Search Results for "web attacks" - Page 3

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/

...I have begun to make a simple web gui, that allows for selecting countries one would like to simply block from reaching one's server. The gui incorporates country flags as a means of selection. Eventually, this project seeks to be able to apply fine tailored restrictions, via port and protocols to firewall rules. With help, I intend to port this to Windows in the near future.

AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters.

About GameOver: Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work. GameOver has been broken down into two sections. Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. ...

Data exchange is a core part of all cloud systems so it becomes necessarily important to control access to data that are confidential and whose integrity influences the state of the system at any time.It can be proven that the administrator in a IaaS can easily perform some hidden and malicious task on unsuspecting customer machine. This is attributed to the fact that he/she possesses the root privilege to do so and forms an attack. A cold boot attack can easily be lauched amongst...

Abstract—The security challenge coming with the popularity of web-based applications is a serious matter. The privacy of the data sent back and for has become a crucial issue. As a matter of fact, in one of their most recent publications, Chen et al analyzed this problem and showed that, although the existence of powerful communication security systems such as HTTPS, WPA/WPA2 Wi-Fi encryption, several high-scaled Webapps are exposed to side-channel attacks using timing and a subset of the applications’ internal information flows. ...

distributedPHP client is a simple PHP script that can simultaneously activate/send data to as many web scripts as you want. You must open and configure the distributedPHP .php file prior to running it. ditributedPHP client supports activating scripts without data, sending the same data to all scripts, sending unique data to each script or sending user input to each script. Examples of use include: distributed math computation, encryption breaking, SETI@home/folding@home (well, if they made the projects in php..) distributed bruteforce attacks, ddos attacks, distributed processing, etc.. ...

this collection of most used resources that will help you in ethical hacking and penetration testing. Collection of hacking tools and materials and all major type of attacks and tutorials.

SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. ...

C Based Open Source Web application firewall (WAF) for detecting SQL and xss attacks Simply works on the Access logs of Apache once an attack is detected it Grabs the Attackers IP and shoves it in an IPTables rule to drop once and for all.

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be teste

Peruggia is designed as a safe, legal environment to learn about and try common attacks on web applications. Peruggia looks similar to an image gallery, but contains several controlled vulnerabilities to practice on.

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

Java based webapp that utilizes TCP Wrappers to grant an IP access to a ssh server. Brute force attacks can be avoided while still allowing password based ssh access from multiple, changing IP values.

mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.

SQLPrevent, implemented in J2EE, is an effective and efficient tool for detecting and preventing known as well as unseen SQL injection attacks without efforts from web developers.

SURFnet IDS, a Distributed Intrusion Detection System (D-IDS). The goal is to provide an early warning system which lets system administrators correlate known and unknown exploits to attacks directed towards their networks.

Acte is an sql injection tool that performs error based sql-injection on web applications which use microsoft sql-server. It includes various queries to extract info from "dead end" situations and it also includes DOS attacks and other features.

AntiSQLFilter is a J2EE Web Application Filter that protects web components from SQL Injection hacker attacks

The High Interaction Honeypot Analysis Toolkit (HIHAT) allows to transform arbitrary PHP applications into a web-based Honeypot. A semi-automatic user interface supports the analysis process, scans for attacks etc.

brutesshd is an application written in c/php in order to prevent bruteforce attacks through ssh. Brutesshd uses iptables/pfctl tools to block this type of attacks

using PHP (and some ShellScript) to protect your linux server against bruke force attacks(http://en.wikipedia.org/wiki/Brute_force_attack). also keep a log in MySQL and have email reporting

Java API for preventing XSS (Cross-site scripting) attacks

The Filters project team are building API's which will filter malicious input to applications that is used to launch various attacks. The filters will sanitize input rendering it harmless and detect specific attacks. This project will develop imple

WAFs goal is protect sites against hackers and virus attacks. Web App Firewall its PHP application that implement principle of reverse-proxy , build and control traffic map and comfortable management interface.