Search Results for "owasp broken web"
Sort By:
Showing 75 open source projects for "owasp broken web"
View related business solutions-
Context for your AI agentsBuild data pipelines that feed your AI models and agents without managing infrastructure. Crawl any website, transform content, and push directly to your preferred vector store. Use 10,000+ tools for RAG applications, AI assistants, and real-time knowledge bases. Monitor site changes, trigger workflows on new data, and keep your AIs fed with fresh, structured information. Cloud-native, API-first, and free to start until you need to scale.
-
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
1
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is... -
2
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. -
3
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
4
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. -
Grafana: The open and composable observability platformGrafana is the open source analytics & monitoring solution for every database.
-
5
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. -
6
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
Handy, High-performance Nginx firewall module. Such as black and white list of IPs or IP range, uri black and white list, and request body black list, etc. Directives and rules are easy to write and readable. The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them... -
7
crawlee
A web scraping and browser automation library for Node.js
Crawlee is a web scraping and browser automation library. It helps you build reliable crawlers. Fast. Crawlee won't fix broken selectors for you (yet), but it helps you build and maintain your crawlers faster. When a website adds JavaScript rendering, you don't have to rewrite everything, only switch to one of the browser crawlers. When you later find a great API to speed up your crawls, flip the switch back. -
8
buku
Personal mini-web in text
buku is a powerful bookmark manager and a personal textual mini-web. For those who prefer the GUI, bukuserver exposes a browsable front-end on a local web host server. When I started writing it, I couldn't find a flexible command-line solution with a private, portable, merge-able database along with seamless GUI integration. Hence, buku. buku can import bookmarks from the browser(s) or fetch the title, tags and description of a URL from the web. -
9
fastdup
An unsupervised and free tool for image and video dataset analysis
fastdup is a powerful free tool designed to rapidly extract valuable insights from your image & video datasets. Assisting you to increase your dataset images & labels quality and reduce your data operations costs at an unparalleled scale. -
Financial reporting cloud-based software.The software is cloud based and automates complexities around consolidating and reporting for groups with multiple year ends, currencies and ERP systems with a slice and dice approach to reporting. While retaining the structure, control and validation needed in a financial reporting tool, we’ve managed to keep things flexible.
-
10
OnlineToolsBook
Online tool cheats, write a high-quality manual for online tools
...For someone who frequently resorts to ad-hoc web tools to solve tasks (text manipulation, image processing, conversion, utilities), OnlineToolsBook acts as an aggregator of “cheat sheets” or curated pointer collection rather than a specific application. The intention appears to be long-term: the repository can be updated to reflect new tools, remove broken ones, organize categories, or provide usage hints — so it becomes a living, crowd-maintained reference. -
11
spicedb
Open Source, Google Zanzibar-inspired permissions database
SpiceDB is a graph database purpose-built for storing and evaluating access control data. As of 2021, broken access control became the #1 threat to the web. With SpiceDB, developers finally have the solution to stopping this threat the same way as the hyperscalers. Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications. Building modern authorization from scratch is non-trivial and requires years of development from domain experts. ... -
12
Build your own X
Master programming by recreating your favorite technologies
build-your-own-x is a massive, community-curated roadmap of hands-on tutorials that teach you to re-implement complex systems from scratch—things like databases, compilers, operating systems, interpreters, web servers, neural networks, regex engines, and more. Rather than offering abstract theory, it organizes step-by-step guides by topic and by programming language, so you can pick a project that fits your stack and skill level. The focus is on demystifying internals: you don’t just use a... -
13
CCleaner
Clean up, speed up, and optimize your PC
...CCleaner enhances privacy by deleting browsing traces, cookies, and trackers across major web browsers. Backed by over 20 years of experience and trusted by millions worldwide, it remains one of the leading tools for maintaining a faster and healthier PC. -
14
Vulnerable Web Apps
Vulnerable Web Apps virtual appliance to learn application security.
