Search Results for "web security" - Page 12
Sort By:
Showing 1250 open source projects for "web security"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
1
TIDoS
Python web penetration testing framework with modular security tools
TIDoS-Framework is an open source web application penetration testing framework designed to assist security researchers and ethical hackers in identifying vulnerabilities in web systems. It provides a comprehensive environment for performing multiple phases of security assessment, including reconnaissance, scanning, enumeration, vulnerability analysis, and exploitation. -
2
passcore
A self-service password management tool for Active Directory
PassCore is a very simple 1-page web application written in C#, using ASP.NET Core, Material UI (React Components), and Microsoft Directory Services (Default provider). It allows users to change their Active Directory/LDAP password on their own, provided the user is not disabled. PassCore does not require any configuration, as it obtains the principal context from the current domain. I wrote this because a number of people have requested several features that the original version did not... -
3
NetProxy Content Filtering And Web cache
Small Content Filtering And Web Acceleration Appliance
NetProxy, aka Debian NetInstall is an ISO based on the Artica Appliance Software. It provides a Proxy + Web-Filtering It is optimized for small hardware in order to be installed on small VPS, virtual machines and microboxes. -
4
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
BlackWidow is a Python-based web application scanning tool designed to crawl target websites and collect open-source intelligence (OSINT) while identifying potential security vulnerabilities. It functions as a web spider that systematically explores a site to gather valuable information such as URLs, dynamic parameters, subdomains, email addresses, and phone numbers associated with the target domain. -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
Hackingtool
ALL IN ONE Hacking Tool For Hackers
HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering... -
6
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
7
FavFreak
Favicon hash–based reconnaissance tool for security research
...If a match is found, it displays the corresponding technology information in the output, helping researchers quickly identify potential targets or related infrastructure. This approach is particularly useful during reconnaissance phases of security assessments because many web services share identical favicon hashes. -
8
GenerateAndDownloadHash is a servlet that generate checksums in GNU-style. Has been tested on WildFly 10.1/Tomcat 9/Tomcat 8. See src/config.properties for configuration. Source code available on Github: Server side: https://github.com/davidesestiliwork/MyWebProject2 Client side: https://github.com/davidesestiliwork/MyWebProjectClient Token generator: https://github.com/davidesestiliwork/TokenGenerator Note: This web app require GnuPG to work properly.
-
9
motionEyeOS
A video surveillance OS for single-board computers
motionEyeOS is a Linux distribution that turns a single-board computer into a video surveillance system. The OS is based on BuildRoot and uses motion as a backend and motionEye for the frontend. Compatible with most USB cameras as well as with the Raspberry PI camera module. Motion detection with email notifications and working schedule. JPEG files for still images, AVI files for videos. Connects to your local network using ethernet or wifi. File storage on SD card, USB drive or network SMB... -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
10
Unified Sessions Manager
Pioneering Private and Public Cloud Management since 2008
The UnifiedSessionsManager supports the integrated management of user sessions within Private-Clouds, comprising heterogeneous IT landscapes of various physical and virtual machines, hypervisor management, and virtual user sessions with remote desktops. Extracted documents see https://sourceforge.net/projects/ctys-doc. -
11
Nothing Private
A proof of concept that any website can identify and track you
This project is a proof of concept that any website can identify and track you, even if you are using private browsing or incognito mode in your web browser. Many people think that they can hide their identity if they are using private browsing or incognito mode. This project will prove that they are wrong. -
12
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). -
13
cintruder
CIntruder - OCR Bruteforcing Toolkit
Captcha Intruder is an automatic pentesting tool to bypass captchas. -> CIntruder-v0.4 (.zip) -> md5 = 6326ab514e329e4ccd5e1533d5d53967 -> CIntruder-v0.4 (.tar.gz) ->md5 = 2256fccac505064f3b84ee2c43921a68 -------------------------------------------- -
14
Java Sec Code
Java web common vulnerabilities and security code
Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulnerability type code has a security vulnerability by default unless there is no vulnerability. The relevant fix code is in the comments or code. Specifically, you can view each vulnerability code and comments. Due to the server expiration, the online demo site had to go offline. The application will use mybatis auto-injection. Please run... -
15
retrap
Open-Source intelligence tracking and analysis tool.
(OSINT) Open-Source intelligence tracking and analysis tool. - Disclaimer: This tool is experimental in its Alpha phase. It's developed and published as a small building block of a master's thesis research. So use it for educational purposes only and at your own discretion, the author cannot be held responsible for any damages caused. -
16
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
17
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new... -
18
ASProxy
Project moved to https://github.com/salarcode/ASProxy
This project is moved to https://github.com/salarcode/ASProxy ASProxy is a free and open-source service which allows the user to surf the net anonymously. It hides your identity and allows you to pass any filtering system. ASProxy supports most current web technologies such as AJAX, HTTPS, JavaScript, FTP and so on -
19
Wayne
Kubernetes multi-cluster management and publishing platform
Wayne is a universal, web-based Kubernetes multi-cluster management platform. It reduces service access costs by visualizing Kubernetes object template editing. With a complete permission management system and adapting to multi-tenant scenarios, it is a publishing platform suitable for enterprise-level clusters. Wayne has been serving 360 search on a large scale, carrying most of the online services, stably managing nearly a thousand applications, and tens of thousands of containers, running... -
20
Snare Lite (SIEM & Logging Software)
Snare Enterprise: bit.ly/Snare-Trial
ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM... -
21
WhatWaf?
Detect and bypass web application firewalls and protection systems
WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target. -
22
uBlock
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox, and Safari. Available on the Chrome Web Store or for manual installation. Available to install from the homepage. Available for install from the homepage or from the App Store. Available on the Firefox Add-ons site, or for manual installation. Opera shares Chrome's underlying engine, so you can install uBlock simply by grabbing the latest release for Chrome.To benefit from uBlock's higher efficiency, it's advised that you... -
23
mod_csrf
Apache module to prevent cross-site request forgery.
mod_csrf is a module for the Apache Web server. It prevents cross-site request forgery attacks to vulnerable HTML forms. -
24
WebSploit Framework
WebSploit is a high level MITM Framework
WebSploit Advanced MITM Framework [+]Autopwn - Used From Metasploit For Scan and Exploit Target Service [+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin [+]format infector - inject reverse & bind payload into file format [+]phpmyadmin Scanner [+]CloudFlare resolver [+]LFI Bypasser [+]Apache Users Scanner [+]Dir Bruter [+]admin finder [+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks [+]MITM - Man In The Middle Attack [+]Java Applet Attack [+]MFOD... -
25
Fav-up
Look up IP addresses using favicon hashes via Shodan
fav-up is an open source reconnaissance utility designed to identify servers and websites by analyzing favicon hashes and querying the Shodan search engine. It calculates the hash of a favicon image and then uses that value to search Shodan for other hosts that use the same icon. This technique is commonly used in security research and OSINT investigations to discover related infrastructure or services that may belong to the same organization. fav-up can retrieve favicon data from several sources, including local files, direct favicon URLs, or full web pages where the favicon is automatically extracted. fav-up then computes the favicon hash and performs Shodan queries to locate IP addresses that match the same hash. ...
