Search Results for "top" - Page 2
Sort By:
Showing 71 open source projects for "top"
View related business solutions-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
1
BloodHound
Six Degrees of Domain Admin
BloodHound is a single-page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a C# data collector. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. -
2
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. ... -
3
sso
Single sign-on solution for securing internal services
sso — lovingly known as the S.S. Octopus or octoboi — is the authentication and authorization system BuzzFeed developed to provide a secure, single sign-on experience for access to the many internal web apps used by our employees. It depends on Google as its authoritative OAuth2 provider and authenticates users against a specific email domain. Further authorization based on Google Group membership can be required on a per-upstream basis. The main idea behind sso is a "double OAuth2" flow,... -
4
Insider
Static Application Security Testing (SAST) engine
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on agile and easy-to-implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET. Insider is focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. ... -
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
5
MaskPhish
Introducing "URL Making Technology" to the world
...Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal link because the top-level domain (like Google, YouTube, New York Times, etc) is considered clean. -
6
DevHub
Filter issues, activities and notifications
DevHub is a mobile and desktop app to help you manage GitHub Notifications and stay on top of repository activities. Save custom searches, apply filters and don't miss anything important. Create columns for the repositories and people that matters to you; receive desktop push notifications; manage notifications, issues, pull requests and activities; bookmark things for later. Choose between two modes, desktop or menubar; enable push notifications only for the columns you want. ... -
7
Phishing Catcher
Real-time phishing domain detection via Certificate Transparency logs
...Each certificate often contains one or more domain names, which the tool analyzes to determine whether they resemble suspicious or phishing-related domains. phishing_catcher applies a configurable scoring mechanism that assigns numeric values to certain keywords, patterns, or top-level domains found within certificate domain names. When a domain’s score exceeds predefined thresholds, it is flagged as potentially malicious and reported accordingly. It operates continuously, processing certificate updates as they arrive and displaying or logging domains that appear suspicious. This approach allows analysts, researchers, and security teams to identify phishing infrastructure early. -
8
CloudBrute
Awesome cloud enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. While working on HunterSuite, and as part of the job, we are always thinking of something we can automate to make black-box security testing easier. We discussed this idea of creating a multiple platform cloud brute-force hunter.mainly to find open buckets, apps, and databases hosted on the clouds and possibly app behind proxy servers. ... -
9
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
10
Cardano SL
Cryptographic currency implementing Ouroboros PoS protocol
Cryptographic currency implementing Ouroboros PoS protocol. The cardano-node is the top level for the node and aggregates the other components from other packages: consensus, ledger and networking, with configuration, CLI, logging and monitoring. The node no longer incorporates wallet or explorer functionality. The wallet backend and explorer backend are separate components that run in separate external processes that communicate with the node via local IPC. -
11
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. ... -
12
CryptoFlouze
This software display the last prices of the top 20 cryptocurencies
This software download and display the last prices of the top 20 cryptocurrencies on the market. All the data are updated at every run. The data is downloaded from : https://coinmarketcap.com/api/ For windows : Download this zip file, unzip everything in the same directory. The data are updated at every run. For other operating systems : Run it from the source. https://github.com/hamdyaea/CryptoFlouze Developer - Author Hamdy Abou El Anein -
13
tinfoleak
OSINT tool for extracting and analyzing Twitter intelligence data
tinfoleak is an open source intelligence (OSINT) and social media intelligence (SOCMINT) tool designed to automate the collection and analysis of data from Twitter. It focuses on helping analysts extract large volumes of information from Twitter timelines using identifiers such as usernames, geographic coordinates, or keywords. Once the data is gathered, tinfoleak organizes it into structured information that can support intelligence analysis and investigative research. tinfoleak is capable... -