Hello! My name is Manuel Santander. I teach at local Universities courses about web application security. I prefer to teach my students in a practical way, where they are able to interact with specific cases, learn the vulnerabilities and perform asessments. There were not that many alternatives for virtual appliances that covers what I wanted to teach, so I decided to mount my own appliance. Last version is an Ubuntu 22.04 server appliance, which includes the following applications: Version 4 Running on port 80: - bWAPP - Damn Vulnerable Web Application - OWASP Hackademic - OWASP Mutillidae Running on port 81: - Hackazon Running on port 82: - Conviso Vulnerable Web App Running on port 83: - Generic University Running on port 3000: - OWASP Juice Shop Running on port 9000: - Authlab -
15
This is a web application for the management of a restaurant cantina. Records wines sold/drunk/broken in week, month ad year. Based on php/mysql.
-
16
AWStats
AWStats Log Analyzer
AWStats is a free powerful and featureful server logfile analyzer that shows you all your Web/Mail/FTP statistics including visits, unique visitors, pages, hits, rush hours, os, browsers, search engines, keywords, robots visits, broken links and more -
17
bluemonday
Fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer
bluemonday is an HTML sanitizer implemented in Go. It is fast and highly configurable. bluemonday takes untrusted user-generated content as an input, and will return HTML that has been sanitized against an allowlist of approved HTML elements and attributes so that you can safely include the content in your web page. If you accept user-generated content, and your server uses Go, you need bluemonday. It protects sites from XSS attacks. There are many vectors for an XSS attack and the best way... -
18
ScaNetOS
Entorno funcional para auditoría web y pentesting
ScaNetOS : Entorno de Auditoría Web Automatizada (v1.0) ScaNetOS es una Máquina Virtual en formato .OVA, diseñada para ser una máquina de análisis web y pentesting preconfigurada. Su objetivo es proporcionar un entorno de trabajo rápido y eficiente para pentesters éticos y analistas de seguridad enfocados en la auditoría de aplicaciones web y APIs. El corazón de esta MV es el ScaNet Panel (Script Bash v1.0), un menú centralizado que orquesta herramientas avanzadas y automatiza los... -
19
patch-package
Fix broken node modules instantly
patch-package lets app authors instantly make and keep fixes to npm dependencies. It's a vital band-aid for those of us living on the bleeding edge. Patches created by patch-package are automatically and gracefully applied when you use npm(>=5) or yarn. No more waiting around for pull requests to be merged and published. No more forking repos just to fix that one tiny thing preventing your app from working. You can use --save-dev if you don't need to run npm in production, e.g. if you're... -
20
LibreWeb Browser
Decentralized Web Browser
LibreWeb is an open-source decentralized web browser, leveraging IPFS. What would you do differently; if you could reinvent The Internet in the 21st century? With all the knowledge and new technologies available today. I was inspired by Douglas Engelbart, Tim Berners-Lee, and Ted Nelson as well as projects like IPFS, Jekyll, ARPANET, and more. Everyone should be able to easily read and create a site/blog/news page and publish the content online (without minimal technical knowledge). ... -
21
CSS Critic
Lightweight CSS regression testing
A lightweight tool for regression testing of Cascading Style Sheets. Your web stack should be fully testable. CSS Critic closes the gap in front-end testing and makes HTML & CSS testable - no more broken UI. For example, make it supervise changes to your project's responsive style guide so you know things are looking good. We believe that your UI will change often enough that a lightweight process on managing changes (near instant feedback, anyone?) -
22
The Lift Web Framework
Lift Framework
Lift is the most powerful, most secure web framework available today. There are Seven Things that distinguish Lift from other web frameworks. Lift apps are resistant to common vulnerabilities including many of the OWASP Top 10. Lift apps are fast to build, concise and easy to maintain. Lift apps are high-performance and scale in the real world to handle insane traffic levels. -
23
Photonix Photo Manager
A modern, web-based photo management server
A modern, web-based photo management server. Run it on your home server and it will let you find the right photo from your collection on any device. Smart filtering is made possible by object recognition, face recognition, location awareness, color analysis and other ML algorithms. This project is currently in development and not feature complete for a version 1.0 yet. -
24
Ooui Web Framework
UI library that brings the simplicity of native UI development to web
...Ooui has been broken up into several packages to increase the variety of ways that it can be used. When the user requests a page, the page will connect to the server using a web socket. This socket is used to keep the server's in-memory model of the UI (the one you work with as a programmer) in sync with the actual UI shown to the user in their browser. -
25
pcapfix
repair corrupted pcap and pcapng files
this tool tries to repair your broken pcap and pcapng files by fixing the global header respectively packet blocks and recovering the packets by searching und guessing the packet headers or blocks
