Search Results for "web application"
Sort By:
Showing 67 open source projects for "web application"
View related business solutions-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
ZAP
The OWASP ZAP core project
...ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application. -
2
File Encoder Application
Java application for encryption
...You will find more about it at this web site: https://www.frojasg1.com:8443/downloads_web/web/html/encriptadorDeArchivos.html?origin=sourceforge -
3
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
4
Central Authentication Service (CAS)
Identity & Single Sign On for all earthlings and beyond
...Monitor and track application and system behavior, statistics and metrics in real-time. Manage and review audits and logs centrally, and publish data to a variety of downstream systems. Manage and register client applications and services with specific authentication policies. Cross-platform client support (Java, .NET, PHP, Perl, Apache, etc). -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
Textcryption
Tiny application which allows encrypting basic text.
Application which allows encrypting text. It is encrypted using own libraries. I think it is a very strong way to encrypt, specially if the text has more than 1 KB. The application reads encrypted bytes from disk, and writes encyrpted bytes to disk, so it never is saved in the hard disk decrypted. JDK-17 compatibility. You will find more about it at this web site: https://www.frojasg1.com:8443/downloads_web/web/html/encriptadorDeTexto.html? -
6
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, PGP, OOXML and MRTD (ePassport DS).
-
7
SCADA-LTS
A comprehensive Supervisory Control, Data Acquisition, and Execution
SCADA-LTS is an advanced FOSS, web-based, multi-platform environment designed to build your own Supervisory Control, Data Acquisition, and Execution ecosystem. Its architecture provides a robust foundation for complex industrial automation and monitoring. Optimized for Smart Infrastructure, it is highly capable of managing industrial PV/BESS, Smart buildings, municipal Water networks or Wastewater treatment, ANPR telemetry, City-wide lighting, and other diverse data administration... -
8
PCSecrets Sync
Synchronize secrets between PCSecrets and Secrets for Android
...Secrets for Android is available on Google Play. PCSecrets is available on SourceForge. Click on the web site link below for full documentation. -
9
StrongKey PKI2FIDO
Web application to register FIDO keys from TLS ClientAuth sessions
StrongKey PKI2FIDO is a web application written in Angular and Java using REST web service calls for client-server communication. The application enables users that have X.509 digital certificates (optionally, on smart cards—such as the PIV card or CAC) to strongly authenticate to PKI2FIDO using TLS ClientAuth and then register a FIDO Security key with a FIDO Server (such as StrongKey FIDO Server at https://sourceforge.net/projects/strongkeyfido/). ... -
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
10
Java Sec Code
Java web common vulnerabilities and security code
Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulnerability type code has a security vulnerability by default unless there is no vulnerability. The relevant fix code is in the comments or code. Specifically, you can view each vulnerability code and comments. Due to the server expiration, the online demo site had to go offline. The application will use mybatis auto-injection. Please run... -
11
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). -
12
Firing Range
Firing Range is a test bed for web application security scanners
Firing Range is an intentionally vulnerable web application designed to evaluate the real-world effectiveness of web security scanners and training exercises. Deployed as a cloud-friendly app, it aggregates dozens of vulnerability patterns in repeatable, labeled routes so tools can be benchmarked on coverage and noise. The project doesn’t just include simple XSS forms; it spans variants such as DOM-based issues, context-sensitive sinks, template mishandling, CSRF, open redirects, and mixed content problems. ... -
13
The Grid Programming Environment (GPE) turns a collection of computer systems into a Grid and provides graphical user interfaces and interoperable GridBeans for application development. It supports Globus Toolkit and Unicore-based infrastructures.
-
14
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
StrongKey CryptoEngine (SKCE) 2.0 is a "crypto Swiss Army knife" server to perform cryptographic functions through web services, while freeing application developers to focus on business functionality. Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services (AWS S3, Azure and Eucalyptus Walrus) - A signing engine to digitally sign documents, code, etc. with FIPS 140-2 HSM support - An LDAP Engine for AD/LDAP integration for authorization decisions SKCE is battle-tested and in production at one of the largest e-commerce companies in the world, protecting more than 50M documents within the business process; see http://bit.ly/14VPYlO for the case study. ... -
15
StrongKey CryptoCabinet
FIDO-enabled, cloud file encryption with centralized key management.
StrongKey CryptoCabinet (SKCC) 2.0 is a FIDO-enabled (fidoalliance.org) web application built using Regulatory Compliant Cloud Computing (RC3) architecture (http://bit.ly/rc3infoq). It encrypts files/objects of any type or size, and stores the ciphertext either to public/private clouds—AWS, Azure, Eucalyptus—or local/network drives, while keeping cryptographic keys safe and secure OUTSIDE the cloud. -
16
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static... -
17
OWASP Security Shepherd
Web and mobile application security awareness/training platform
The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security... -
18
OWASP Zed Attack Proxy
Find web application vulnerabilities the easy way!
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP -
19
CrococryptQuerl
CrococryptQuerl is a web-based file encryption & transfer tool
CrococryptQuerl =============== CrococryptQuerl (CQuerl) is a web-based open-source file encryption and file exchange tool. If you trust the application service provider which is running CrococryptQuerl, it can be seen as an "anonymous & encrypted safe deposit box for computer files". ---INTRO--- The encryption is done on-the-fly using the user's password. Of course, this requires a trusted TLS/SSL connection to the server running CQuerl. -
20
Password Manager - Manage your passwords and private information in one secure application for web sites, computers, programs. Search, add, edit, delete, print, etc. Java app, runs everywhere. Uses SunJCE crypto.
-
21
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
22
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers -
23
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
-
24
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
25
Revenssis Ethical Hacking Suite
Fully featured network, wireless and web app pentesting suite.
Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation).
