Search Results for "xss"
Sort By:
Showing 30 open source projects for "xss"
View related business solutions-
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Strapi
API creation made simple, secure and fast
Strapi is the most advanced open-source headless CMS for creating powerful and customizable APIs with no effort. Built with 100% JavaScript, Strapi lets you easily create self-hosted, customizable, and performant content APIs. Strapi projects can be hosted on any platform of your choice, and you can work with any database you prefer. All your favorite dev tools-- from static site generators and databases to hosting platforms work with Strapi, so you're never locked in. Strapi is designed... -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
3
jsoup
Java library for working with real-world HTML
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. jsoup is designed to deal with all varieties of HTML found in the wild; from pristine and validating, to invalid tag-soup; jsoup will create a sensible parse tree. The parser will make... -
4
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
5
HackTools
The all-in-one Red Team extension for Web Pentesters
The all-in-one Red Team browser extension for Web Pentesters. HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools are accessible in one click. HackTools is accessible either in pop-up mode or in a whole tab in the Devtools part of the browser with F12. Once the build is done correctly, webpack will create a new folder called dist. ... -
6
Go Safe Web
Secure-by-default HTTP servers in Go
go-safeweb is a security-focused HTTP framework for Go that bakes in secure defaults so common web vulnerabilities are harder to introduce. Instead of leaving headers and policies to ad-hoc middleware, it sets Content Security Policy, X-Frame-Options, and other protections by default, and centralizes template escaping rules. Request handling emphasizes principled APIs for parsing and validating input, reducing the risk of injection and deserialization bugs. The framework’s routing and... -
7
XSpear
Powerfull XSS Scanning and Parameter analysis tool&gem
XSpear is an XSS Scanner on ruby gems. Powerful XSS Scanning and Parameter analysis tool&gem. -
8
Web Security Audit
Passively audits the security posture on current page for your browser
...Add-on wants to report security misconfigurations, or failure to use best security practices. - Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including: - strict-transport-security - x-xss-protection - content-security-policy - x-frame-options - x-content-type-options It is available for Opera Beta and Developer browser - https://bit.ly/2TvvFw4 -
9
Cerberus Content Management System
Cerberus Content Management System
Cerberus Content Management System is a Monolithic and Modular Content Management System that is written in 100% Pure PHP code with 100% Pure HTML output, and it supports multiple Database Management Systems. Cerberus Content Management System source code is completely handwritten by the author(s). The CerberusCMS project is focused on data security and ease of use, therefore we have decided to make very little use of JavaScript in the PurePHP Releases. The still-secure, and... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Laravel Larabbs
A forum project base on Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects. Laravel has the most extensive and thorough documentation and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. -
11
MVProc FastCGI
MVProc implemented as a FastCGI
...Supports application/x-www-form-urlencoded and multipart/form-data! Highly configurable! Very fast templating! Designed to be secure, with SQL injection protection, XSS attack protection, and more! Responsive project admin! -
12
One Page Scroll
Create an Apple-like one page scroller website
...Create an Apple-like one page scroll website (iPhone 5S website) with One Page Scroll plugin Created by Pete R., Founder of BucketListly. jQuery 1.9.0 or later is strongly recommended because using jQuery less than 1.8.3 and jquery.onepage-scroll.js together turns out to be a hash-based XSS vulnerabiliry. Modern browsers such as Chrome, Firefox, and Safari on both desktop and smartphones have been tested. Should work fine on IE8 and IE9 as well. One Page Scroll let you transform your website into a one page scroll website that allows users to scroll one page at a time. It is perfect for creating a website in which you want to present something to the viewers. ... -
13
SimplePress
Simple Blog Script
UPDATE: Please do not download until new update or final version 1.1 is out (actual version = 1.0.6.beta)! We found XSS and SQL Injection vulnerabilities and are going to fix them as soon as possible. SimplePress ist ein objektorientiertes Content Management System zum einfachen Erstellen und Verwalten eines Onlineblogs. Das System eignet sich hervorragend zum forken eigener Scripte. -
14
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation errors and accessibility errors. Sitecheck can also spot some common causes of PCI compliance failure such as insecure content on secure pages, SQL injection/cross-site scripting (XSS) vulnerabilities, insecure encryption ciphers and open mail relays. Sources of information leakage such as email addresses and IP addresses in the headers or the page will be logged. Includes a separate module called domaincheck which checks the domain expiry date, SSL certificate expiry date and SPF records. -
15
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/
-
16
Secure user authentication system
A really secure user authentication system in PHP and MySQL.
-
17
phpBoard
The phpBoard is an easy-to-modifying PHP Forum with Blog and Profiles.
...Features: Profile Blog + Kommentare PM System Admin / Moderations Bereich Spam Protection Captcha & IP-Lock BBCode & Smileys RSS Feeds News / Ankündigungen User bearbeiten / sperren Gästebücher E-Mail Verifizierung SQL-Injections-Schutz Admin Benachrichtigungen Kontakte Statistiken InfoBox Badword-Liste Counter User Liste Suchfunktion Meine Beiträge Moderatoren Passwort vergessen / ändern Anzeige Views / Beiträge in einem Thema Schutz vor Cross-Site-Scripting (XSS) -
18
OneForum
The Forum is easy-to-modifying Forum equipped with many features.
...Features: User Profiles PM System Admin / Mod Area Spam Protection Captcha & IP-Lock BBCode & Smileys RSS Feeds News-System Announcements User edit / block SHA1 encoding E-Mail verification SQL-Injection-Guard Admin-Notifications Contacts Statistics InfoBox Badword-Filter Counter User List Search MyPostings Moderators Password recovery / change Show Views / Posts in a Topic Protection against XSS -
19
Safe3WVS is one of the most powerful web vulnerability scanner with AI on-the-fly web spider crawling technology,especially web portals ,it is the most fast tool to dig such as sql injection, upload vulnerability, and more.http://www.safe3.com.cn/en
-
20
ABK SiteHoster is aLEHNS (a Lightweight Extensible HTTP Network Server). Developed in pure Java. Currently supports HTTP v1.1 Protocol's subset. Adding features to make fully compliant. Aiming to be a full-fledged WebSite Server with all Web Service
-
21
PHPTAL
Moved to GitHub: https://github.com/pornel/PHPTAL/
Moved to GitHub: https://github.com/pornel/PHPTAL/ -
22
** Guys I have built a much more powerful Fully Featured CMS system at: https://github.com/MacdonaldRobinson/FlexDotnetCMS Macs CMS is a Flat File ( XML and SQLite ) based AJAX Content Management System. It focuses mainly on the Edit In Place editing concept. It comes with a built in blog with moderation support, user manager section, roles manager section, SEO / SEF URL
-
23
-
24
Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.
-
25
nwebpoll is a secure php/mysql application for running several simple web polls. It adds the capability of having several "Other" options where users can input their own answers. Validated against SQL Injections and XSS.
