Search Results for "web application firewall" - Page 2

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation).

Java code for signing and handling requests for Croatian fiscal service. Includes unsigned and signed xml samples. For completeness of project my personal testing key is included. Units tests with sample data are available for the ease of use. Whole Eclipse project is committed to source forge Git. Commercial support for implementation into different java application is available upon request. Enjoy

cravlAndBlock is simple java application that cravl error log file of Your web server and add all attacker IPs. I.E. All Modsecure entries, scans and so on. Every bad IP will be added to hosts.deny file with ALL prefix. For sure it will not block all atacks but it will help. How it works: use cron to start java cravlAndBlock.jar in the same folder add properties.xml (I addes sample properties.xml file).

For full details of this application, please visit https://bitbucket.org/rdonasco/rdonasco-lib/wiki/Home The source codes for this project can be downloaded by cloning its repository which uses mercurial. ** Use the following clone command: ** hg clone https://bitbucket.org/rdonasco/rdonasco-lib

The Open Web Application Security Project (OWASP) software and documentation repository.

This library contains utility classes such as a converter from plain text to HTML (for safe inclusion of user-supplied text into web pages, avoiding XSS attacks, etc.), converters from binary to hex representation, and similar functions

AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters. This tool compares the source and the destination files, then copies the "defaced" files if any change occurs. The comparison occurs by default every 60 seconds, but can be defined differently. ...

NSIA (Network System Integrity Analysis) is a web application monitoring system that scans web applications for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, compliance issues, etc

The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

The Password tools bundle is one application combining three tools - the Analyser (shows the "strength" of your password, the Generator (generates "strong" passwords) and the Manager (stores passwords securely using Rijndael).

This application is used to monitor your home via email / FTP using USB camera and microphone , there is a lot of configurations to customize it upon needs. A motion detection is also supported. More info, in my blog http://osama-oransa.blogspot.com/

We can briefly define HDIV as a Java Web Application Security Framework. HDIV extends web application frameworks behaviour (Struts 1.x, Struts 2.x, Spring MVC) in order to avoid most common web application security vulnerabilities

JWAIM is a security framework for Java Web Applications. It provides modules and interfaces to add monitoring, firewall and IPS capabilities in the application server.

Server/client suite which provides per-user access control/firewall/QOS. Robust and high speed implementation is secure against MAC/IP spoofing, and can scale to large networks with many clients. Options for additional monitoring and captive portal.

CincoSecurity module offers big flexibility to protect EJB3 methods, and JSF page elements.It associates a role to each EJB method (fine role) defining a security profile as a set of roles; its use cases manage security profiles and users.Java EE 5 Seam

A multi-user password management web application designed for organizations to store passwords. Written in Grails, Groovy and Java.

Sleutel is the Dutch word for key. Sleutel is a multi-platform password manager that is written using the Eclipse Rich Client Platform (RCP). Its goal is to manage password/id pairs for accessing web sites and providing an example RCP application.

Servlet container extensions that help web developers write full featured Java web applications.

A Java Hijacking tool for web application session security assessment. A simple Java Fuzzer that can mainly be used for numeric session hijacking and parameter enumeration. Demonstration video is also available.

FOAFRealm (also called D-FOAF in version 2.0) is a distributed user profile management system based on FOAF. FOAFRealm is a set of tools that enables to manipulate FOAF (Friend-of-a-Friend) information within J2EE application and provides Realm implement

A lightweight, compact, stand-alone, platform-independent application to forward TCP (over IPv4 or IPv6) connections to another host. Possible uses include - but not limited to - firewall hacking, tunneling, proxying, fortifying ADSL, creating multi-plat

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

AntiSQLFilter is a J2EE Web Application Filter that protects web components from SQL Injection hacker attacks

PTestUnt is a unit based framework for testing web application vulnerabiltites. Requires ANT, JUnit and HttpUnit.