Search Results for "http header injection"

Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.

Project Asmosis provides a set of tools related to assembly language programming. The tools include: - the Asm::X86 Perl module, - AsmDoc - an HTML documentation generator for assembly language, - Asm4Doxy - Assembly converter for Doxygen (http://www.doxygen.org/), - converters between various assembly language dialects: NASM (The Netwide Assembler, https://www.nasm.us), fasm (flat assembler, https://flatassembler.net) and GNU as, - converters from C/C++ header files to assembly language header files, - make4fasm - a Makefile generator for fasm, - Linux-2.6 kernel module helpers for fasm and NASM, - macros for Autoconf (https://www.gnu.org/software/autoconf/), - pieces of code that may be useful for starting developing a simple operating system. ...

Apache2::ModProxyPerlHtml is the most advanced Apache output filter to rewrite HTTP headers and HTML links for reverse proxy usage. It is written in Perl and exceeds all mod_proxy_html.c limitations without performance lost. It is very simple and has far better parsing/replacement of URL than the original C code. It also support meta tag, CSS, and javascript URL rewriting and can be use with compressed HTTP. You can now replace any code by other, like changing images name or anything else....

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

...The result is a flexible, scriptable WAF that pairs the performance of NGINX with the expressiveness of Lua for nuanced HTTP defense.

Sqlninja is an exploitation tool to be used against web apps based on MS SQL Server that are vulnerable to SQL Injection attacks, in order to get a shell or extract data also in very hostile conditions. For more information please check http://sqlninja.sf.net

Based on dnstop, webtop reads either a live Ethernet stream or a pre-captured file of packets, and performs aggregations based on standard HTTP headers. It can operate in an interactive mode, as well as produce reports for inclusion into incident reports, et cetera.

sqlsus is an open source (My)SQL injection tool, written in perl. It focuses on speed and efficiency, optimising the available injection space. It provides an easy to use interface with lots of neat features. For more information, please visit http://sqlsus.sf.net

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.