Search Results for "http header injection"
Sort By:
Showing 20 open source projects for "http header injection"
View related business solutions-
Stop vibe-debugging.AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
1
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. ... -
2
Secure
HTTP middleware for Go that facilitates some quick security wins
...When IsDevelopment is true, the AllowedHosts, SSLRedirect, STS header, and HPKP header will not be in effect. This allows you to work in development/test mode and not have any annoying redirects to HTTPS (ie. development can happen on HTTP), or block localhost has a bad host. Secure comes with a variety of configuration options. Secure allows you to set a custom function for the AllowRequestFunc option. -
3
Sliver
Adversary Emulation Framework
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys. The server and client support MacOS, Windows, and Linux. Implants are supported on MacOS, Windows, and Linux (and possibly every Golang compiler target but we've not tested them all). -
4
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
Vulcain
Fast and idiomatic client-driven REST APIs
Vulcain is a brand new protocol using HTTP/2 Server Push to create fast and idiomatic client-driven REST APIs. An open-source gateway server that you can put on top of any existing web API to instantly turn it into a Vulcain-compatible one is also provided! It supports hypermedia APIs but also any "legacy" API by documenting its relations using OpenAPI. The protocol has been published as an Internet-Draft that is maintained in this repository. A reference, production-grade, implementation... -
6
EaseProbe
A simple, standalone, and lightweight tool
EaseProbe is a simple, standalone, and lightweight tool that can do health/status checking, written in Go. Checking the HTTP status code, Support mTLS, HTTP Basic Auth, and can set the Request Header/Body. Check whether a TCP connection can be established or not. Run a Shell command and check the result. Run a remote command via SSH and check the result. Support the bastion/jump server. Connect to a given port using TLS and (optionally) validate for revoked or expired certificates. ... -
7
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of... -
8
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
9
Freedom DDD Framework
Freedom is a hexagonal architecture-based framework
Freedom is a hexagonal architecture-based framework that underpins the hyperemic domain model paradigm. Integrated Iris. HTTP/H2C Server & Client. Integrating Prometheus. AOP Worker & Non-intrusive Context. Extensible component Infrastructure. Dependency Injection & Dependency Inversion & Open Closed Principle. DDD & Hexagonal Architecture. Domain Event & Message Queue Components. CQS & aggregate root. CRUD & PO Generate. Level 1 Cache & Level 2 Cache & Anti-breakdown. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
bifrost-gateway
A lightweight IPFS Gateway daemon backed by a remote data store
A lightweight IPFS Gateway daemon backed by a remote data store. bifrost-gateway provides a single binary daemon implementation of HTTP+Web Gateway Specs. All you need is a trustless gateway endpoint that supports verifiable response types. The minimum requirement is support for GET /ipfs/cid with application/vnd.ipld.raw (block by block). -
11
hey
HTTP load generator, ApacheBench (ab) replacement
hey is a tiny program that sends some load to a web application. hey was originally called boom and was influenced from Tarek Ziade's tool at tarekziade/boom. Using the same name was a mistake as it resulted in cases where binary name conflicts created confusion. To preserve the name for its original owner, we renamed this project to hey. hey runs provided number of requests in the provided concurrency level and prints stats. It also supports HTTP2 endpoints. It’s simple, efficient,... -
12
go-restful
Package for building REST-style Web Services using Go
...Request-scoped variables using attributes. Route errors produce HTTP 404/405/406/415 errors, customizable using ServiceErrorHandler(...). Request API for reading structs from JSON/XML and accessing parameters (path, query, header). Customizable gzip/deflate readers and writers using CompressorProvider registration. There are several hooks to customize the behavior of the go-restful package. -
13
Nunu
A CLI tool for building Go applications
Nunu is a CLI scaffolding tool for building Go applications; it aggregates and encapsulates popular Go ecosystem libraries to provide a modular, high‑performance, extensible foundation, complete with documentation and test support. Nunu is a scaffolding tool for building Go applications. Its name comes from a game character in League of Legends, a little boy riding on the shoulders of a Yeti. Just like Nunu, this project stands on the shoulders of giants, as it is built upon a combination of... -
14
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and... -
15
Go Backend Clean Architecture
A Go (Golang) Backend Clean Architecture project with Gin, MongoDB
This repository is a production-minded Go backend starter that applies Clean Architecture to keep business logic independent from frameworks, databases, and delivery mechanisms. It organizes code into layers—domain, use cases, interfaces/adapters—so swapping an HTTP framework or database does not ripple through core logic. The template includes well-chosen scaffolding for configuration, logging, dependency injection, error handling, and request validation so teams can focus on business features. It demonstrates practical patterns for repository interfaces, DTOs, and consistent response envelopes that keep APIs predictable. ... -
16
Daptin
Daptin - Backend As A Service - GraphQL/JSON-API Headless CMS
Take the API overhead out of your brain with Daptin. Complete granular access to your data over the network. A single binary to power up your application. Database-backed persistence, 3NF normalized tables. JSON API/GraphQL for CRUD apis. User and group management and access control. Social login with OAuth: tested with google, github, LinkedIn. Actions for abstracting out business flows. Extensive state tracking APIs. Enable Data Auditing from a single toggle. Synchronous Data Exchange with... -
17
Iris Web Framework
The fastest community-driven web framework for Go
Iris is a fast, full-featured and futuristic web framework written in Go. It is by far the fastest HTTP/2 web framework ever crafted, is highly efficient yet simple. Iris provides a beautifully expressive and easy-to-use foundation for your next website, API or distributed app. Iris comes packed with Webassembly, Automatic HTTPS with Public Domain, MVC, Sessions, Caching, Versioning API, Problem API, Websocket, Dependency Injection and more. -
18
gorilla/mux
HTTP router and URL matcher for building Go web servers
Package gorilla/mux implements a request router and dispatcher for matching incoming requests to their respective handler. The name mux stands for "HTTP request multiplexer". Like the standard http.ServeMux, mux.Router matches incoming requests against a list of registered routes and calls a handler for the route that matches the URL or other conditions. The main features are that it implements the http.Handler interface so it is compatible with the standard http.ServeMux, requests can be matched based on URL host, path, path prefix, schemes, header and query values, HTTP methods or using custom matchers, URL hosts, paths and query values can have variables with an optional regular expression. ... -
19
Telize
High performance JSON IP and GeoIP REST API (IP Geolocation)
Telize is a REST API built in Go allowing to get a visitor IP address and to query location information from any IP address. It outputs JSON-encoded IP geolocation data, and supports both JSON and JSONP. Geolocation operations are performed using the MaxMind DB Reader for Go which caches the database in RAM. Therefore, Telize has very minimal overhead and should be blazing fast. This service offers a REST API allowing to get a visitor IP address and to query location information from any IP... -
20
Go Safe Web
Secure-by-default HTTP servers in Go
go-safeweb is a security-focused HTTP framework for Go that bakes in secure defaults so common web vulnerabilities are harder to introduce. Instead of leaving headers and policies to ad-hoc middleware, it sets Content Security Policy, X-Frame-Options, and other protections by default, and centralizes template escaping rules. Request handling emphasizes principled APIs for parsing and validating input, reducing the risk of injection and deserialization bugs.
- Previous
- You're on page 1
- Next
