Search Results for "web attacks"
Sort By:
Showing 33 open source projects for "web attacks"
View related business solutions-
Secure your business by securing your people.Take the guesswork out of password management, shadow IT, infrastructure, and secret sharing so you can keep your people safe and your business moving.
-
Information Security Made Simple and Affordable | CarbideGet expert guidance and smart tools to launch or level up your security and compliance efforts without the complexity.
-
1
BeEF
The browser exploitation framework project
...BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
3
Node Argon2
Node.js bindings for Argon2 hashing algorithm
A Node.js library for hashing passwords securely using the Argon2 key derivation function, a modern cryptographic algorithm. -
4
Phusion Passenger
A fast and robust web server and application server for Ruby
Passenger® is an app server that runs and automanages your web apps with ease. Also improves security, reliability and scalability. Passenger 6 introduces standardization across your stack by supporting all languages. From business-critical apps with billions of requests per day to small side projects, Passenger is tailored for each scenario. Passenger has a myriad of features that are invaluable to today’s web apps and microservice APIs. You get these benefits (and more) by simply... -
Feroot AI automates website security with 24/7 monitoringFeroot unifies JavaScript behavior analysis, web compliance scanning, third-party script monitoring, consent enforcement, and data privacy posture management to stop Magecart, formjacking, and unauthorized tracking.
-
5
Locust
Scalable open source load testing tool
Locust is an open source user load testing tool written in Python. The idea behind Locust is to swarm your web site or other systems with attacks from simulated users during a test, with each user behavior defined by you using Python code. This swarming process is then monitored from a web UI in real-time, and will help identify any bottlenecks in your code before real users can come in. As it is completely event-based, Locust can have thousands or even millions of simultaneous users distributed over multiple machines swarming your system. ... -
6
Lapis
A web framework for Lua and OpenResty written in MoonScript
Lapis is a framework for building web applications in Lua (or MoonScript) that primarily targets OpenResty, a high-performance web platform that runs on a customized version of Nginx. Lapis can also be used in other server environments, being compatible with any modern version of Lua. With OpenResty, Lua is run directly inside of the Nginx worker using LuaJIT, giving you the smallest barrier between the webserver and your code. Have a look at Web Framework Benchmarks just to see how... -
7
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Spring Security uses a Gradle-based build system. In the instructions, ./gradlew... -
8
Marked
A markdown parser and compiler. Built for speed
...The only completely secure system is the one that doesn't exist in the first place. Having said that, we take the security of Marked very seriously. To prevent ReDoS attacks you can run marked on a worker and terminate it when parsing takes longer than usual. Marked can be run in a worker thread on a node server, or a web worker in a browser. Only current and LTS Node.js versions are supported. End-of-life Node.js versions may become incompatible with Marked at any point in time. -
9
node-rate-limiter-flexible
Count and limit requests by key with atomic increments
rate-limiter-flexible counts and limits number of actions by key and protects from DDoS and brute force attacks at any scale. It works with Redis, process Memory, Cluster or PM2, Memcached, MongoDB, MySQL, PostgreSQL and allows to control of requests rate in single process or distributed environment. All operations in memory or distributed environments use atomic increments against race conditions. Combine limiters, block key for some duration, delay actions, manage failover with insurance... -
JS7 JobScheduler is an open source workload automation solution.JS7 JobScheduler is an open source workload automation solution. It is used to run executable files, shell scripts etc. and database procedures.
-
10
jsoup
Java library for working with real-world HTML
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. jsoup is designed to deal with all varieties of HTML found in the wild; from pristine and validating, to invalid tag-soup; jsoup will create a sensible parse tree. The parser will make... -
11
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
12
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
13
amber
A Crystal web framework that makes building applications fast
...Instead of having to plan where things go, Amber comes with a set of conventions to guide you in developing your application. Tools are built-in to prevent and mitigate common attacks against web applications. Minimize the risk of SQL injection, form tampering, cross-site request forgery, and several other attacks. Crystal is a type safe, compiled language inspired by the simplicity of Ruby. -
14
Node.js express.js MongoDB JWT REST API
Node.js express.js MongoDB JWT REST API - Basic Project Skeleton
This is a basic API REST skeleton written on JavaScript using async/await. Great for building a starter web API for your front-end (Android, iOS, Vue, react, angular, or anything that can consume an API) This project is created to help other developers create a basic REST API in an easy way with Node.js. This basic example shows how powerful and simple JavaScript can be. Do you want to contribute? Pull requests are always welcome to show more features. -
15
0xsp Mongoose RED for Windows
Framework for cybersecurity simulation and red teaming operations
0xsp mongoose red version is provided to assist your needs during cyber security simulation, by using this version you will be able to audit a targeted Windows operation system for system vulnerabilities, misconfiguration, and privilege escalation attacks and replicate the tactics and techniques of an advanced adversary in a network. With node js support for web application API, it becomes much easier for installation and customization in a timely manner, the windows sensor agent will communicate with application API to transfer results and receive commands as a bidirectional technique. -
16
LAppS
Lua Application Server for micro-services with default communication
This is an attempt to provide very easy-to-use Lua Application Server working over WebSockets protocol (RFC 6455). LAppS is an application server for micro-services architecture. It is build to be highly scalable vertically. The docker cloud infrastructure (kubernetes or swarm) shall be used for horizontal scaling. LAppS has most scallable WebSockets server out there. LAppS is the same thing to WebSockets as the Apache or Nginx are to HTTP. LAppS does not supports HTTP (though it supports... -
17
Hack-Tools
Hack tools
hack-tools is a collection of various hacking tools and utilities. It serves as a comprehensive toolkit for penetration testers and cybersecurity enthusiasts, encompassing a wide range of functionalities. -
18
SlimMVC.js
Your Slim MVC JavaScript
A simple JavaScript framework to implement MVC pattern and safe against XSS attacks using nodeValue property rather innerHTML. -
19
httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.
-
20
REST framework JWT Auth
JSON Web Token Authentication support for Django REST Framework
JSON Web Token Authentication support for Django REST Framework. This package provides JSON Web Token Authentication support for Django REST framework. Unlike some more typical uses of JWTs, this module only generates authentication tokens that will verify the user who is requesting one of your DRF protected API resources. The actual request parameters themselves are not included in the JWT claims which means they are not signed and may be tampered with. -
21
Simple Site Protection
Secure login system for php frameworks, applications ansd sites
...The objective of these routines is to supply a secure login system to be wrapped round php applications and websites so that developers do not need to write their own. These libraries have been hardened against most web type attacks. Now has internationalisation and multiple languages. -
22
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2... -
23
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
-
24
MyZone Social Network
peer to peer social network
MyZone is a peer to peer social network that supports almost all features common in Facebook and Google+. In addition you can share unlimited mp3s and mp4s with your friends. MyZone does not downgrade the resolution of your photos and all established connections are encrypted using state of the art encryption techniques. MyZone is designed to be resilient towards cyber attacks especially DDoS attacks and government imposed censorships. MyZone should be an interesting social networking... -
25
Wave Framework
Open Source API-centric PHP Micro-framework
Wave is a PHP micro-framework that is built loosely following model-view-control architecture and factory method design pattern. It is made for web services, websites and info-systems and is built to support a native API architecture, caching, user control and smart resource management. Wave is a compact framework that does not include bloated libraries and features and is developed keeping lightweight speed and optimizations in mind. While not necessary for using Wave Framework, it comes by...
