real work situations as they happen.
-
1
mod_spamhaus_new
Apache 2.4.x security, block known bad IP
mod_spamhaus_new is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block HTTP DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. This module is based on mod_spamhaus but has been updated for actual web server configurations and to support a list of domains, which are NOT spam blocked so customers can reach you even if they got a dynamic IP which is on a spam list. ... -
2
King Phisher
Phishing Campaign Toolkit
King Phisher is an open source tool that can simulate real world phishing attacks. It has an easy-to-use, flexible architecture that allows for full control over both emails and server content. It is useful for running awareness campaigns and training, and can only be used for legal applications when the explicit permission of the targeted organization has been obtained. -
3
SlimMVC.js
Your Slim MVC JavaScript
A simple JavaScript framework to implement MVC pattern and safe against XSS attacks using nodeValue property rather innerHTML. -
4
httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.
-
Empower Your Workforce and Digitize Your Shop FloorEasily connect to most tools and equipment on the shop floor, enabling efficient data collection and boosting productivity with vital insights. Turn information into action to generate new ideas and better processes.
-
5
Injectify
Perform advanced MiTM attacks on websites with ease
Perform advanced MiTM attacks on websites with ease. Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension). Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a database. -
6
DbPipeline.NET
OR-Mapper for C# and VB.NET that is better than Entity Framework
The DbPipeline.NET OR-Mapper library was created out of frustration of the shortcomings of Entity Framework in handling stateless web applications and hiding of SQL from skilled developers. The DbPipeline.NET Database Interface Library shields you, the programmer, from having to learn and work with all the ADO.NET or Entity Framework database objects at a low level, and encapsulates all this power into objects with many additional capabilities and features that are not offered in the... -
7
REST framework JWT Auth
JSON Web Token Authentication support for Django REST Framework
JSON Web Token Authentication support for Django REST Framework. This package provides JSON Web Token Authentication support for Django REST framework. Unlike some more typical uses of JWTs, this module only generates authentication tokens that will verify the user who is requesting one of your DRF protected API resources. The actual request parameters themselves are not included in the JWT claims which means they are not signed and may be tampered with. -
8
lua-resty-waf
High-performance WAF built on the OpenResty stack
lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it... -
9
payloadmask
Payload list editor to use techniques to bypass WAF
Payload mask tool to edit web payload lists to try bypass web application firewall. A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. -
Build experiences that drive engagement and increase transactionsSendbird's chat, voice, and video APIs power conversations and communities in hundreds of the most innovative apps and products. Sendbird’s feature-rich platform, and pre-fab UI components make developers more productive. We take care of a ton of operational complexity under the hood, so you can power a rich chat service, and life-like voice, and video experiences, and not worry about features, edge cases, reliability, or scale.
-
10
VXE (Virtual eXecuting Environment) is an Intrusion Prevention System (IPS). It protects Linux servers from hacker attacks from network, etc. It protects software subsystems, such as: SMTP, HTTP and any other subsystem, already installed at the server.
-
11
zxcvbn
Low-budget password strength estimation
...It runs in milliseconds and works as-is on web, iOS and Android. -
12
SWF Investigator
Adobe SWF Investigator enables full analysis of SWF applications.
...From a dynamic perspective, you can call functions within the SWF, load the SWF in various contexts, communicate via local connections and send messages to Action Message Format (AMF) endpoints. SWF Investigator contains an extensible fuzzer for SWF applications and AMF services, so you can search for common Web application attacks. This toolset also provides a variety of utilities including encoders and decoders for SWF data, as well as a basic AS3 compiler. -
13
Nozes_cmd-manager
tool to follow pentest and gain time at attacks.
Nozes CMD manager, is a tool to follow pentest and gain time at attacks. https://github.com/CoolerVoid/nozes https://www.youtube.com/watch?v=14CPnr7-gw4 -
14
Echo Mirage
Hook into application processes and monitor network interactions
...Echo Mirage aids in thorough security analysis by allowing testers to identify potential weaknesses and simulate attacks on application communication. -
15
MVProc
MVC web platform for Apache and MySQL Stored Procedures
MVProc is a Model-View-Controller module for Apache2 that facilitates using MySQL stored procedures as the controller element. NOTE: Version 2.1 is STABLE and currently in production use. NOTE: Versions 1.4+ are for Apache2.4 - in order to run on Apache2.2, replace request_rec->useragent_ip references with request_rec->connection->remote_ip (there are 3 in the source code) -
16
Infernal Wireless
Infernal Wireless Penetration Testing Suite
Infernal Wireless – Penetration testers tools Infernal Wireless Penetration testing tool is created to aid the penetration testers during wireless assessment. Having looked around we all see a lot of penetration testing suits which can automate the process of penetration testing easier for us during Web or other kind of audits, but I did not find one for wireless hacking, except some commercial tools. So, I thought how about to create a tool which automate many different type of attacks with a click of button and save us some time. We got to admit that some of the attacks can get complex. Well, I decided to create the suite and make use of publicly available tools to achieve it. ... -
17
ngx_lua_waf
ngx_lua_waf
ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead. -
18
Simple Site Protection
Secure login system for php frameworks, applications ansd sites
...The objective of these routines is to supply a secure login system to be wrapped round php applications and websites so that developers do not need to write their own. These libraries have been hardened against most web type attacks. Now has internationalisation and multiple languages. -
19
-
20
PAVS
PHP Application Vulnerability Scanner
PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation -
21
WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks. WS-Attacker is developed by the Chair of Network and Datasecurity, Ruhr-University Bochum (http://nds.rub.de/) and the 3curity GmbH (http://3curity.de/).
-
22
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
23
HoneyDrive
Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.
HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to... -
24
IPTC-Attacker
Testing for XSS via IPTC metadata
As an open source penetration testing tool, IPTC-Attacker allows to create an image with IPTC metadata containing testing vectors for Cross-Site Scripting attacks. Each checkbox can be used to include a huge collection of payloads into the selected tags (HTML5sec, XSS Cheat Sheet). If a checkbox will be not selected, the string aaa'bbb"ccc<ddd is automatically included into the unchecked IPTC tag. Therefore, testing for XSS vulnerabilities via IPTC metadata is possible by looking into the source code of the attacked Web application; strictly speaking for aaa'bbb"ccc<ddd or alternatively by verifying if, for example, alert-windows appear due to the XSS vector collection. -
25
hNix OS
A vulnerable lab for IT Security professionals & students
A vulnerable toolkit & lab for IT Security Professionals, Hackers and Students. This is a Linux based Operating System & has been developed for those concerned with IT Security. Contains various software, exploits and is vulnerable to attacks. This project is a fork of the project MyLab@Home developed by Huzaib Shafi (http://www.shafihuzaib.com)
