Search Results for "php tool"
Sort By:
Showing 83 open source projects for "php tool"
View related business solutions-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Socialite
Socialite is an OAuth2 Authentication tool
Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, you can easily use it without Laravel. Socialite is an OAuth2 authentication tool. It is inspired by laravel/socialite , you can easily use it in any PHP project. The tool now supports the following platforms: Facebook, Github, Google, Linkedin, Outlook, QQ, TAPD, Alipay, Taobao, Baidu, DingTalk, Weibo, WeChat, Douyin, Feishu, Lark, Douban, Enterprise WeChat, Tencent Cloud, Line, Gitee, Coding. ... -
2
ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters
ezXSS is an open-source XSS (Cross-Site Scripting) testing platform designed to help security researchers identify and collect XSS vulnerabilities. It acts as a payload receiver and logger, storing details about triggered XSS attacks such as the user agent, cookies, DOM, and referrer. This tool is highly useful in bug bounty hunting and penetration testing for monitoring and documenting XSS vectors in real-time. -
3
Violet PHP Password Manager
Free php self-hosted password manager
Violet PWM (Personal Password Manager) is a secure and user-friendly password management tool designed to help individuals and small businesses manage their passwords and sensitive information efficiently. Violet PWM ensures your digital credentials are stored securely and accessible only to you. Key Features: Secure Storage: Uses advanced encryption techniques to protect your passwords and sensitive data. User-Friendly Interface: Intuitive design makes it easy to manage and... -
4
Network Security Toolkit (NST)
A network security analysis and monitoring toolkit Linux distribution.
Network Security Toolkit (NST) is a bootable ISO image (Live USB Flash Drive) based on Fedora 44 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available... -
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
5
PassMan Password Manager
Simple password manager written on Laravel and Filament
PassMan password manager is designed to help you take control of your passwords — keeping them local, secure, and easily accessible. It lets you add domains, categorize your passwords and ensures that only you can access your credentials. With our tool, you can easily add domains, categorize your records by type (e.g., www, FTP, etc.), and store usernames and passwords securely. Since everything is stored locally, you’re the only one who has access to your data, providing an added layer... -
6
Password-Manager
Online keepass-like tool to manage password. client-side AES encrypt!
v11.00 greatly enhanced security! This password manager can generate and store random strong passwords for users. Passwords are generated on users' browsers and then encrypted using AES256 (mode CBC). PBKDF2 with SHA512 is used for user identification check. In trusted computers, user can enable a PIN to login faster. PIN verification is complicated and involves both server and client. Though PIN is only 4 digits, it's still safe (server will disable PIN upon 3 errors) You can... -
7
VisualCodeGrepper V2.3.2
Code security review tool for C/C++, C#, VB, PHP, Java, PL/SQL, COBOL.
VCG is an automated code security review tool for C++, C#, VB, PHP, Java, PL/SQL and COBOL, which is intended to speed up the code review process by identifying bad/insecure code. New beta functionality has been added for R. It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. -
8
Zphisher
An automated phishing tool with 30+ templates
Zphisher is an advanced open-source phishing tool for educational and penetration testing purposes. It provides a simple interface for launching phishing attacks by cloning login pages of popular websites. Built in Bash, Zphisher automates server deployment using tunneling services like Ngrok, Localhost.run, and others. It is intended for ethical hacking and security research to demonstrate how phishing attacks work and how to defend against them. -
9
SecretManager
FR : Outil de partage des mots de passe, EN : Sharing tool passwords
* SecretManager V2 started. *New design and new features ************************************ This tool allows you to store (AES 256) and share passwords. Passwords are placed in groups. Groups are associated with user profiles. Finally, we associate user porfiles with users. So users have access to passwords for which they are authorized. In addition, it is possible to supervise the access to secrets (alarm and all access). -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
Confused
Tool to check for dependency confusion vulnerabilities
A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt, JavaScript (npm) package.json, PHP (composer) composer.json or MVN (maven) pom.xml. confused simply reads through a dependency definition file of an application and checks the public package repositories for each dependency entry in that file. -
11
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. -
12
FireCX
Open source OWASP penetration testing tool written in Python 3
FireCX is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. -
13
This is a simple web tool which allows users of a website to "securely" submit messages and files. They are sent over HTTPS to the server and there encrypted and forwarded to the administrator.
-
14
Mi WiFi Passwords
A tool that helps users see all their PC WiFi passwords at a glimpse.
MifiWiFiPasswords is a portable free software tool which helps people recover, view, search, retrieve, save and hack around all WiFi Networks passwords for the machine on which you run the software . It was initially developed in a single night by Blessed Jason Mwanza as a way to simplify the means on which to share and retrieve WiFi passwords to new users and members of his community. With MiWiFiPasswords version 2, Passwords for the machine on which you run the software are... -
15
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
16
CSVHashCrack Suite
Multi hash crack suite
This script is capable of cracking multiple hashes from a CSV-file like e.g. dumps from sqlmap. Over 17.000 md5-hashes in a CSV-file get cracked with a 14.300.000 lines wordlist in less then 1 min. Lines wich cant get cracked with the wordlist get stored in a .leftToCrack-File to further process with another Wordlist or the bruteforce-tool. In addition to the wordlist-cracker I created also a bruteforce-tool named CSVHashBrutforcer. -
17
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
18
CapAnalysis
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis -
19
Sagacity
Security Assessment Data Management and Analysis Tool
We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow... -
20
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
21
IPRARU
Computer security tool for the information gathering stage
Computer security tool for the information gathering stage, obtaining the IP address through redirection and social engineering. -
22
This tool can create one-time-password values based on HOTP (RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm), TOTP (RFC 6238: TOTP: Time-Based One-Time Password Algorithm) and OCRA (RFC 6287: OCRA: OATH Challenge-Response Algorithm) standards, and also supports client side of OAuth protocols (1.0a, 2.0).
-
23
Social engineering tool oriented to facebook. 2,782 Downloads in total.
-
24
venom - shellcode generator
msfvenom shellcode generator/compiler/listenner
The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) "the python funtion will execute the shellcode in ram" and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session). -- 'shellcode generator' tool... -
25
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ...
