Search Results for "apache"
Sort By:
Showing 30 open source projects for "apache"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Cloud tools for web scraping and data extractionAutomate web data collection with cloud tools that handle anti-bot measures, browser rendering, and data transformation out of the box. Extract content from any website, push to vector databases for RAG workflows, or pipe directly into your apps via API. Schedule runs, set up webhooks, and connect to your existing stack. Free tier available, then scale as you need to.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web... -
2
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic... -
3
Splunk Attack Range
Tool to simulate attacks and collect the data
Attack Range Log The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
4
Pumba
Chaos testing, network emulation, stress testing tool for containers
Pumba is a chaos testing command line tool for Docker containers. Pumba disturbs your containers by crashing containerized applications, emulating network failures and stress-testing container resources (cpu, memory, fs, io, and others). -
Reach Your Audience with Rise Vision, the #1 Cloud Digital Signage Software SolutionRise Vision is the #1 digital signage company, offering easy-to-use cloud digital signage software compatible with any player across multiple screens. Forget about static displays. Save time and boost sales with 500+ customizable content templates for your screens. If you ever need help, get free training and exceptionally fast support.
-
5
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice. -
6
Themis
Easy to use cryptographic framework for data protection
Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted... -
7
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.... -
8
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
9
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
eProcurement SoftwareeBuyerAssist by Eyvo is a cloud-based procurement solution designed for businesses of all sizes and industries. Fully modular and scalable, it streamlines the entire procurement lifecycle—from requisition to fulfillment. The platform includes powerful tools for strategic sourcing, supplier management, warehouse operations, and contract oversight. Additional modules cover purchase orders, approval workflows, inventory and asset management, customer orders, budget control, cost accounting, invoice matching, vendor credit checks, and risk analysis. eBuyerAssist centralizes all procurement functions into a single, easy-to-use system—improving visibility, control, and efficiency across your organization. Whether you're aiming to reduce costs, enhance compliance, or align procurement with broader business goals, eBuyerAssist helps you get there faster, smarter, and with measurable results.
-
10
CTFd
CTFs as you need them
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon... -
11
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
12
nbcelltests
Cell-by-cell testing for production Jupyter notebooks in JupyterLab
nbcelltests is designed for writing tests for linearly executed notebooks. Its primary use is for unit testing reports. Cell-by-cell testing for production Jupyter notebooks in JupyterLab. To use in JupyterLab, you will also need the lab and server extensions. Typically, these are automatically installed alongside nbcelltests, so you should not need to do anything special to use them. The lab extension will require a rebuild of JupyterLab, which you'll be prompted to do on starting... -
13
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your... -
14
PoshC2
C2 framework used to aid red teamers with post-exploitation
...These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. Shellcode containing in-build AMSI bypass and ETW patching for a high success rate and stealth. Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good operational security. Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic. -
15
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase.... -
16
Wifipumpkin3
Powerful framework for rogue access point attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. -
17
<<Hack|Track GNU/Linux
Distro Penetrasing Live System Burn to USB Flash Disk & Run.
<<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing. -
18
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software,... -
19
VENOM C2 shellcode
C2 shellcode generator/compiler/handler
The script will use msfvenom (metasploit) to generate shellcode in different formats ( C# | python | ruby | dll | msi | hta-psh | doc | apk | macho | elf | deb | mp4 | etc ) injects the shellcode generated into one template (example: python) "the python function will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file. It also starts a handler to receive the remote connection (shell or meterpreter) venom... -
20
WebSploit Framework
WebSploit is a high level MITM Framework
WebSploit Advanced MITM Framework [+]Autopwn - Used From Metasploit For Scan and Exploit Target Service [+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin [+]format infector - inject reverse & bind payload into file format [+]phpmyadmin Scanner [+]CloudFlare resolver [+]LFI Bypasser [+]Apache Users Scanner [+]Dir Bruter [+]admin finder [+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks [+]MITM - Man In The Middle Attack [+]Java Applet Attack [+]MFOD Attack Vector [+]ARP Dos Attack [+]Web Killer Attack [+]Fake Update Attack [+]Fake Access point Attack [+]Wifi Honeypot [+]Wifi Jammer [+]Wifi Dos [+]Wifi Mass De-Authentication Attack [+]Bluetooth POD Attack Project In Github : https://github.com/websploit -
21
Shuttle
A web proxy in Golang with amazing features
Shuttle is a cross-platform network proxy tool based on Go. -
22
ophcrack
A Windows password cracker based on rainbow tables
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. -
23
A simple GUI for the mdcrack application. -MDCrack is a free featureful password cracker designed to bruteforce 21 algorithms: MD2, MD4, MD5, HMAC-MD4, HMAC-MD5, FreeBSD, Apache, NTLMv1, IOS and PIX (both enable and user) hashes,-
-
24
OWASP Zed Attack Proxy
Find web application vulnerabilities the easy way!
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP -
25
bWAPP
an extremely buggy web app !
...The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. This project is part of the ITSEC GAMES project. You can find more about the ITSEC GAMES and bWAPP projects on our blog. For security-testing and educational purposes only! Cheers Malik Mesellem
