Search Results for "http header injection" - Page 5
Sort By:
Showing 175 open source projects for "http header injection"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
1
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
2
mod_spamhaus_new
Apache 2.4.x security, block known bad IP
mod_spamhaus_new is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block HTTP DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. This module is based on mod_spamhaus but has been updated for actual web server configurations and to support a list of domains, which are NOT spam blocked so customers can reach you even if they got a dynamic IP which is on a spam list. ... -
3
JavaScript CSRF Protection Bundle
Automatic CSRF protection for JavaScript apps using a Symfony API
Archived! Now that all modern browsers implement SameSite cookies and the Origin HTTP header, this bundle is - in most cases - not necessary anymore. Learn how to protect your Symfony APIs from CSRF attacks. If you need to maintain old applications, take a look to DneustadtCsrfCookieBundle. This API Platform and Symfony bundle provides automatic Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications. -
4
TCP Over HTTP Tunnel
TCP Over HTTP Tunnel Client with Header Host Support ( Injector ).
TCP Over HTTP Tunnel Free Server Provided by Fastssh.com Server: tcp.serverip.co Ports: 80, 8080, 3128 Password: fastssh.com Works only with fastssh.com SSH accounts. In some networks, the use of CONNECT method is blocked. In such cases, an HTTP tunnel can still be implemented using only the usual HTTP methods as POST, GET, PUT and DELETE. The server runs outside the blocked network and acts as a special HTTP server. The client program is run on a computer inside the... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
pah
A Java library for handling the HTTP Accept header
-
6
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
7
basic-auth
Generic basic auth Authorization header field parser
Generic basic auth Authorization header field parser for whatever. This is a Node.js module available through the npm registry. Get the basic auth credentials from the given request. The Authorization header is parsed and if the header is invalid, undefined is returned, otherwise an object with name and pass properties. Parse a basic auth authorization header string. This will return an object with name and pass properties, or undefined if the string is invalid. -
8
HB Reports
TReportPrinter component for Delphi and Firemonkey
TReportPrinter Lightweight code based reporting for Delphi VCL and Firemonkey. For developers who prefer to create Reports quickly in code rather than wasting time with a hard to learn, slow to build graphical designer. Designed to have a high degree of backward code compatibility with Nevrona Rave Reports but in active development and forward looking for your new Firemonkey applications. Demo projects included with the files Documentation here... -
9
Aglyph
Aglyph is a Dependency Injection framework for Python.
Aglyph is a Dependency Injection framework for Python, supporting type 2 (setter) and type 3 (constructor) injection. Aglyph runs on CPython (http://www.python.org/) 2.7 and 3.4+, and on recent versions of the PyPy (http://pypy.org/>),Jython (http://www.jython.org/), IronPython (http://ironpython.net/), and Stackless Python (http://www.stackless.com/) variants. -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
10
APIthet
An Application to security test RESTful web APIs.
APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter in... -
11
Ethernet POWERLINK XDD Tool Suite
Provides eclipse plugins for XDD edit, validation and OD generation.
The plugins include functionality to edit and check CN / MN XDD / XDC files against the DS311 V1.2.0 and the DS 301 1.3.0 specification. Another plugin enables the user to generate the object dictionary header file from an XDD / XDC file for the openPOWERLINK (https://goo.gl/Cg77Oi) implementation. Please note that the validation functionality works properly for Controlled and Managing Node XDD / XDC files. Please use the update site to install the plugin in your eclipse environment: http://sourceforge.net/projects/xddpluginsuite.openconf.p/files/update_site/ User Manual: https://goo.gl/hvtLAq XDD editor plugin user manual: https://goo.gl/Fo5pUQ Install via Eclipse marketplace: https://goo.gl/eAZAn9 Link to the openCONFIGURATOR parent project: https://sourceforge.net/projects/openconf/ -
12
cpDetector is a proxy for codepage detection of documents. It delegates to multiple instances that try to detect the codepage by different techinques. A command line executeable is shipped that allows to sort documents by codepage.
