Search Results for "web attacks"
Sort By:
Showing 33 open source projects for "web attacks"
View related business solutions-
The only software you need to increase cash flow, optimize resource utilization, and take control of your assets and inventory.
-
Chat with your business data with Looker. More than just a modern business intelligence platform, you can turn to Looker for self-service or governed BI, build your own custom applications with trusted metrics, or even bring Looker modeling to your existing BI environment.
-
1
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks... -
2
jsoup
Java library for working with real-world HTML
... attempt to create a clean parse from the HTML you provide, regardless of whether the HTML is well-formed or not. You have HTML in a Java String, and you want to parse that HTML to get at its contents, or to make sure it's well formed, or to modify it. The String may have come from user input, a file, or from the web. -
3
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted from... -
4
binserve
A fast production-ready static web server with TLS (HTTPS)
A fast static web server with TLS (HTTPS), routing, hot reloading, caching, templating, and security in a single binary you can set up with zero code. Binserve is designed to be performant, this is thanks to Actix-Web - one of the fastest web frameworks out there and DashMap for handling routes and cache storage. Binserve is cross-platform and portable to any major operating system, like it can run on your Android phone! Routing is simply matching a URI path to a file or a directory in a JSON... -
With Twilio Voice, you can build unique phone call experiences with one API, to create, receive, control and monitor calls with just a few lines of code. Create an engaging voice experience that you can quickly scale and modify with a wide array of customization options and resources.
-
5
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script gives... -
6
CacheGuard WAF
Web Application Firewall
CacheGuard WAF (Web Application Firewall) allows you to protect your Web applications against content attacks such as but not limited to XSS, SQL injections and Virus injections. CacheGuard WAF is designed to be implemented as a filtering reverse proxy in front of Web servers. In addition, an IP reputation based module allows you to block all requests coming from real time blacklisted IPs. CacheGuard WAF is distributed as an open source OS to install on a virtual or hardware machine. Once... -
7
BeEF
The browser exploitation framework project
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within... -
8
Pwnagotchi
Deep Reinforcement learning instrumenting bettercap for WiFi pwning
Pwnagotchi is an A2C-based “AI” powered by bettercap and running on a Raspberry Pi Zero W that learns from its surrounding WiFi environment in order to maximize the crackable WPA key material it captures (either through passive sniffing or by performing deauthentication and association attacks). This material is collected on disk as PCAP files containing any form of handshake supported by hashcat, including full and half WPA handshakes as well as PMKIDs. Instead of merely playing Super Mario... -
9
LAppS
Lua Application Server for micro-services with default communication
This is an attempt to provide very easy-to-use Lua Application Server working over WebSockets protocol (RFC 6455). LAppS is an application server for micro-services architecture. It is build to be highly scalable vertically. The docker cloud infrastructure (kubernetes or swarm) shall be used for horizontal scaling. LAppS has most scallable WebSockets server out there. LAppS is the same thing to WebSockets as the Apache or Nginx are to HTTP. LAppS does not supports HTTP (though it supports... -
Don’t let unpaid invoices limit your business’s growth. EBizCharge plugs directly into the tools your business already uses to speed up payment collection.
-
10
mod_spamhaus_new
Apache 2.4.x security, block known bad IP
mod_spamhaus_new is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block HTTP DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. This module is based on mod_spamhaus but has been updated for actual web server configurations and to support a list of domains, which are NOT spam blocked so customers can reach you even if they got a dynamic IP which is on a spam list. Default... -
11
hNix OS
A vulnerable lab for IT Security professionals & students
A vulnerable toolkit & lab for IT Security Professionals, Hackers and Students. This is a Linux based Operating System & has been developed for those concerned with IT Security. Contains various software, exploits and is vulnerable to attacks. This project is a fork of the project MyLab@Home developed by Huzaib Shafi (http://www.shafihuzaib.com) -
12
Web Forensik
PHPIDS-based Security Log Analyzer for Apache
NOTE: This project is no longer under active developement. Check out the successor at: https://github.com/jensvoid/lorg Web Forensik ist a script that uses PHPIDS to automatically scan your HTTPD logfiles for attacks against web applications. Check the Wiki for installation, configuration, usage. -
13
anonme.sh
anonymous tools [uncontinued]
anonme.sh {bash script} V1.0 Operative Systems Suported: Linux Dependencies: slowloris macchanger decrypter.py description of the script * this script makes it easy tasks such as DoS attacks, change you MAC address, inject XSS on target website, file upload vulns, MD5 decrypter, webcrawler (scan websites for vulns) and we can use WGET to download files from target domain or retrieve the all website... tutorial:http://www.youtube.com/watch?v=PrlrBuioCMc -
14
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
-
15
distributedPHP client
A simple script for distributed computing through PHP:
distributedPHP client is a simple PHP script that can simultaneously activate/send data to as many web scripts as you want. You must open and configure the distributedPHP .php file prior to running it. ditributedPHP client supports activating scripts without data, sending the same data to all scripts, sending unique data to each script or sending user input to each script. Examples of use include: distributed math computation, encryption breaking, SETI@home/folding@home (well, if they made... -
16
SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So...
-
17
Igino Corona and Davide Ariu and Giorgio Giacinto, "HMM-Web: a framework for the detection of attacks against Web applications", IEEE ICC 2009. Anomaly detection of server-side web attacks based on Hidden Markov Models (unsupervised learning).
-
18
PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...
-
19
Java based webapp that utilizes TCP Wrappers to grant an IP access to a ssh server. Brute force attacks can be avoided while still allowing password based ssh access from multiple, changing IP values.
-
20
mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.
-
21
SFSS is simple, PHP-based file sharing system. It is: - really lightweight (4 pages) - database-free (all data is stored in PHP files) - stable for upload attacks - highly configurable
-
22
SURFnet IDS, a Distributed Intrusion Detection System (D-IDS). The goal is to provide an early warning system which lets system administrators correlate known and unknown exploits to attacks directed towards their networks.
-
23
mod_spamhaus is an Apache module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.
-
24
And-httpd is an HTTP server that maps URLs to files. It currently has a $2000 "security guarantee" against remote attacks.
-
25
Heap-o-crap is possibly one of the safest browsers on the "market". It may not have as many features or compare in speed to leading browsers, but we employ many techniques to prevent phishing, viruses and many other malicious attacks. Safe for all ages.