Search Results for "open core"

Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets.

Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points.

BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying the core engine. ...

Awesome Privacy is a curated directory of privacy-respecting alternatives to mainstream apps and services, organized across many categories like browsers, search, email, messaging, cloud storage, and operating systems. It aims to help you choose tools that reduce tracking, fingerprinting, and data collection without sacrificing usability. Each entry highlights the project’s core properties—such as open source status, end-to-end encryption, and platform availability—so you can evaluate trade-offs quickly. Because product landscapes change fast, the list emphasizes ongoing maintenance and community discussion around quality and trust. It’s useful for privacy newcomers planning a gradual migration as well as experts building a hardened toolchain. ...

The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful, and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and...

A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:...

Alan Framework is a post-exploitation framework useful during red-team activities. You can run your preferred tool directly in-memory. JavaScript script execution (in-memory without third party dependency) Fully compliant SOCKS5 proxy. Supported agent types: Powershell (x86/x64), DLL (x86/x64), Executable (x86/x64), Shellcode (x86/x64). Server.exe can be executed in Linux (via dotnet core) The network communication is fully encrypted with a session key not recoverable from the agent binary...

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead.

Bias is a cross-platform versatile information management application / Organizer

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/

Web Application Gateway (WAG) provides core functionality, such as user definition, authentication and administration, for web applications developed as modules and utilizing the API exposed by WAG. Core technologies are PHP, MySQL and JavaScript.

BlowfishVHDL - free fully synthesizable Blowfish encryption algorithm hardware implementation.

The Intrusion Detection Exchange Protocol (IDXP) is an application-layer protocol for exchanging data between intrusion detection entities. IDXP-Java is a Java-based implementation based upon the Java BEEP Core implementation of RFC 3080 / RFC 3081.