Search Results for "web application firewall" - Page 8

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? ...

...Nmap - port scanner http://nmap.org/ Nessus - Vulnerability detector http://www.tenable.com/products/nessus Air-Crack - Wireless Cracker http://www.aircrack-ng.org/ Ettercap - port sniffer http://ettercap.github.com/ettercap/ Iptraf - Network Monitor http://iptraf.seul.org/ Medusa - Login brute-forcer http://www.foofus.net/~jmk/medusa/medusa.html Snort - Intrucion Detection http://www.snort.org/ W3af - Web Application Attack http://w3af.org/ NetCat - networking utility http://netcat.sourceforge.net/ THC-Hydra - network logon cracker http://thc.org/thc-hydra/ Wapiti - Web application vulnerability scanner http://wapiti.sourceforge.net/ Rapid7 - http://www.rapid7.com/

SmartRouter Project A GNU/Linux Router, Firewall and Proxy Server

Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/

...I have waned to package an rpm, and deb file that quickly allows most users to block ip addresses from ip blocks that have been geographically assigned. The solution exists via iptables and the geoIP database done via cmd-line. I have begun to make a simple web gui, that allows for selecting countries one would like to simply block from reaching one's server. The gui incorporates country flags as a means of selection. Eventually, this project seeks to be able to apply fine tailored restrictions, via port and protocols to firewall rules. With help, I intend to port this to Windows in the near future.

WhitewallManager is a whitelist manager. It aims to be a web based administration tool for administrators using a default-deny approach to the security of the network they are responsible for. Default-deny is a superior model for network security as compared to default-allow, which is how the security model of most local area networks is modeled. Default-deny disallows all but access granted to resources which you specifically allow. The advantage to this is that any new resources which...

AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters. This tool compares the source and the destination files, then copies the "defaced" files if any change occurs. The comparison occurs by default every 60 seconds, but can be defined differently. ...

SCMS is an MVC based secure content management system. It is designed from the ground up to withstand common Web application vulnerabilities. It is designed for PHP 5.0-5.2.x and MySQL 4.1+, and it can optionally support PostgreSQL as a database backend.

Solução de proxy com administração via Web. Sistema baseado no Squid e Dansguardian.

Php User Login System Extended Welcome to Pulse, a free and secure user management system written in PHP. It can be used easily: it contains a basic web interface (100% customizable), an handy installer...and the engine, of course. Pulse will make your life easier making you avoid wasting time on writing a login system for your application. The most frequently used features are already implemented into Pulse, so you can't help thinking about Machiavellian ways to realize your projects. ...

ADC is a tool that helps security administrators to maintain policy compliance of configurations and policies on numerous systems. ADC is similar to OpenAudit or OCS, however ADC is designed to collect arbitrary data (not limited to PC inventory), thus it helps information security experts control configurations and policies on remote servers.

SuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term “Su Stori”, which in Sardinian language means “The Falcon”. It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. ...

NSIA (Network System Integrity Analysis) is a web application monitoring system that scans web applications for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, compliance issues, etc

PHPki is an Open Source Web application for managing a multi-agency PKI for HIPAA compliance. With it, you may create and centrally manage X.509 certificates for use with S/MIME enabled e-mail clients, SSL servers, and VPN applications.

A firewall configuration project based on Linux 2.6.x and iptables. It has a web interface with an intuitive Webmin module, or you can edit a XML file. You can define the different firewall elements (zones, hosts, networks) and then set the services

XACML-Studio is an authorization policy editor implemented as a web application that allows importing, creating, editing, exporting policies defined in XACML 2.0 specification. Intuitive UI and DB-based repository improves policy creator's experience.

This project will serve as a central hosting/bug tracking center for modifications to the SmoothWall.org firewall distribution. Support and information for the "mods" posted here can be found on the SmoothWall.org forums, the SmoothWall.org IRC server, or

ZoneMinder is video and cctv surveillance and security application. It supports multiple video or IP cameras and a sophisticated motion detection system based around zones. Both live streams and historic events can be viewed via the web interface.

Aimed for web app security with hope of quick reference. WAS papers are scattered among hundreds of resources, some of which are likely to be broken links in some time. All sec pros wish their papers reach the whole world widely for perfect security.

Application proxy toolkit which inherits the ideology of TIS fwtk and maintains API backwards compatibility. The design goal is to make it simple yet powerful; no performance hacks allowed in the code and library dependencies are reduced to minimum.

This small application helps you to create passwords with different strength. Also this is a testproject, to find out how great options sourceforge has. :)

Firewall Configuration Made Easy

The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

The Hackademic Challenges is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.

The Password tools bundle is one application combining three tools - the Analyser (shows the "strength" of your password, the Generator (generates "strong" passwords) and the Manager (stores passwords securely using Rijndael).