Search Results for "web security scanner"
Sort By:
Showing 2471 open source projects for "web security scanner"
View related business solutions-
Deploy Red Hat Ansible Automation Platform on Microsoft Azure for a strategic automation solution that allows you to orchestrate, govern and operationalize your Azure environment.
-
Stay productive working at any distance from anywhere with Monitask.
-
1
Security Log Generator
Generates logs of typical formats that would often be found in a SOC
Generates logs of typical formats that would often be found in a SOC. As of 31st January 2023, it supports IDS, Web Access and Endpoint log formats. Can generate a specific number of events in a linear fashion or use a waveform to add 'bumpiness' to your data. The code is modular and extensible, adding additional formats can be done with relative ease. -
2
InQL Scanner
A Burp Extension for GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website... -
3
Web-Check
All-in-one OSINT tool for analysing any website
Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance... -
4
Agentic Security
Agentic LLM Vulnerability Scanner / AI red teaming kit
The open-source Agentic LLM Vulnerability Scanner. -
Repfabric is a customer relationship management (CRM) software designed specifically for multi-line sales teams (i.e. reps, distributors, wholesalers, dealers, and manufacturers). It streamlines and simplifies the sales process by providing deep integration with email, contacts, calendars, and deal tracking. The platform enables users to track commissions from CRM to sale, make updates directly from mobile devices, and document sales calls using voice-to-text features.
-
5
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Spring Security uses a Gradle-based build system. In the instructions, ./gradlew... -
6
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins... -
7
MyCrypto Web App
Tool that allows you to manage your Ethereum accounts privately
Unify all your Ethereum accounts without giving up your privacy or security. Use with your favorite hardware and software wallets. Managing and storing your assets has never been easier. The MyCrypto apps give you control of your crypto. MyCrypto allows you to import and manage all of the Ethereum accounts that you have control of. One combined view for all of the transaction histories across all of your accounts. Check your transaction recipient against 50M+ labeled Ethereum accounts... -
8
Tor Browser
Browser for using Tor on Windows, Mac OS X or Linux
... with a pre-configured web browser to protect your anonymity, and is self-contained (portable). -
9
DVWA
PHP/MySQL web application
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment. The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty... -
BackBox seamlessly integrates with network monitoring and NetOps platforms and automates configuration backups, restores, and change detection. BackBox also provides before and after config diffs for change management, and automated remediation of discovered network security issues.
-
10
uBlock Origin
An efficient blocker for Chromium and Firefox
An efficient blocker add-on for various browsers. Fast, potent, and lean. uBlock Origin is not an "ad blocker", it is a wide-spectrum blocker, which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin, when newly installed, is to block ads, trackers and malware sites through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, Online Malicious URL Blocklist, and uBlock Origin's own filter lists. uBlock Origin (or uBlock₀) is not an ad... -
11
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic... -
12
RustDesk
An open-source remote desktop, and alternative to TeamViewer
RustDesk is a full-featured open source remote control alternative for self-hosting and security with minimal configuration. Desktop versions use Flutter or Sciter (deprecated) for GUI, this tutorial is for Sciter only, since it is easier and more friendly to start. Check out our CI for building Flutter version. You have full control of your data, with no concerns about security. You can use our rendezvous/relay server, or self-hosting, or write your own rendezvous/relay server. -
13
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications... -
14
Onion Browser
An open-source, privacy-enhancing web browser for iOS
Encrypted traffic through the Tor network gives you the highest standard of security and privacy. No extra eyes see your activity, save your history or influence your browsing. Targeted ads are history. Tabs don’t hang around. They close when you’re done, so every search is new. Onion Browser is your trusted connection to Tor on iOS. Tor offers the highest standard of privacy. You are not linked to your browsing activity. Your location doesn't influence the websites you’re able to visit. Onion... -
15
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo... -
16
Html5-QRCode
A cross platform HTML5 QR code reader
Lightweight & cross platform QR Code and Bar code scanning library for the web. Use this lightweight library to easily / quickly integrate QR code, bar code, and other common code scanning capabilities to your web application. End-to-end scanner with UI, integrate with less than ten lines of code. Powerful set of APIs you can use to build your UI without worrying about camera setup, handling permissions, reading codes, etc. Support for scanning local files on the device is a new addition... -
17
Zen Browser
Experience tranquillity while browsing the web
Experience tranquillity while browsing the web without people tracking you. Beautifully designed, privacy-focused, and packed with features. We care about your experience, not your data. With Zen's Theme Store, you can customize your browsing experience to reflect your unique style and preferences. Choose from a wide array of themes, colors, and layouts to make Zen truly your own, transforming your browser into a personalized digital space. Zen thrives on the contributions of its vibrant... -
18
dirsearch
Web path scanner
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner. Wordlist is a text file, each line is a path. About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. To use multiple wordlists, you can separate your wordlists with commas... -
19
RustScan
The Modern Port Scanner
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically pipe results into Nmap, or use our scripts (or write your own) to do whatever you want. Adaptive learning. RustScan improves the more you use it. No bloated machine learning here, just basic maths. The usuals you would expect. IPv6, CIDR, file input and more. Automatically... -
20
Snipe-IT
A free open source IT asset/license management system
Snipe-IT is a free and open source asset/license management system with powerful built-in features. It is a web-based software, and must be run on a web server and accessed through a web browser. Snipe-IT is very user-friendly, and is ideal for IT operations: tracking who has which laptop, handling software licences, accessories, etc. -
21
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification... -
22
Deskreen
Deskreen turns any device with a web browser into a secondary screen
Use any device with a web browser as a second screen for your computer (with the help of Virtual Display Adapter). Share your computer entire screen to any device that has a web browser. Limit Deskreen to share only a single application view to any device with a web browser. If you are a video blogger and you need a teleprompter, or you need to look at the camera during a video conference, Flip Screen Mode is just for you. Deskreen can share screen video over WiFi. No cables are needed. Connect... -
23
ModSecurity
Cross platform web application firewall (WAF) engine for Apache
ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web... -
24
Gitleaks
Protect and discover secrets using Gitleaks
Gitleaks is a fast, lightweight, portable, and open-source secret scanner for git repositories, files, and directories. With over 6.8 million docker downloads, 11.2k GitHub stars, 1.7 million GitHub Downloads, thousands of weekly clones, and over 400k homebrew installs, gitleaks is the most trusted secret scanner among security professionals, enterprises, and developers. Gitleaks-Action is our official GitHub Action. You can use it to automatically run a gitleaks scan on all your team's pull... -
25
ntopng
Web-based Traffic and Security Network Traffic Monitoring
ntopng® is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and is now revamped in terms of performance, usability, and features. ntopng is a network traffic probe that provides 360° Network visibility, with its ability to gather traffic information from traffic mirrors, NetFlow exporters, SNMP devices, Firewall logs, and Intrusion Detection systems. ntopng has been written in a portable way in order...