Search Results for "concept"
Sort By:
Showing 43 open source projects for "concept"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
2
thc-hydra
Shows how easy it would be to gain unauthorized access to a system
Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however, none does either support more than one protocol to attack or support parallelized connects. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and MacOS. ... -
3
Tookie-OSINT
Username OSINT tool for discovering accounts across many websites
...By entering a target username, Tookie-OSINT scans a list of supported sites and checks whether the username exists on those platforms. This approach removes the need for manual checks and significantly speeds up OSINT investigations. It is similar in concept to tools such as Sherlock, focusing on identifying user profiles across social media and other online services. Tookie-OSINT includes both command-line and optional web interface functionality, giving users flexible ways to run scans and analyze results. Tookie-OSINT was created to help beginners and aspiring security professionals learn about OSINT techniques. -
4
Brook
Brook is a cross-platform strong encryption and not detectable proxy
...Usually, if you use Brook, you will need a combination of Server and Client, Of course Brook CLI also has many other independent functions. The Brook CLI file is an independent command file, it can be said that there is no concept of installation, just download this file to your computer, run it after granting it executable permissions in the command line interface. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Locker Password Manager
Open source secure password manager
Locker is a password manager that goes beyond the mere concept of password management. Whatever your previous password manager provided, we offer even more. Store passwords, passkeys and personal data in one encrypted vault. Manage effectively with categories and folders. Save your passwords with a click, login and checkout made effortlessly with auto-saving and auto-fill features from passwords, payment details to two-factor authentication passcodes. -
6
Devise
Flexible authentication solution for Rails with Warden
Devise is a flexible authentication solution for Rails that is based on Warden, a general Rack authentication framework. It is a complete MVC solution based on Rails engines that lets you have several models signed in at the same time. It consists of 10 modules: 1. Authenticatable Module, responsible for password hashing and validating user authenticity when signing in 2. Omniauthable adds OmniAuth support 3. Confirmable is responsible for verifying if an account is already confirmed... -
7
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for... -
8
Guardian
Elixir Authentication
...If you're implementing a TCP/UDP protocol directly or want to utilize your authentication via channels in Phoenix, Guardian can work for you. The core currency of authentication in Guardian is the token. By default JSON Web Tokens are supported out of the box but you can use any token that Has the concept of a key-value payload, is tamper-proof, can serialize to a String, or that has a supporting module that implements the Guardian.Token behavior. You can use Guardian tokens to authenticate web endpoints (Plug/Phoenix/X), channels/Sockets (Phoenix - optional), and any other system you can imagine. If you can attach an authentication token you can authenticate it. -
9
GoldBug - Encrypted Communications
Chat Messenger. E-Mail-Client. Websearch. Filetransfer.
...Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ● https://sourceforge.net/p/goldbug/wiki/compiling As Spot-On implemented the minimal GB-concept & Nuvola Icons, GoldBug has now been fully integrated into Spot-On Win64: Just choose Tabs at East & Mini-View in Options - w/ Nuvola Icons of course! Voilá! & Many Thanks, Pro-Files can be found archived at ● current source: https://github.com/textbrowser/spot-on ● EN Manual: https://www.amazon.com/dp/3749435065 ● DE: https://compendio.github.io/goldbug-manual-de/ ● Study: https://www.amazon.com/asin/dp/3750408971 -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
WeIdentity is a set of distributed multi-center technical solutions that can carry the credible mapping of the actual identity and chain identity of the entity object (person or thing), as well as the realization of safe access authorization and data exchange between the entity objects. WeIdentity is independently developed and fully open source by the Microbank. It adheres to the concept of public alliance chains integrating resources, exchanging value, and serving the public. It is committed to becoming a distributed commercial infrastructure linking multiple vertical industry fields, promoting pan-industry, cross-institution, and cross-regional. Identity authentication and data cooperation. In the traditional way, user registration and identity management are completely dependent on the single center's registration agency; with the emergence of distributed ledger technology (such as blockchains), distributed multi-center identity registration, and identification.