14
SQUEEZER
Squeezer framework, build serverless dApps
Squeezer is a platform that empowers new-entry blockchain developers to build serverless dApps simply as dead. The main usage of the ChainKit is to unify top blockchains interfaces into a single normalized API interface, therefore you can build blockchain dApps easily without digging into blockchain complex infrastructure. Bi-directional on-chain transactions (inbound and outbound). Build dApps connecting to smart contracts using chain kit agnostic connector. Quick intuitive code deployments by using a special mechanism that will deploy smart contracts and dApp services where code changed. ... -
15
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
16
Stock Inventory Management
PHP Stock Inventory Management System - POS
A web-based application which will manage stock inventory so easily: Dashboard, Stock Management, Purchasing, Sales, Suppliers, Customers, Outstandings, and Payments. Nice look and feel interface. It supports to be displayed in mobile-device. This web application is actually generated by PHPMaker without touch any code in the generated script files. All the customization are done from inside of PHPMaker Project. Thus, all the changes are saved in the project side, so that you will be able... -
17
Bloody Profanity
Fingerprint-only auth screen for KDE/Plasma
...Files that can be overloaded include: .BloodyProfanity/conf/sarcasm.yaml # random fail messages, begin every line with '-' (see yaml docs for more) .BloodyProfanity/img/bg.png .BloodyProfanity/img/error.png Other settings can be changed by editing the globals near the top of locker.py. REQUIREMENTS: KDE, PyYAML, Subprocess32, wxPython, fprintd and of course Python. INSTALLATION # As root b=/usr/share/BloodyProfanity cp -rvp /path/to/bp $b g=/usr/lib/kde4/libexec/kscreenlocker_greet cp -v $g $g.bak cp -vpf $b/locker.py $g # As user fprintd-enroll fprintd-verify # important mkdir -p ~/.BloodyProfanity/conf ~/.BloodyProfanity/img -
18
OWASP Security Shepherd
Web and mobile application security awareness/training platform
The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well. ... -
19
NCrypted
NCrypted - simple file encryption software with GPU support
NCrypted is a simple file encryption software. It is implemented on top of AES 128-bit algorithm. This software was designed to be as simple as possible, so you won't find any fancy, flashy gui elements or complicated advanced options. You can also use it directly from command line. NCrypted can automatically detect and take advantage of your NVidia graphics card to speed up the file processing. -
20
Gryptonite (formerly GPassword Manager)
Simple but Powerful, Cross-Platform Password Management Utility
...For advanced users, it includes a separate utility called Grypto-Transforms, which has a universal hash calculator with all the major hash functions, generic encrypt/decrypt functions and a base64/hex converter. Although the interface is simple and intuitive, the security is top-notch. It uses AES with CCM to secure and authenticate the data. -
21
SimpleEncryptionTool
This is a simple home use Encryption tool.
This is a Application written in QT on top op the QT Simple Encryption module "http://qt-project.org/wiki/Simple_encryption" it can Encrypt Text, and Data. -
22
NetCrypt
NetCrypt - file-transfer utility providing secure data transfer
NetCrypt is a small Open Source command line file-transfer utility providing authentication, confidentiality and integrity validation while still maintaining top-notch performance and transfer speed between machines. No public key distribution is required: NetCrypt is designed to use a symmetric passphrase with a strong key-derivation-function. NetCrypt seeks to fulfill all those requirements. In it's default configuration, it uses the AES-256-GCM cipher with a PBKDF2 key iteration count of 32000 rounds. ... -
23
bWAPP
an extremely buggy web app !
...bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. ... -
24
SES Super-Encypherment Scrambler
SES brings back the uncrackable onetime pad, with a digital twist.
SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid. SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to... -
25
Kippo-Graph
Full featured script to visualize statistics from a Kippo SSH honeypot
...It uses “Libchart” PHP chart drawing library by Jean-Marc Trémeaux, “QGoogleVisualizationAPI” PHP Wrapper for Google’s Visualization API by Thomas Schäfer and geoPlugin geolocation technology (geoplugin.com). Kippo-Graph currently shows 24 charts, including top 10 passwords, top 10 usernames, top 10 username/password combos, success ratio, connections per IP, connections per country, probes per day, probes per week, ssh clients, top 10 overall input, top 10 successful input, top 10 failed input and many more. There are also geolocation data extracted and displayed with Google visualization technology using a Google Map, a Intensity Map, etc. ...