-
13
mod_auth_trustheader
apache-2.x module to get userid from header|environment|SSL variable
Mostly copied from mod_auth_basic of apache-2.2. The basic-auth handshake was replaced by some code which gets the userid out of a customable variable. The variable could be anything ap_expr could read in authentication hook, e.g.: a header field, a httpd environment variable or an SSL environment variable. The syntax is the same known from RewriteCond of mod_rewrite: e.g.: %{HTTP:variable}, %{ENV:variable} or %{SSL:variable} No password is written into internal httpd variables. So... -
14
ng-token-auth
Token based authentication module for angular.js
ng‑token‑auth is an AngularJS module that provides token-based authentication for single-page applications by coordinating with server-side token systems like the devise_token_auth gem. Oauth2 authentication. Email authentication, including user registration. Password reset, account updates, account deletion, seamless integration with the devise token auth Rails gem, and extensive event notifications. This module relies on token based authentication. This requires coordination between the... -
15
NRRD Image Library for C++
Header Only C++ Library to read and write NRRD image files
This is a Header-Only implementation of the NRRD Image file format. It supports all basic C-types and automatically converts to the type you want. It is templated and allows reading and writing user-defined meta-information to the NRRD-header. It implements "the most important" parts of the following standard: http://teem.sourceforge.net/nrrd/format.html - Does not implement: line skip, byte skip, orientations, encodings other than raw, kinds other than domain... -
16
Parse C++ header files using ply.lex to generate navigable class tree representing the class structure. CppHeaderParser.py has the advantage of being a pure python C++ header parser. Grap a copy of ply at http://www.dabeaz.com/ply/
-
17
Pop Framework
Use Java bean as model of web page, reference beans in hyperlinks
Pop Framework (or Pop), http://www.popframework.net, is a bean-based MVC framework for Java/J2EE web applications. Pop implements IoC, Dependency Injection, and AOP. Pop provides annotations for users to define and reference a bean. Pop can help users to customize a bean, a scope, a factory and a reference in object-oriented way. Pop treats a bean as the model of a web page (JSP or servlet), the webpage itself is a view of the bean. -
18
DesignerWt
A layout and widget editor for Wt (C++ web applications)
This program will allow you to create sophisticated screen layouts that can automatically adjust to browser size. Each widget within a layout is highly customisable, using property pages that adapt to the type of widget being edited. There is a preview mode and a zoom mode for detailed editing. In addition to the main design dialogs and popup menus can also be created. A design, when saved, will generate a C++ header class that contains all elements of the design. This class, when... -
19
r-u-dead-yet
R-U-Dead-Yet? (RUDY) Original source code files
R-U-Dead-Yet, or RUDY for short, implements the generic HTTP DoS attack via long form field submissions. RUDY attack targets web applications by starvation of available sessions on the web server. RUDY keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value. Licensed under the GNU GPL v3 DISCLAIMER: USE ON YOUR OWN RISK. -
20
miniPHP
A small, simple PHP MVC framework skeleton that encapsulates a lot of
miniPHP A small, simple PHP MVC framework skeleton that encapsulates a lot of features surrounded with powerful security layers. miniPHP is a very simple application, useful for small projects, helps to understand the PHP MVC skeleton, know how to authenticate and authorize, encrypt data and apply security concepts, sanitization and validation, make Ajax calls and more. It's not a full framework, nor a very basic one but it's not complicated. You can easily install, understand, and... -
21
anontwi
AnonTwi: tool to have more privacy on social networking sites related
AnonTwi provides you: + AES + HMAC-SHA1 encryption on Tweets and Direct Messages + Secure Sockets Layer (SSL) to interact with API + Proxy Socks (for example, to connect to the TOR network) + Random HTTP header values + Send long messages splitted automatically + Automatic decryption of tweet's urls or raw inputs + Backup messages to your disk (max: 3200) + Send fake geolocation places + Remove data and close account (suicide!) + View global Trending Topics + UTF-8 + Unicode support (chinese, arabic, symbols, etc) + Multiplatform: GNU/Linux, MacOS, Win32 + Detailed colourful output results + Generate tools and modules + GTK+ interface + An IRC bot slave + [...] ... -
22
mango HTTP Client
Lightweight HTTP Client for embedded devices
mango is a free, open source, lightweight HTTP Client library written entirely in C. The focus of the mango implementation is to reduce resource usage while still providing an almost full-scale HTTP Client. This makes it suitable for use in memory-constrained embedded devices where memory and CPU power are at a premium. -
23
Modern Webdesign via Bootstrap
Modern Webdesign via Bootstrap
We present a modern web design for an index page of a website using bootstrap, data coming from a REST API, screen adaptive images and language dependency of the user. The REST API data ansatz separates the data from the design and the adaptive images (http://adaptive-images.com/) helps to reduce loading time for mobil devices. We further use "Lazy Bootstrap Carousel" for bootstrap 3 from https://github.com/mconventi/lazy-load-bootstrap-carousel to reduce again traffic, by loading the images for the header carousel when it they needed. -
24
Z4 Phreak Tools 2.3
Modify Request and Response Header
Version 2.3 Pro Edition is available (Mar/01/2015) What's new in version 2.3? - Fixed bugs Traffic - Fixed bugs Dialer - Fixed bugs Set Proxy IDM - Change Proxy Server (with listview) - Fixed bugs Query (add use query mode only) - Add New User-Agent to Query (SonyEriccson, NOKIA, Opera Mini, and Custom) - SMS (Create, Inbox, Outbox, Draft, Kontak) - Diagnostics Modem (Operator, Speed, RSSI, MCC, MNC, LAC, Cell ID, QoS, Sent, Recieved) - Set Network Type modem (3G Only, 3G... -
25
This project is being moved to github: https://github.com/sal-vage/d-injection * License * Distributed under the Boost Software License, Version 1.0. (See http://www.boost.org/LICENSE_1_0.txt)
