Search Results for "owasp"

...Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE.

Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. ...

...An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP.

O-Saft is an OWASP project that offers an advanced SSL/TLS analysis tool. It provides detailed information about SSL certificates and tests SSL connections against specified cipher lists, aiding in the assessment of SSL/TLS configurations. ​

A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them.

...PHP RBAC is compatible with NIST Level 2 RBAC standard and provides even more, with best performance yet available for any authorization library, and its for PHP. Note: Development and support has been moved to Github (https://github.com/OWASP/rbac). New releases will continue to be released here on SF.