Search Results for ".sql"

...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

...A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. ...

RazWall is a community based firewall replacement for 3ndian Community Firewall. RazWall is built on Slackware Linux. We will publish the ISO releases here as they develop. READ THE 'README' FILE BEFORE DOWNLOADING!

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

BrazilFW is a mini Linux distribution designed to be used as a Firewall and Router that runs easily on older computers. An old PC running BrazilFW is much more powerful and efficient than commercial software for routing in offices and residences running on a "powerful" computer. BrazilFW is based on Coyote Linux, which was designed by Joshua Jackson who discontinued Coyote Linux in version 2.24 in August 2005. In that same month comes on the scene BrazilFW Firewall and Router (BFW) with...

...Some of its features are: * Powerful filtering engine. * Stand alone Web Application Firewall. * Protects against remote & local file inclusions, code execution, uploads, SQL injections, bots and scanners, XSS and many other threats. * Hooks and sanitises all HTTP requests before they reach your website, as well as the response body. * Real-time detection (File Guard). * Response body filter (Web Filter). * Powerful access control and firewall policies. * Easy to setup; your PHP scripts do not require modifications...

You can make a simple MSN control (which users can login), web authentication gateway (Horatio based), load balance (iproute2), traffic shape (QoS), simple packet filter and NAT redirects (DNAT), loadbalance and VPN gateway or roadwarrior and ...

lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. ...

ngx_lua_waf is a web application firewall (WAF) module written in Lua for use with OpenResty (Nginx + Lua). It provides protection against common web attacks such as SQL injection, XSS, file uploads, and malicious bots. The WAF is rule-based, easily configurable, and lightweight, offering real-time defense with minimal performance overhead.

Easily turn a Ubuntu-based computer into a full linux router, complete with dhcpd, named/bind, iptables firewall, and packet inspection of the network traffic being routed. Deep packet inspection for layer 2 (mac), layer 3 (ipv4, ipv6), layer 4 (icmp, tcp, udp), and layer 7 (application-specific). Summary of network flows and all layers of inspected traffic is stored in a database at 1-second intervals. This database is then mined to drive the Apache/PHP web interface.

Creates true post-admission network access control by regulating network access to admitted users on an as needed basis. Users cannot escalate privileges between micro-perimeters. Manageable, efficient and scalable for complex security environments.

Net-Policy is a highly-scalable, role-and-policy based network management system. Net-Policy aims to be an easy-to-use, full-fledged management station capable of configuration, monitoring, and notification collection and aggregation via the use of SNMP

A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.

A package of scripts to watch for snort alerts, change / create firewall rules to block high priority alerts, and record recent blocks. It will increase block times based on previously recorded blocks

This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands

Server/client suite which provides per-user access control/firewall/QOS. Robust and high speed implementation is secure against MAC/IP spoofing, and can scale to large networks with many clients. Options for additional monitoring and captive portal.

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

A complex software (firewall, network access informant, traffic calculator) for xDSL subscribers of Sibirtelecom company. Only Novosibirsk city branch supported at now.

The package includes tools that make a fully functional user accounting system for a small ISP. Functionality includes: traffic shaping, management of users' accounts, firewall, network monitoring, link quality measurement, alert system, etc.

AAFW(AntiAttackFireWall) is an isapi to protect IIS 5/6 from SQL injection.

Web interface written in php for ISC bind and ISC dhcp configuration and administration. It keeps it's own database containing general dns and dhcp information and information about subnets, hosts etc. Configures DNS, DHCP, firewalls, RADIUS servers..

Netfilter tracker is a tracking tool for iptables logs, similar to Checkpoint(tm) Smartview Tracker. Includes storage in an embedded SQL database and a graphical application (viewer) to access filtered data.

OpenCaptive is Simple Captive Portal, running in OpenBSD with Pf Firewall, with PHP and MySQL, support transparent proxy squid, and squidguard optionally.

A web-based traffic accounting, monitoring and control management system enriched with AJAX. The project focuses on easy configuration setup and high level of system administration abstraction.