Search Results for "open source php web application"
Sort By:
Showing 79 open source projects for "open source php web application"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Free and Open Source HR SoftwareGive your HR team the tools they need to streamline administrative tasks, support employees, and make informed decisions with the OrangeHRM free and open source HR software.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web... -
2
Central Authentication Service (CAS)
Identity & Single Sign On for all earthlings and beyond
Welcome to the home of the Apereo Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution and identity provider for the web and attempts to be a comprehensive platform for your authentication and authorization needs. CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features. ... -
3
StrongKey FIDO Server (SKFS)
FIDO® Certified StrongKey FIDO Server (SKFS)
An open source implementation of the FIDO2 protocol to support passwordless strong authentication using public-key cryptography. Supports registration, authentication (all platforms), and transaction authorization (for native Android apps). -
4
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, PGP, OOXML and MRTD (ePassport DS).
-
Comprehensive Software Built for the Business of Senior LivingDeliver a measurable ROI on workflow process improvements, revenue optimization, marketing and business development, and improved clinical outcomes. Seamlessly connect your entire community, empower your staff to work more efficiently, and generate a holistic view of your community’s financial performance to get the proactive insights you need to streamline your operations and optimize revenue. By centralizing all of your clinical and business operations onto one platform, you’ll give yourself the simplified solutions, economies of scale and enhanced security you need to become a world-class care provider. Gain better insight into your performance against your financial and occupancy goals, improve the safety and satisfaction of your residents and staff, and finally get ahead of the flood of issues you face every day.
-
5
Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org
-
6
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible... -
7
Java Sec Code
Java web common vulnerabilities and security code
Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulnerability type code has a security vulnerability by default unless there is no vulnerability. The relevant fix code is in the comments or code. Specifically, you can view each vulnerability code and comments. Due to the server expiration, the online demo site had to go offline. The application will use mybatis auto-injection. Please run... -
8
Firing Range
Firing Range is a test bed for web application security scanners
Firing Range is an intentionally vulnerable web application designed to evaluate the real-world effectiveness of web security scanners and training exercises. Deployed as a cloud-friendly app, it aggregates dozens of vulnerability patterns in repeatable, labeled routes so tools can be benchmarked on coverage and noise. The project doesn’t just include simple XSS forms; it spans variants such as DOM-based issues, context-sensitive sinks, template mishandling, CSRF, open redirects, and mixed... -
9
The Grid Programming Environment (GPE) turns a collection of computer systems into a Grid and provides graphical user interfaces and interoperable GridBeans for application development. It supports Globus Toolkit and Unicore-based infrastructures.
-
Modernize identity security with MFA, SSO, and self-service password resetADSelfService Plus is an on-premises access management solution that caters to businesses across various industries, such as IT, banking, engineering, education, aviation, and telecommunications.
-
10
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
StrongKey CryptoEngine (SKCE) 2.0 is a "crypto Swiss Army knife" server to perform cryptographic functions through web services, while freeing application developers to focus on business functionality. Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services... -
11
StrongKey CryptoCabinet
FIDO-enabled, cloud file encryption with centralized key management.
StrongKey CryptoCabinet (SKCC) 2.0 is a FIDO-enabled (fidoalliance.org) web application built using Regulatory Compliant Cloud Computing (RC3) architecture (http://bit.ly/rc3infoq). It encrypts files/objects of any type or size, and stores the ciphertext either to public/private clouds—AWS, Azure, Eucalyptus—or local/network drives, while keeping cryptographic keys safe and secure OUTSIDE the cloud. CryptoCabinet leverages the StrongKey CryptoEngine (SKCE)—another FOSS on this site—to... -
12
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static... -
13
OWASP Zed Attack Proxy
Find web application vulnerabilities the easy way!
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP -
14
CrococryptQuerl
CrococryptQuerl is a web-based file encryption & transfer tool
CrococryptQuerl =============== CrococryptQuerl (CQuerl) is a web-based open-source file encryption and file exchange tool. If you trust the application service provider which is running CrococryptQuerl, it can be seen as an "anonymous & encrypted safe deposit box for computer files". ---INTRO--- The encryption is done on-the-fly using the user's password. Of course, this requires a trusted TLS/SSL connection to the server running CQuerl. ... -
15
Password Manager - Manage your passwords and private information in one secure application for web sites, computers, programs. Search, add, edit, delete, print, etc. Java app, runs everywhere. Uses SunJCE crypto.
-
16
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers -
17
“Scramble your social network data!” - With Scramble you can selective enforce you access control preferences for your content on social networks like Facebook or Twitter ...
-
18
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
-
19
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS... -
20
cravlAndBlock
linux tool to improve server security
cravlAndBlock is simple java application that cravl error log file of Your web server and add all attacker IPs. I.E. All Modsecure entries, scans and so on. Every bad IP will be added to hosts.deny file with ALL prefix. For sure it will not block all atacks but it will help. How it works: use cron to start java cravlAndBlock.jar in the same folder add properties.xml (I addes sample properties.xml file). And thats all. Program will start from cron, read properties file and make... -
21
-
22
RDonasco Security
A security application that can be used as a shared service
For full details of this application, please visit https://bitbucket.org/rdonasco/rdonasco-lib/wiki/Home The source codes for this project can be downloaded by cloning its repository which uses mercurial. ** Use the following clone command: ** hg clone https://bitbucket.org/rdonasco/rdonasco-lib -
23
javawebutils
web application utilities
This library contains utility classes such as a converter from plain text to HTML (for safe inclusion of user-supplied text into web pages, avoiding XSS attacks, etc.), converters from binary to hex representation, and similar functions -
24
AntiDef
Anti defacement command line tool
AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters. This tool compares the source and the destination files, then copies the "defaced" files if... -
25
NSIA (Network System Integrity Analysis) is a web application monitoring system that scans web applications for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, compliance issues, etc
