Search Results for "http header injection"

Header Only Cross-platform high-performance TCP network library using C++ 11. The server uses two network threads and one logic thread, the client uses one network (also process logic) thread. Every packet size is 46 bytes. Every packet contains the client's id. Server broadcast packets to all clients when recv one packet from any client. The client sends one packet when recv packet from the server and the packet's id is equal self.

go-safeweb is a security-focused HTTP framework for Go that bakes in secure defaults so common web vulnerabilities are harder to introduce. Instead of leaving headers and policies to ad-hoc middleware, it sets Content Security Policy, X-Frame-Options, and other protections by default, and centralizes template escaping rules. Request handling emphasizes principled APIs for parsing and validating input, reducing the risk of injection and deserialization bugs.

github: https://github.com/samedog/phpmvs

mod_spamhaus_new is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block HTTP DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. This module is based on mod_spamhaus but has been updated for actual web server configurations and to support a list of domains, which are NOT spam blocked so customers can reach you even if they got a dynamic IP which is on a spam list. ...

This program will allow you to create sophisticated screen layouts that can automatically adjust to browser size. Each widget within a layout is highly customisable, using property pages that adapt to the type of widget being edited. There is a preview mode and a zoom mode for detailed editing. In addition to the main design dialogs and popup menus can also be created. A design, when saved, will generate a C++ header class that contains all elements of the design. This class, when...

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/

This module will allow DocumentRoot to be determined at request processing time, based on a config value and request's Host: header. Similar to mod_vhost_alias module.

Agent IQ maintains a local database of device capabilities on your web server and, based on the incoming user agent header, returns an array of capabilities. These can be used in the logic of the site on the server side. When a request is received, it looks at the User Agent String of the incoming header and matches it against the database. If there is a match, the device capabilities are stored as PHP and Javascript variables for you to use in shaping how your site is served out. If...

jHTTPp2 is a very small HTTP/1.1 proxy server written in Java. It offers following features: IPv6 support, high-performance, blocks URL's based on a block-list, removes data from the HTTP-Header, blocks Cookies from untrusted hosts.

This Project aims at developing generic Valves for Containers like Tomcat.Development will be aimed at providing detailed request tracing valves based on the native logger valves.This project is created and architected by Arunn John Moothedathu (www.arunjohn.com).

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.

Servlet container extensions that help web developers write full featured Java web applications.

mod_spamhaus is an Apache module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.

mod_cidr_lookup is Apache module enable to lookup CIDRs and set name to HTTP request header and environmental variable. mod_cidr is useful to detect some CIDR groups. example: my company's CIDR block, Google bot's CIDR and others

An Apache module for performing server-side content negotiation of XHTML documents. Compatible clients will be sent the correct Content-Type header; older or non-compliant clients will be sent text/html.

Resource Accelerate is J2EE filter that provides header caching directives and gzipping for J2EE web applications (such as Tomcat) to signficantly improve the download speed of JavaScript, CSS, and images in a simple, easy to use package.

mod_replace is an Apache 2.0.x filter that rewrites text patterns based on PCRE within an request header / body or an response header. It is commonly used with mod_proxy's reverse proxy feature to fix incorrect behaviour of web applications.