Search Results for "server attack" - Page 2
Sort By:
Showing 67 open source projects for "server attack"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
1
paramspider
Mine parameterized URLs from web archives for security testing
ParamSpider is an open source command-line tool designed to discover URLs that contain parameters by mining historical data from web archives such as the Wayback Machine. It helps security researchers, penetration testers, and bug bounty hunters collect potential attack surfaces by automatically gathering archived URLs related to a specific domain. Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ... -
2
Shennina
Automating Host Exploitation with AI
...The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. Shennina scans a set of input targets for available network services, uses its AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets. If the attack succeeds, Shennina proceeds with the post-exploitation phase. The AI engine is initially trained against live targets to learn reliable exploits against remote services. ... -
3
binserve
A fast production-ready static web server with TLS (HTTPS)
...Binserve's performance is achieved due to minimization of Disk I/O operations at runtime (with fast_mem_cache enabled) and serving static files from memory. On the client-side, Cache-Control, Etag, and Last-Modified are utilized. Prevents common attack vectors like Directory Traversal and Symlink Attacks. -
4
Kubernetes External Secrets
Integrate external secret management systems with Kubernetes
...An ExternalSecret declares how to fetch the secret data, while the controller converts all ExternalSecrets to Secrets. The conversion is completely transparent to Pods that can access Secrets normally. By default Secrets are not encrypted at rest and are open to attack, either via the etcd server or via backups of etcd data. -
$300 Free Credits to Build on Google CloudStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
-
5
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. -
6
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software,... -
7
Zynix-Fusion
zynix-Fusion is a framework for hacking
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else. -
8
SSH MITM
SSH man-in-the-middle tool
This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard... -
9
APIthet
An Application to security test RESTful web APIs.
...Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter in an API. The application is available as a Windows exe file.. In progress and planned features: -More test cases to attack target API. ... -
Error to trace to log to deploy. One click. No SSH.AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
-
10
Injectify
Perform advanced MiTM attacks on websites with ease
Perform advanced MiTM attacks on websites with ease. Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension). Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a database. -
11
Evilgrade
Framework that allows the user to take advantage of implementations
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set. Evilgrade works with modules, in each module there's an implemented structure which is needed to emulate a fake update for an... -
12
Mpge
Mpge
Mpge is a wrapper of meterpreter (msfconsole, msfpayload and msfencode) of Metasploit Framework directly integrated with Mac OS X Snow Leopard 10.6.8 and with OS X Mavericks 10.9. With Mpge is possible make trojan horse files for Microsoft Windows, Linux and Mac OS X 10.3 Panther, OS X 10.4 Tiger, OS X 10.5 Leopard and OS X Montain Lion 10.8.1 for all Mac OS X is possible make a trojan horse files contains a reverse shell into files .pkg and files .app. I used three real Mac OS X: Attacker:... -
13
Social Toolkit for Phishing Attacks, a multiplatform tool to simulate phishing attack based on node, a simple server for run our template and fast manipulation
-
14
LOIC-SLOW
LOIC-0 WITH SOME LOWBANDWITH NETWORK STRESSING TOOLS ADDED
LOIC-SLOW Low Orbit Ion Cannon- Special Lowbandwith Operating Weapon LOIC-SLOW stands for LOIC - Low Orbit Ion Cannon SLOW - Special Lowbandwith Operating Weapon THE NEXT GENERATION OF LOIC-0 DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN... -
15
LOIC-0
A NETWORK STRESS TOOL BASED ON PRAETOX LOIC
Low Orbit Ion Cannon - 0 (LOIC-0) The original Low Orbit Ion Cannon with interface improvements. ALSO NOTED VERSION 1.0 OF LOIC-0 IS VERSION 1.2 OF LOIC AND SO ON. DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR... -
16
r-u-dead-yet
R-U-Dead-Yet? (RUDY) Original source code files
R-U-Dead-Yet, or RUDY for short, implements the generic HTTP DoS attack via long form field submissions. RUDY attack targets web applications by starvation of available sessions on the web server. RUDY keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value. Licensed under the GNU GPL v3 DISCLAIMER: USE ON YOUR OWN RISK. -
17
LOIC-IRC-0
LOIC-0 Now with IRC control
A new version of LOIC-0 with IRC control. Also LOIC SLOW with IRC control. PLEASE NOTE THAT THIS TOOL IS RELEASED UNDER GPLv3 LICENSE. DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,... -
18
OverServer
Simple meta-server for locating other multiplayer servers
...One particular strength of the player-hosted games setup is that it places the burden of Internet traffic on the player base and not a central server. OverServer tries not to violate this strength by keeping the query and response length very low to cut down on overhead from running the metaserver. I designed OverServer with a few lessons in mind from Valve and Won's metaserver setup for Half-life. It is at least somewhat resistant to attack through a challenge-response system for incoming requests. ... -
19
MITMf
Framework for Man-In-The-Middle attacks
...Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely rewritten from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. ... -
20
cluster007-v2.0 more fix and more fun changelog: 1.old technique have been change with scripting technique 2.more better size 3.come with booster like hoic but more better 4.more better ranged that not have request time out but it will like that if server offline 5.allow you to make your own script booster hope you enjoy :D
-
21
DIRB - URL Bruteforcer: DIRB is a Web Content Scanner. It looks for hidden Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response. DIRB main purpose is to help in web application auditing.
-
22
EbolaShell -Ddos with multiple methods -DNS info and reporting -Whois site look up -Port scanner -Site Check ( is it up) (only checks site from server location)
-
23
EbolaShell (3) 2.1 update This is not ebola 3, just the update to 2.1 The full 3 (new) will be posted sometime this week. -Ddos with multiple methods -DNS info and reporting -Whois site look up -Port scanner -Site Check ( is it up) (only checks site from server location)
-
24
EbolaShell -Ddos with multiple methods -DNS info and reporting -Whois site look up -Port scanner -Site Check ( is it up) (only checks site from server location)
-
25
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...
