Search Results for "server"
Sort By:
Showing 20 open source projects for "server"
View related business solutions-
Auth0 for AI Agents now in GAConnect your AI agents to apps and data more securely, give users control over the actions AI agents can perform and the data they can access, and enable human confirmation for critical agent actions.
-
Say goodbye to broken revenue funnels and poor customer experiencesLeanData is a Demand Management solution that supports all go-to-market strategies such as account-based sales development, geo-based territories, and more. LeanData features a visual, intuitive workflow native to Salesforce that enables users to view their entire lead flow in one interface. LeanData allows users to access the drag-and-drop feature to route their leads. LeanData also features an algorithms match that uses multiple fields in Salesforce.
-
1
SSH-MITM
Server for security audits supporting public key authentication
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. -
2
sqlmap
Automatic SQL injection and database takeover tool
...sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also comes with a wide set of switches which include database fingerprinting, over data fetching from the database, accessing the underlying file system, and more. -
3
proxy.py
Utilize all available CPU cores for accepting new client connections
...Currently, HttpProtocolHandler is the default work class. HttpProtocolHandler simply assumes that incoming clients will follow HTTP specification. Specific HTTP proxy and HTTP server implementations are written as plugins of HttpProtocolHandler. -
4
CTFd
CTFs as you need them
...Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon S3-compatible backend. Limit challenge attempts & hide challenges. Automatic bruteforce protection. Individual and Team-based competitions. Have users play on their own or form teams to play together. Scoreboard with automatic tie resolution. Hide Scores from the public. Freeze Scores at a specific time. Scoregraphs comparing the top 10 teams and team progress graphs. ... -
Dun and Bradstreet Connect simplifies the complex burden of data managementThe amount, speed, and types of data created in today’s world can be overwhelming. With D&B Connect, you can instantly benchmark, enrich, and monitor your data against the Dun & Bradstreet Data Cloud to help ensure your systems of record have trusted data to fuel growth.
-
5
Sippts
Set of tools to audit SIP based VoIP Systems
...Sipscan is a fast scanner for SIP services that uses multithread. Sipscan can check several IPs and port ranges and it can work over UDP or TCP. Sipexten identifies extensions on a SIP server. Also tells you if the extension line requires authentication or not. Sipexten can check several IPs and port ranges. -
6
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
7
nbcelltests
Cell-by-cell testing for production Jupyter notebooks in JupyterLab
...Its primary use is for unit testing reports. Cell-by-cell testing for production Jupyter notebooks in JupyterLab. To use in JupyterLab, you will also need the lab and server extensions. Typically, these are automatically installed alongside nbcelltests, so you should not need to do anything special to use them. The lab extension will require a rebuild of JupyterLab, which you'll be prompted to do on starting JupyterLab the first time after installing celltests (or you can do it manually with jupyter lab build). ... -
8
Digna Web Scanner
A tool to check web apps for vulnerabilty
...Insecure Direct Object References (IDOR): Scans for vulnerabilities that might enable attackers to access unauthorized data by manipulating direct object references. Open Ports: Detects open ports on the target web server to understand its potential attack surface. Content Security Policy (CSP): Checks if the website has a properly configured CSP to mitigate XSS and other injection RCE -
9
Shennina
Automating Host Exploitation with AI
...The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. Shennina scans a set of input targets for available network services, uses its AI engine to identify recommended exploits for the attacks, and then attempts to test and attack the targets. If the attack succeeds, Shennina proceeds with the post-exploitation phase. The AI engine is initially trained against live targets to learn reliable exploits against remote services. ... -
All-in-one security tool helps you prevent ransomware and breaches.Blumira’s detection and response platform enables faster resolution of threats to help you stop ransomware attacks and prevent data breaches. We surface real threats, providing meaningful findings so you know what to prioritize. With our 3-step rapid response, you can automatically block known threats, use our playbooks for easy remediation, or contact our security team for additional guidance. Our responsive security team helps with onboarding, triage and ongoing consultations to continuously help your organization improve your security coverage.
-
10
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
...The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. In this framework, you will have all the tools needed to privesc, net discovery, and lateral movement as you are typing behind the cmd of the target server. -
11
phpsploit
Full-featured C2 framework which silently persists on webserver
...The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large payloads (such as uploads) Provides a powerful, highly configurable settings engine. Each setting, such as user-agent has a polymorphic mode. Customizable environment variables for plugin interaction. ... -
12
mongoaudit
A powerful MongoDB auditing and pentesting tool
...This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! MongoDB listens on a port different to default one. Server only accepts connections from whitelisted hosts / networks. MongoDB HTTP status interface is not accessible on port 28017. MongoDB is not exposing its version number. MongoDB version is newer than 2.4. TLS/SSL encryption is enabled. Authentication is enabled. SCRAM-SHA-1 authentication method is enabled. -
13
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead. -
14
PivotSuite
Network Pivoting Toolkit
PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was only accessible from the compromised machine. If the compromised host is behind a Firewall / NAT and isn't directly accessible from our pentest machine, Then we can run pivotsuite as a server on pentest machine and pivotsuite as a client on the compromised machine for creating a reverse tunnel (Reverse Connection). ... -
15
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted... -
16
MITMf
Framework for Man-In-The-Middle attacks
...Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely rewritten from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. ... -
17
Penetration-Testing-Toolkit v1.0
A web interface for various penetration testing tools
Penetration-Testing-Toolkit is a web based project to automate Scanning a network,Exploring CMS, Generating Undectable metasploit payload, DNS-Queries, IP related informations, Information Gathering, Domain related info etc -
18
Wireless Attack Toolkit (WAT)
A push-button wireless hacking and Man-in-the-Middle attack toolkit
...It provides users with automated wireless attack tools that air paired with man-in-the-middle tools to effectively and silently attack wireless clients. Some of the tools included in the kit are: Custom regex-based DNS Server DHCP Aircrack-ng suite Browser Exploitation Framework (Preconfigured for metasploit) Metasploit Python-based Transparent Injection Proxy Pushbutton configuration "Limpet Mine" mode for attacking existing networks You basically answer three questions in the start script, wait a bit, then log into the BEEF console to start attacking clients -
19
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
-
20
An attempt to send a full flagged MIME based email using open relay mail servers (authentication not required). Written in Python3. Using smtplib and email liabraries TODO: Bruteforce the SMTP authentication. Support TLS.
- Previous
- You're on page 1
- Next
