Search Results for "web-based" - Page 5
Sort By:
Showing 2119 open source projects for "web-based"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
1
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. ... -
2
Payloads All The Things
A list of useful payloads and bypass for Web Application Security
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares. -
3
pompelmi
Minimal Node.js wrapper around ClamAV
Pompelmi is an open-source application designed to provide a simple and efficient interface for interacting with large language models, focusing on usability and accessibility. It offers a streamlined chat-based experience where users can communicate with AI models for various tasks such as writing, analysis, and general assistance. The application emphasizes a clean and minimal interface, reducing complexity while maintaining essential functionality. It is designed to support local or remote model backends, allowing users to choose between privacy-focused local execution or cloud-based services. ... -
4
FingerprintJS
Browser fingerprinting library
FingerprintJS is a source-available, client-side, browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them. Unlike cookies and local storage, a fingerprint stays the same in incognito/private mode and even when browser data is purged. Since FingerprintJS processes and generates the fingerprints from within the browser itself, the accuracy is limited (40% - 60%). For example, when 2 different users send requests using identical (i.e.... -
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
5
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the toolbar icon may be hidden by default. If so, first click the puzzle piece icon. To see and edit blocked sites, open the options page. ... -
6
K9s
Kubernetes CLI To Manage Your Clusters In Style!
K9s is a terminal based UI to interact with your Kubernetes clusters. The aim of this project is to make it easier to navigate, observe and manage your deployed applications in the wild. K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources. Provides standard cluster management commands such as logs, scaling, port-forwards, restarts. -
7
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
8
Django OAuth Toolkit
OAuth2 goodies for the Djangonauts!
...OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords. Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Built by experienced developers, it takes care of much of the hassle of Web development, so you can focus on writing your app without needing to reinvent the wheel. Your Django app exposes a web API you want to protect with OAuth2 authentication. You need to implement an OAuth2 authorization server to provide tokens management for your infrastructure. -
9
Tetragon
eBPF-based Security Observability and Runtime Enforcement
Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF, allowing for reduced observation overhead, tracking of any process, and real-time enforcement of policies. Observe the complete lifecycle of every process on your machine with Kubernetes context awareness. Translate high-level policies for file monitoring, network observability, container security, and more into low-overhead eBPF programs.... -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
ClusterFuzz
Scalable fuzzing infrastructure
...Supports multiple coverage guided fuzzing engines (libFuzzer, AFL, AFL++ and Honggfuzz) for optimal results (with ensemble fuzzing and fuzzing strategies). Statistics for analyzing fuzzer performance, and crash rates. Easy to use web interface for management and viewing crashes. Support for various authentication providers using Firebase. -
11
Inventory
Asset inventory dataset for public bug bounty program targets
...The repository tracks and organizes security-relevant assets for more than 800 companies participating in public vulnerability disclosure and bug bounty initiatives. It collects information such as DNS records and web server data, helping security researchers better understand the attack surface of these programs. It aims to streamline reconnaissance for bug bounty hunters by providing ready-to-use asset information so researchers can quickly begin testing new targets. It also helps security teams gain clearer visibility into their exposed infrastructure and publicly reachable systems. ... -
12
XRAY
XRay for recon, mapping and OSINT gathering from public networks
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services for vulnerabilities. It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. ... -
13
Kanidm
Kanidm: A simple, secure, and fast identity management platform
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm. The goal of this project is to be a complete identity provider, covering the broadest possible set of requirements and integrations. You should not need any other components (like Keycloak) when you use Kanidm - we already have everything you need. To achieve this we rely heavily on strict defaults, simple... -
14
Apiato
PHP Framework for building scalable API's on top of Laravel
...API Throttling (rate-limiting to control the rate of traffic received and protect your server). Support Data Caching (with auto clearing on Create, Update, and Delete). API versioning in the URL or Header (versioning based on the route file name). -
15
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is... -
16
File system notifications for Go
Cross-platform file system notifications for Go
fsnotify utilizes golang.org/x/sys rather than syscall from the standard library. Ensure you have the latest version installed. fsnotify is a fork of howeyc/fsnotify with a new API as of v1.0. The API is based on this design document. All releases are tagged based on Semantic Versioning. Further API changes are planned, and will be tagged with a new major revision number. Go 1.6 supports dependencies located in the vendor/ folder. Unless you are creating a library, it is recommended that you copy fsnotify into vendor/github.com/fsnotify/fsnotify within your project, and likewise for golang.org/x/sys. fsnotify requires support from underlying OS to work. ... -
17
Raccoon
High-performance reconnaissance and vulnerability scanning tool
Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security assessments. It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. ... -
18
Permify
Permify is an open-source authorization service
Permify is an open source authorization service for creating fine-grained and scalable authorization systems. With Permify, you can easily structure your authorization model, store authorization data in your preferred database, and interact with the Permify API to handle all authorization queries from your applications or services. Permify is inspired by Google’s consistent, global authorization system, Google Zanzibar. Our goal is to make Google's Zanzibar available to everyone and help... -
19
OWASP Maryam
Modular OSINT framework for automated open-source intelligence gatheri
Maryam is an open source intelligence (OSINT) framework designed to automate the process of gathering and analyzing publicly available information from the internet. It provides a modular environment that enables users to collect data from search engines, open data sources, and various online services for reconnaissance and investigative purposes. Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open... -
20
Personal Management System
Your web application for managing personal data
It's easier to understand this web application when you think about a CMS (WordPress) or CRM (SugarCRM); the logic behind this system is very similar to those two. My PMS may offer fewer possibilities than those systems above, but it just does what I want it to do. Additionally, writing extensions is not too hard, depending on the logic required. Anyone with development knowledge can pretty much write their own extensions for personal needs. -
21
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
...Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. -
22
Privacy Badger
Privacy Badger automatically learns to block invisible trackers
Privacy Badger is a browser extension that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it’s like you suddenly disappeared. Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn’t tracking. -
23
jarrid-keyper
Keyper by Jarrid is a suite of crypto key management APIs
Keyper by Jarrid is a suite of crypto key management APIs to simplify key creation, management, deployment, and encryption/decryption in a standardized and secure way. Operations are file-based and can be easily automated, tracked, audited, and managed via file-based processes such as GitOps. Fully integrated with cloud KMS services such as AWS KMS or GCP KMS, leverage managed crypto key generation and reduce infrastructure maintenance burden. -
24
Devise
Flexible authentication solution for Rails with Warden
Devise is a flexible authentication solution for Rails that is based on Warden, a general Rack authentication framework. It is a complete MVC solution based on Rails engines that lets you have several models signed in at the same time. It consists of 10 modules: 1. Authenticatable Module, responsible for password hashing and validating user authenticity when signing in 2. Omniauthable adds OmniAuth support 3. -
25
SecretScanner
Find secrets and passwords in container images and file systems
...Secrets are any kind of sensitive or private data that gives authorized users permission to access critical IT infrastructure (such as accounts, devices, networks, cloud based services), applications, storage, databases, and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers. ...
