Search Results for "top"
Sort By:
26 projects for "top" with 2 filters applied:
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
1
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
...Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
3
GopenPGP V3
A high-level OpenPGP library
...This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when working directly with OpenPGP implementations. Built on top of a forked version of the Go crypto library, gopenpgp supports current OpenPGP RFC standards and includes examples for working with password-based encryption and PGP keys, as well as detached and inline signatures. Because it’s designed for broad use, the library also targets go-mobile compatibility, meaning it can support mobile app use cases alongside server and desktop tooling. -
4
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
...If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high-performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite. -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
5
Laravel Passport
Laravel Passport provides OAuth2 server support to Laravel
Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs to support OAuth2, then you should use Laravel Passport. However, if you are attempting to authenticate a single-page application, or mobile application, or issue API tokens, you should use Laravel Sanctum. ... -
6
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. ... -
7
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. ... -
8
Phishing Catcher
Real-time phishing domain detection via Certificate Transparency logs
...Each certificate often contains one or more domain names, which the tool analyzes to determine whether they resemble suspicious or phishing-related domains. phishing_catcher applies a configurable scoring mechanism that assigns numeric values to certain keywords, patterns, or top-level domains found within certificate domain names. When a domain’s score exceeds predefined thresholds, it is flagged as potentially malicious and reported accordingly. It operates continuously, processing certificate updates as they arrive and displaying or logging domains that appear suspicious. This approach allows analysts, researchers, and security teams to identify phishing infrastructure early. -
9
bWAPP
an extremely buggy web app !
...bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. ... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
SES Super-Encypherment Scrambler
SES brings back the uncrackable onetime pad, with a digital twist.
SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid. SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to... -
11
Kippo-Graph
Full featured script to visualize statistics from a Kippo SSH honeypot
...It uses “Libchart” PHP chart drawing library by Jean-Marc Trémeaux, “QGoogleVisualizationAPI” PHP Wrapper for Google’s Visualization API by Thomas Schäfer and geoPlugin geolocation technology (geoplugin.com). Kippo-Graph currently shows 24 charts, including top 10 passwords, top 10 usernames, top 10 username/password combos, success ratio, connections per IP, connections per country, probes per day, probes per week, ssh clients, top 10 overall input, top 10 successful input, top 10 failed input and many more. There are also geolocation data extracted and displayed with Google visualization technology using a Google Map, a Intensity Map, etc. ... -
12
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
13
web4thejob.org
Open source to productivity
...Joblets are meant to be released by members of the community under the terms of their preference. Joblets guarantee productivity through reusability. The framework is engineered in a multi-layered architecture on top on some of the most recognized open source projects of the global java community; consequently a steep learning curve and an open architecture for binding with other projects are ensured. -
14
steganoroute
Send steganographed text messages to mtr with fake hops in the network
Steganoroute is a tool to send steganographed text messages to another computer over the network. The receiver must make a traceroute to the sender using the mtr program (and pressing 'd' once to switch the display mode to the continuous graph). This tool, the sender, creates several fake hops and makes them answer the ICMP packets (or not) to write the letters one by one on the mtr client screen. -
15
Turbo Shredder
Turbo Shredder securely removes files.
Do you want to delete some top secret files? DON'T do that by only pressing DELETE, because the data would still be on your drive! Use Turbo Shredder and remove files by securely wiping them out. Requires JRE 7 to run properly. -
16
Utility for embedding hidden data into PNG files
-
17
USB based memory acquisition tool targeting "warm boot" machines with 4GB of RAM or less. The software requires the use of USB portable media and is built on top of the syslinux platform.
-
18
PHANTUM - Punch-Hole Access for NAT Traversal of UDP in a Module; Built on top of Samy Kamkar's 'chownat' script, PHANTUM allows for pure client-agnostic TCP services to be tunneled over UDP and hosted behind NAT infrastructures.
-
19
Orizon is a framework intended to provide tools and facilities to test java sources for security flaws. The main goal is to detect common threats as described in Owasp top 10 vulnerability document.
-
20
-
21
B-Trust eDoc is a program built on top of LibDigiDoc a free implementation of the OpenXAdES standard for signing/encrypting files using smartcard tokens. It also contains Openssl and PKCS11 wrapper classes in C++ which might be useful to developers.
-
22
GiANT is a graphical interface for computer algebra systems (OS X/UNIX/Win). Currently GiANT lets the user work with number fields via KASH, but we aim to develop it into a GUI Library to run on top of any CAS and expose any of its functions.
-
23
The SSHD Library (libsshd) project enables server programs to easily integrate full SSH1 / SSH2 protocol authentication and support natively, built on top of existing and proven OpenSSH technology.
-
24
AuthClassed is a class, written in PHP, to implement a simple authentification scheme for database-oriented webpages. Using AuthClassed is as simple as putting a single code line at the top of the webpage you would like to protect.
-
25
Remote Packet Filter Control Daemon allows remote control and monitoring of OpenBSD's packet filter. It communicates with clients using RPFC protocol running on top of SSL (Secure Socket Layer).
