Search Results for "web application firewall"
Sort By:
Showing 75 open source projects for "web application firewall"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
1
ZAP
The OWASP ZAP core project
...ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application. -
2
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
3
File Encoder Application
Java application for encryption
...You will find more about it at this web site: https://www.frojasg1.com:8443/downloads_web/web/html/encriptadorDeArchivos.html?origin=sourceforge -
4
Central Authentication Service (CAS)
Identity & Single Sign On for all earthlings and beyond
...Monitor and track application and system behavior, statistics and metrics in real-time. Manage and review audits and logs centrally, and publish data to a variety of downstream systems. Manage and register client applications and services with specific authentication policies. Cross-platform client support (Java, .NET, PHP, Perl, Apache, etc). -
Stop vibe-debugging.AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
-
5
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, PGP, OOXML and MRTD (ePassport DS).
-
6
Textcryption
Tiny application which allows encrypting basic text.
Application which allows encrypting text. It is encrypted using own libraries. I think it is a very strong way to encrypt, specially if the text has more than 1 KB. The application reads encrypted bytes from disk, and writes encyrpted bytes to disk, so it never is saved in the hard disk decrypted. JDK-17 compatibility. You will find more about it at this web site: https://www.frojasg1.com:8443/downloads_web/web/html/encriptadorDeTexto.html? -
7
SCADA-LTS
A comprehensive Supervisory Control, Data Acquisition, and Execution
SCADA-LTS is an advanced FOSS, web-based, multi-platform environment designed to build your own Supervisory Control, Data Acquisition, and Management Execution Software - SCADA/MES. Its architecture provides a robust foundation for complex industrial automation and monitoring. Optimized for Smart Infrastructure, it is highly capable of managing industrial PV/BESS, Smart buildings, municipal Water networks or Wastewater treatment, ANPR telemetry, City-wide lighting, and other diverse data... -
8
PCSecrets Sync
Synchronize secrets between PCSecrets and Secrets for Android
...Secrets for Android is available on Google Play. PCSecrets is available on SourceForge. Click on the web site link below for full documentation. -
9
StrongKey PKI2FIDO
Web application to register FIDO keys from TLS ClientAuth sessions
StrongKey PKI2FIDO is a web application written in Angular and Java using REST web service calls for client-server communication. The application enables users that have X.509 digital certificates (optionally, on smart cards—such as the PIV card or CAC) to strongly authenticate to PKI2FIDO using TLS ClientAuth and then register a FIDO Security key with a FIDO Server (such as StrongKey FIDO Server at https://sourceforge.net/projects/strongkeyfido/). ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Java Sec Code
Java web common vulnerabilities and security code
Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulnerability type code has a security vulnerability by default unless there is no vulnerability. The relevant fix code is in the comments or code. Specifically, you can view each vulnerability code and comments. Due to the server expiration, the online demo site had to go offline. The application will use mybatis auto-injection. Please run... -
11
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). -
12
respite vpn - ssh & openvpn injector
Bypass your ISP's firewalls and connect to the internet!
Source: https://github.com/AlizerUncaged/HTTP-Injector respite is a SSH/openVPN client that allows you to connect to the internet with custom injected HTTP Proxy headers. This application requires Java (https://www.java.com/en/download/) and .Net 4.5 (https://www.microsoft.com/en-ph/download/details.aspx?id=42642 .Net 4.5 is already preinstalled in Windows 10). There are many SSH and OpenVPN Server providers in the internet, one is https://www.tcpvpn.com HTTP Proxy responses... -
13
Firing Range
Firing Range is a test bed for web application security scanners
Firing Range is an intentionally vulnerable web application designed to evaluate the real-world effectiveness of web security scanners and training exercises. Deployed as a cloud-friendly app, it aggregates dozens of vulnerability patterns in repeatable, labeled routes so tools can be benchmarked on coverage and noise. The project doesn’t just include simple XSS forms; it spans variants such as DOM-based issues, context-sensitive sinks, template mishandling, CSRF, open redirects, and mixed content problems. ... -
14
The Grid Programming Environment (GPE) turns a collection of computer systems into a Grid and provides graphical user interfaces and interoperable GridBeans for application development. It supports Globus Toolkit and Unicore-based infrastructures.
-
15
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
StrongKey CryptoEngine (SKCE) 2.0 is a "crypto Swiss Army knife" server to perform cryptographic functions through web services, while freeing application developers to focus on business functionality. Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services (AWS S3, Azure and Eucalyptus Walrus) - A signing engine to digitally sign documents, code, etc. with FIPS 140-2 HSM support - An LDAP Engine for AD/LDAP integration for authorization decisions SKCE is battle-tested and in production at one of the largest e-commerce companies in the world, protecting more than 50M documents within the business process; see http://bit.ly/14VPYlO for the case study. ... -
16
StrongKey CryptoCabinet
FIDO-enabled, cloud file encryption with centralized key management.
StrongKey CryptoCabinet (SKCC) 2.0 is a FIDO-enabled (fidoalliance.org) web application built using Regulatory Compliant Cloud Computing (RC3) architecture (http://bit.ly/rc3infoq). It encrypts files/objects of any type or size, and stores the ciphertext either to public/private clouds—AWS, Azure, Eucalyptus—or local/network drives, while keeping cryptographic keys safe and secure OUTSIDE the cloud. -
17
Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, bandwidth control, captive portal, VPN, firewall, and more. Visit http://untangle.com
-
18
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static... -
19
OWASP Security Shepherd
Web and mobile application security awareness/training platform
The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security... -
20
OWASP Zed Attack Proxy
Find web application vulnerabilities the easy way!
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP -
21
CrococryptQuerl
CrococryptQuerl is a web-based file encryption & transfer tool
CrococryptQuerl =============== CrococryptQuerl (CQuerl) is a web-based open-source file encryption and file exchange tool. If you trust the application service provider which is running CrococryptQuerl, it can be seen as an "anonymous & encrypted safe deposit box for computer files". ---INTRO--- The encryption is done on-the-fly using the user's password. Of course, this requires a trusted TLS/SSL connection to the server running CQuerl. -
22
Password Manager - Manage your passwords and private information in one secure application for web sites, computers, programs. Search, add, edit, delete, print, etc. Java app, runs everywhere. Uses SunJCE crypto.
-
23
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
24
Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.
-
25
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers
