Search Results for "web sql"

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ...

Hypersocket FTS is cross-platform File Transfer Server that provides web-based and FTP/S access to different file systems (Local, FTP, Windows). You can install the server on any operating system supporting a Java runtime and we provide easy-to-use installers for Linux, Windows and MacOSX. The server comes with built in support for executing tasks based on custom trigger rules and also on a automated schedule. With its powerful role-based access control you have very granular control...

The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security...

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation).

For full details of this application, please visit https://bitbucket.org/rdonasco/rdonasco-lib/wiki/Home The source codes for this project can be downloaded by cloning its repository which uses mercurial. ** Use the following clone command: ** hg clone https://bitbucket.org/rdonasco/rdonasco-lib

jGuard is written in java. his goal is to provide a security framework based on jaas (java authentication and authorization security) . this framework is written for web and standalone applications, to resolve simply, access control problems.

DAD is a Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time. DAD requires no agents on the servers or workstations. Correlation and analysis is driven through a web front end.

Server/client suite which provides per-user access control/firewall/QOS. Robust and high speed implementation is secure against MAC/IP spoofing, and can scale to large networks with many clients. Options for additional monitoring and captive portal.

AccesStream is a Java-based, embeddable identity and access management (IAM), security and access reporting platform. AccesStream includes Single Sign-On using SAML 2.0 and provides profile storage with LDAP v3 access for integration with Linux PAM

The purpose of eAudit is to provide a comprehensive reporting capability relating to Electronic Auditing for various industries.

Servlet container extensions that help web developers write full featured Java web applications.

scratchpad promject

WEB-interface for Public key Infrastructure.

SQLPrevent, implemented in J2EE, is an effective and efficient tool for detecting and preventing known as well as unseen SQL injection attacks without efforts from web developers.

AntiSQLFilter is a J2EE Web Application Filter that protects web components from SQL Injection hacker attacks

The High Interaction Honeypot Analysis Toolkit (HIHAT) allows to transform arbitrary PHP applications into a web-based Honeypot. A semi-automatic user interface supports the analysis process, scans for attacks etc.

AmavisAdmin is a tool to maintain SPAMs, Viruses and blocked mails written to an SQL database by Amavisd-new. Mails can be removed automatically or manually, or they can be released to be send to the recipients.

Open Identity Management (OIDM)

A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

KayRa is a Web Application Security Auditing Tool designed to test the security of websites by analyzing web pages. Some of the tests include: SQL Injection, XSS, Form behaviour with bad data. All tests carried out will be based on the OWASP guide.

Set of tools and libs for managing structured data in a very flexible way: Imp./Exp. ASCII, XML, SQL, PS, Tex/LaTex, RTF GUI: X-Windows, MS-Windows Interface to C++, DBs, Perl, PHP, Java, TCP/IP LISP-like interpreter written in C++ using C-LIB