Search Results for "attack"

...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

...Built simple, powerful, and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and hybrid. OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. ...

...The tool is particularly valuable in security research, bug bounty hunting, and penetration testing, as it uncovers endpoints that may no longer be publicly linked but still exist on servers. By leveraging archived data, waybackurls helps identify hidden attack surfaces, legacy APIs, and forgotten resources that could be vulnerable. Its design is intentionally simple and efficient, focusing on delivering large volumes of URLs quickly with minimal configuration. The output can be combined with other tools for further analysis, such as filtering parameters or probing endpoints.