Search Results for "web attacks" - Page 4

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/

Sutil! CMS is a "distro" of the consecrated CMS Joomla! 1.5, In respect to the Policy of using "brand name and logo" Joomla®, because it is trademarked. All extensions J1.5 can be installed in Sutil! CMS. Sutil! is Open Source / GPL - FREE !

The purpose of this project is to geographically restrict access from countries to your server and simply iptables restrictions via a country code and not a large ip list. It is intended as a means of reducing unwanted attacks, brute force, spam, etc. not as a means to segregate access worldwide nor discriminate against any country. I have waned to package an rpm, and deb file that quickly allows most users to block ip addresses from ip blocks that have been geographically assigned...

AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters. This tool compares the source and the destination files, then copies the "defaced" files if any...

About GameOver: Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work. GameOver has been broken down into two sections. Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command...

A JAVA based tool developed by Vikas N P and Sharath Rao.. It can detect and block malicious users from inseting dangerous links into web pages and thereby prevent xss attacks

... attacks by the privilege user or system administrator.A simple attack scenario could be that a customer pays a virtual machine at Amazon EC2 (Provider) and the systemadmin (Privilidged User) who is, for instance, threatened to be fired, has access to the same virtual machine state, this priviledged user can easily leak customer’s data. There is a need to secure the computation state during communication and storage and we achieve this through the implementation of a trusted platform.

Abstract—The security challenge coming with the popularity of web-based applications is a serious matter. The privacy of the data sent back and for has become a crucial issue. As a matter of fact, in one of their most recent publications, Chen et al analyzed this problem and showed that, although the existence of powerful communication security systems such as HTTPS, WPA/WPA2 Wi-Fi encryption, several high-scaled Webapps are exposed to side-channel attacks using timing and a subset...

An open source network stress testing and denial-of-service attack application, initially developed by Samin Yasar. The idea behind BanglaDos is that it can allow you to participate in attacks even if you've no clue how to hack. It send thousand of garbage request to web servers like visa.com , paypal.com to shut them down. If many computers using BanglaDos pointed at a single site to make a real impact, letting a central administrator press the big button of website destruction makes...

this collection of most used resources that will help you in ethical hacking and penetration testing. Collection of hacking tools and materials and all major type of attacks and tutorials.

distributedPHP client is a simple PHP script that can simultaneously activate/send data to as many web scripts as you want. You must open and configure the distributedPHP .php file prior to running it. ditributedPHP client supports activating scripts without data, sending the same data to all scripts, sending unique data to each script or sending user input to each script. Examples of use include: distributed math computation, encryption breaking, SETI@home/folding@home (well, if they made...

SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So...

Calculate the number of solutions to place n queens on an n*n chess board, without any queen attacking each other. Options allow using rooks instead of queens, disabling knight attacks and setting the minimum distance between queens.

Igino Corona and Davide Ariu and Giorgio Giacinto, "HMM-Web: a framework for the detection of attacks against Web applications", IEEE ICC 2009. Anomaly detection of server-side web attacks based on Hidden Markov Models (unsupervised learning).

HoneyBadger is a highly interactive mutating honeypot designed to catch attacks ranging from simple worms to complex 0days in LAN or production web environments. It is based in a portable VM designed for low stress deployment and easy maintenance.

it’s a free and open source phishing framework that helps the social-engineers in phishing attacks. and it’s includes alot of phishing pages and more stuff that helps you in phishing. the application is coded in PHP,XHTML,CSS,and Javascript.

browser game strategy divided in age. grow, attacks, wins. the game and being tested

This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be teste

C Based Open Source Web application firewall (WAF) for detecting SQL and xss attacks Simply works on the Access logs of Apache once an attack is detected it Grabs the Attackers IP and shoves it in an IPTables rule to drop once and for all.

The CSRF Protector is a Firefox extension which attempts to detect and prevent CSRF attacks by looking for patterns in the possible ways of performing CSRF and blocking behaviors common to multiple types of CSRF attack

Peruggia is designed as a safe, legal environment to learn about and try common attacks on web applications. Peruggia looks similar to an image gallery, but contains several controlled vulnerabilities to practice on.

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

Java based webapp that utilizes TCP Wrappers to grant an IP access to a ssh server. Brute force attacks can be avoided while still allowing password based ssh access from multiple, changing IP values.

mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.