Search Results for "attacker"
Sort By:
Showing 51 open source projects for "attacker"
View related business solutions-
Don’t settle when it comes to managing your clients’ IT infrastructure. Exceed their expectations with ConnectWise RMM, our MSP RMM software that provides proactive tools and NOC services—regardless of device environment. With the number of new vulnerabilities rising each year, smart patching procedures have never been more important. We automatically test and deploy patches when they are viable and restrict patches that are harmful. Get better protection for clients while you spend less time managing endpoints and more time growing your business. It’s tough to locate, afford, and retain quality talent. In fact, 81% of IT leaders say it’s hard to find the recruits they need. Add ConnectWise RMM, NOC services and get the expertise and problem resolution you need to become the advisor your clients demand—without adding headcount.
-
We design our technology to make workforce management easier. APS offers core HR, payroll, benefits administration, attendance, recruiting, employee onboarding, and more.
-
1
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
2
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic... -
3
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
4
react-native-keychain
Keychain Access for React Native
... (or if an attacker can somehow access the filesystem), the key can be obtained and the stored data can be decrypted. Therefore, on such a device, the concealed encryption is only an obscurity. On API level 23+ the key is stored in the Android Keystore, which makes the key non-exportable and therefore makes the entire process more secure. Follow best practices and do not store user credentials on a device. Instead, use tokens or other forms of authentication and re-ask for user credentials. -
It protects your internal resources such as behind-the-firewall applications, teams, and devices.
-
5
Latte
The safest & truly intuitive templates for PHP
The first truly secure and intuitive templates for PHP. The most common critical vulnerability in websites is Cross-Site Scripting (XSS). It allows an attacker to insert a malicious script into a page that executes in the browser of an unsuspecting user. It can modify the page, obtain sensitive information or even steal the user's identity. Templating systems fail to defend against XSS. Latte is the only system with an effective defense, thanks to context-sensitive escaping. Latte is based... -
6
Kubernetes Goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment
... an attacker, and secure your Kubernetes, cloud, and container workloads right from the design, code, and architecture itself to prevent them. Use Kubernetes Goat to showcase the effectiveness of the tools, product, and solution. Also, educate the customers and share your product or tool knowledge in an interactive hands-on way. -
7
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
8
VeraCrypt
Open source disk encryption with strong security for the Paranoid
.... This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
9
The hash latch generates keys in a manner similar to how some cryptocurrencies are mined. It takes a string and brute-forces a prefix for it so that the hash of the string with the prefix has a certain number of leading zeroes. But that alone would've been too easy to hack. To prevent an attacker from forging the keys by generating a new prefix: the hash latch doesn't output the keys in the plaintext. Instead, it encrypts the key and outputs the ciphertext. That means that instead...
-
Give your HR team the tools they need to streamline administrative tasks, support employees, and make informed decisions with the OrangeHRM free and open source HR software.
-
10
Casper-fs
Casper-fs is a Custom LKM generator to protect and hide files.
Casper-fs is a Custom Hidden Linux Kernel Module generator. Each module works in the file system to protect and hide secret files.The motivation: An attacker can read every file in your machine in a bad situation. But if you have a Casper-fs custom module, the attacker will not find the hidden kernel module that has functions to turn any file invisible and protect to block read/remove/edit actions. My beginning purpose at this project is to protect my server, which is to protect my friends... -
11
HiddenWall
hidden firewall, custom firewall in kernel
HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall). My beginning purpose at this project is protect my personal server, now is protect... -
12
CVE-2021-31166
Remote HTTP.sys use-after-free triggered remotely
This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in http.sys patched by Microsoft in May 2021. The bug itself happens in http!UlpParseContentCoding where the function has a local LIST_ENTRY and appends an item to it. When it's done, it moves it into the Request structure; but it doesn't NULL out the local list. The issue with that is that an attacker can trigger a code-path that frees every entry of the local... -
13
VaultSync
Sync directories and files in a secure folder on an external drive
VaultSync keeps synchronised data backups from one or more computers in an encrypted vault that is locked with a password. It is optimised to operate on a flash or external drive with minimal installation but it can also work on a hosted storage system like Dropbox, One Drive or Google Drive. It is really important that a backup is simple and fast to make. There is no point in having to decide what files are important or what has changed at the time of the backup, or having to manually... -
14
MaskPhish
Introducing "URL Making Technology" to the world
MaskPhish is not any Phishing tool. It's just a proof of concept of "URL Making Technology". It is a simple Bash Script to hide phishing URLs under a normal-looking URL (google.com or facebook.com). It can be integrated into Phishing tools (with proper credits) to look the URL legit. Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal... -
15
PiracyChecker
An Android library that prevents your app from being pirated
An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required. This library applies some techniques to help protect your app's users and attempt to thwart reverse engineers and attackers. BUT, this isn't guaranteed to stop your app from getting pirated. There is no such thing as 100% security, and a determined and skilled attacker with enough time, could remove these checks from the code. The real... -
16
obfusc
toolchain for obfuscated compilation
This is a C compiler, assembler, linker and virtual machine for computing based on encrypted working and obfuscated compilation and execution. The idea is that the platform machine `works encrypted' for the user and unencrypted for the operator, running a machine code instruction set in user mode that is provably safe against computational attacks, for code that is generated by a compiler that has introduced random variations into the code at each recompilation so that the attacker has... -
17
Parsedown
Better markdown parser in PHP
... consider employing defence-in-depth measures, like deploying a Content-Security-Policy (a browser security feature) so that your page is likely to be safe even if an attacker finds a vulnerability in one of the first lines of defence. Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS. -
18
CLASS_DOS_ATTACKER
it is written in Python and perform denial of service Attacks on LAN.
CLASS_DOS_ATTACKER is a tool written in PYTHON (in a Linux environment) to perform 5 Denial of Service Attack on a LAN: - ICMP FLOOD - TCP SYNFLOOD - ARP Cache Poisonning - DHCP Starvation - WIFI DEAUTHENTIFICATION -
19
StartFlagExploit
POC of Android temporary DoS (Android 10 / 11 beta 3)
... doesn't answer with forwarding a SecurityException to the Attacker, instead it throws the SecurityException without catching it. This causes the ActivityManagerService to crash and all other Services depending on it also die. -
20
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
.... If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure. -
21
Injectify
Perform advanced MiTM attacks on websites with ease
Perform advanced MiTM attacks on websites with ease. Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension). Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a database. -
22
-
23
Mpge
Mpge
Mpge is a wrapper of meterpreter (msfconsole, msfpayload and msfencode) of Metasploit Framework directly integrated with Mac OS X Snow Leopard 10.6.8 and with OS X Mavericks 10.9. With Mpge is possible make trojan horse files for Microsoft Windows, Linux and Mac OS X 10.3 Panther, OS X 10.4 Tiger, OS X 10.5 Leopard and OS X Montain Lion 10.8.1 for all Mac OS X is possible make a trojan horse files contains a reverse shell into files .pkg and files .app. I used three real Mac OS X: Attacker... -
24
Abdal ICMP Attacker
Powerful ICMP Flooder With Customize icmp Packets
This Tools Can Be Send The 10,000 Packet in Only 4 Second - -
25
WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks. WS-Attacker is developed by the Chair of Network and Datasecurity, Ruhr-University Bochum (http://nds.rub.de/) and the 3curity GmbH (http://3curity.de/).