Search Results for "issues"
Sort By:
26 projects for "issues" with 2 filters applied:
-
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Tailsnitch
A security auditor for Tailscale configurations
...Written in Go and designed to be run either as a CLI or integrated into automated pipelines, tailsnitch performs dozens of checks against common access control policies, authentication key practices, network exposure issues, and device security settings. It outputs structured reports on findings with severity levels and remediation guidance, and it can generate results in formats like JSON for downstream analysis and integration with CI/CD pipelines. Tailsnitch supports authentication via the Tailscale API (including OAuth or API keys) and provides options to filter findings, run only high-severity checks, and produce compliance artifacts like SOC 2 evidence exports. -
2
uAssets
Filter lists for uBlock Origin & uBlock Origin Lite
...The project emphasizes efficiency and minimal performance overhead, ensuring that blocking rules do not negatively impact browsing speed. It also includes mechanisms for reporting issues and refining filters based on user feedback. -
3
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans... -
4
...ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. SUPPORT/REPORTING BUGS: please use https://github.com/jpr5/ngrep/issues Thank you!
-
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
OpenAS2
AS2 1.1 server implementation in Java
...It is extremely configurable and supports a wide variety of signing and encryption algorithms. Supports very high traffic volume allowing parallel processing of files per partner. SUPPORT: Please use the Github issues and Discussions channels here: https://github.com/OpenAS2/OpenAs2App/ Requirements: - Java 11 or newer (tested with the LTS versions of Java up to 21) - Any OS that runs Java Planned enhancements in the next major release: - User interace configuration GUI - Certificate Exchange Management IMPORTANT: Java 8 is no longer supported. -
6
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
7
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
...It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. When running an exploit, it will practice the organization's cyber event management, which doesn't happen when scanning for cluster issues. It can help the organization learn how to operate when real attacks happen, see if its other detection system works as expected and what changes should be made. -
8
American Fuzzy Lop
American fuzzy lop - a security-oriented fuzzer
...Its workflow emphasizes quick start: point it at a target binary with compile-time instrumentation (or use QEMU-based mode when recompilation isn’t possible), seed it with a small corpus, and let it iterate. AFL is known for finding serious security issues in complex software due to its corpus minimization, queue management, and deterministic mutation stages that balance breadth and depth. It provides crash triage helpers and test case minimization so developers can reproduce and fix issues quickly. The design deliberately optimizes for robustness and speed on commodity hardware, which helped it become a standard part of many security testing pipelines. -
9
Firing Range
Firing Range is a test bed for web application security scanners
...Deployed as a cloud-friendly app, it aggregates dozens of vulnerability patterns in repeatable, labeled routes so tools can be benchmarked on coverage and noise. The project doesn’t just include simple XSS forms; it spans variants such as DOM-based issues, context-sensitive sinks, template mishandling, CSRF, open redirects, and mixed content problems. Each scenario is crafted to reflect how bugs appear in production—behind frameworks, in odd encodings, or across redirects—so scanners must demonstrate accurate crawling and context understanding. Because the behaviors are stable and documented, teams can run comparative tests over time and quantify regression or improvement in their pipelines. ... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
BitCrazy's Faucet-in-a-Box Mod
Mod of the original Faucet-in-a-Box faucet PHP script
.... ======================================== Minimum requirements: PHP 5.4.4+ (5.5 recommended) MySQL (5.6 recommended) ======================================== CHANGELOG { [F] - bugfixes, [+] - new features, [!] - known issues } Current release (version 7): [+]: CACert.pem updated to latest version. [+]: FaucetHub.php was replaced with native FaucetHub library! [+]: Faucet now has page "Currency rate", where you can see USD price of selected currency. [+]: Anti-Bot Links were updated to version 5.75 [F]: + various related fixes & small changes.... -
11
Lynis
System/security auditing tool for hardening and securing Linux/Unix
...It is used by security consultants, auditors and system administrators. This tool performs a security audit of the system and determines how well it is hardened. Any detected security issues will be provided in the form of a suggestion or warning at the end of the audit. Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. ... -
12
There are a lot of tools and plugins to fix security issues of the dignified mail system. The goal of this project is to redefine a system that takes the problems of our time into account. Be sure to visit this project on github: https://github.com/mv2project/mv2
-
13
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
14
SES Super-Encypherment Scrambler
SES brings back the uncrackable onetime pad, with a digital twist.
SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid. SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to... -
15
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers -
16
Fileprivacy
Fileprivacy easily encrypts your files
...#######BETA 2####### Bugfix - Beta 1 stopped working if filename was too short or long - added .exe file ####### NOTE ####### This is an early beta implying there are some issues left. The Keygenerator stops working if you change the algorithm after setting the keylength. It has to be restarted for further use. Because there are no start scripts, yet, you have to start Fileprivacy from console by typing: java -jar Fileprivacy-1.0_<version>.jar ####### ALSO NOTE ####### The author of this software is not responsible for the safety of your data. ... -
17
Eolos VoipAudit
Universal Framework to audit Voip protocols's security
Visual Framework Tool to scan/sniff address space, enumerate users, crack credentials, pattern based dial spoofing and security reporting for Voip protocols. This software is intended to give a general framework to build and plug Voip protocol analizers in order to fix security issues and enhance VoiP platforms confidence. It IS NOT intended to be a cracking tool for malicious system breakers, but a really software MUST for security people to assure Voip platform security. -
18
renamed to Whonix
renamed to Whonix
Due to trademark issues, TorBOX had to be renamed. Whonix is the new project name. Please go to https://www.whonix.org/ -
19
WhitewallManager
Whitelist manager
WhitewallManager is a whitelist manager. It aims to be a web based administration tool for administrators using a default-deny approach to the security of the network they are responsible for. Default-deny is a superior model for network security as compared to default-allow, which is how the security model of most local area networks is modeled. Default-deny disallows all but access granted to resources which you specifically allow. The advantage to this is that any new resources which... -
20
NSIA (Network System Integrity Analysis) is a web application monitoring system that scans web applications for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, compliance issues, etc
-
21
WATER (Wanted ACID/BASE To Emit Results) is a project to address some of the latency issues observed with BASE. Overall goal is to provide BASE like data with sub-second or near sub-second results for most basic queries.
-
22
A simple keylogger written in python. It is primarily designed for backup purposes, but can be used as a stealth keylogger, too. It does not raise any trust issues, since it is a set of [relatively] short python scripts that you can easily examine.
-
23
** PRIMARY SITE NOW AT MAMBO-CODE.ORG ** Mambo Configuration Assistant (mamboCA) is designed to assist end-users to diagnose configuration issues with their Mambo CMS Sites.
-
24
Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language.
-
25
Security Advisor is a program designed to analyze and report security issues beyond application vulnerabilities. The program will analyze system and network configurations to recommend ways for improving security.