-
11
Slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP
Slipstream (also referred to as “NAT Slipstreaming”) is a proof-of-concept exploit framework that allows an attacker to remotely access any TCP or UDP service running on a victim machine inside a NAT (behind a router/firewall) simply by tricking the target to visit a malicious website. It works by abusing the NAT’s Application Level Gateway (ALG) logic and connection tracking, combined with browser capabilities like WebRTC, precise packet fragmentation or boundary control, and packet injection techniques. ... -
12
messor-opencart
Messor Security - IPS/WAF anti DDOS/bot and more for OpenCart3
...Each network member collects intruders and attacks data and then sends it to central servers, as well as distributes the current database to the rest network participants. The current concept provides real-time protection of your store from the network attacks. -
13
email2phonenumber
OSINT tool to discover phone numbers using an email address
email2phonenumber is an open source OSINT (Open Source Intelligence) tool designed to help researchers identify a target’s phone number using only an email address. The project was created as a proof-of-concept during research into new OSINT methodologies for extracting personal information from publicly accessible sources and account recovery mechanisms. The tool works by automating interactions with password reset processes on various online services, which may reveal masked phone number digits associated with an account. By combining these partial digits with other publicly available information, the tool attempts to reconstruct or identify the full phone number. ... -
14
Linux Exploit Suggester 2
Next-Generation Linux Kernel Exploit Suggester
...It inspects the target kernel and OS release, compares that information against a curated database of known kernel vulnerabilities, and reports which exploit primitives are plausibly applicable to the host. The script can optionally download exploit proof-of-concept code from public exploit repositories to accelerate validation in controlled environments. It supports wildcard matching for kernel strings to broaden detection coverage and colorizes its output for easier reading in terminal sessions. Typical usage is simple and lightweight: run the script on the target (or pass a manual kernel string) and review the ranked list of candidate exploits and references. -
15
Drive Badger
Open source platform for covert data exfiltration operations.
Drive Badger is a software tool for data exfiltration – which means, for copying data from the computer to external USB drive. Unlike many other tools from IT security area, it's not a Proof-of-Concept kind of tool, bringing some groundbreaking techniques. Everything, what Drive Badger does, can be as well run manually, step by step. Instead, what Drive Badger really does, is doing it all better, by putting the maximum focus on: -
16
MaskPhish
Introducing "URL Making Technology" to the world
MaskPhish is not any Phishing tool. It's just a proof of concept of "URL Making Technology". It is a simple Bash Script to hide phishing URLs under a normal-looking URL (google.com or facebook.com). It can be integrated into Phishing tools (with proper credits) to look the URL legit. Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal link because the top-level domain (like Google, YouTube, New York Times, etc) is considered clean. -
17
Nothing Private
A proof of concept that any website can identify and track you
This project is a proof of concept that any website can identify and track you, even if you are using private browsing or incognito mode in your web browser. Many people think that they can hide their identity if they are using private browsing or incognito mode. This project will prove that they are wrong. -
18
Cassiopeia's BitMail
Encrypting E-Mail Client
BitMail is a Proof-of-Concept- / Design-Study for an Qt E-Mail Client. POP3 / IMAP / SMTP / P2P E-Mail-Client. ● Qt E-Mail Client. ● Build-in Encryption to secure E-Mails ● IMAP & POP3 ● Additionally a full decentral P2P Email-Option via the Echo Protocol ● Store Email for Offline-Friends in the P2P Network. ● Chat and Instant Messaging is build in -
19
Gryptonite
Cross-platform encrypted password and file database
...For advanced users, it includes a separate utility called Grypto-Transforms, which has a universal hash calculator with all the major hash functions, generic encrypt/decrypt functions and a base64/hex converter. It's not just easy to use, it's also highly secure. Security experts will be happy to know that it uses AES with CCM and has a solid security concept. -
20
w-o-f
Passive or learning mode of web application firewalls to evaluate WAF
"Web application firewalls (WAF)" , The today's requirement to secure the web applications without changing the existing infrastructure.But at the same time, it is a big risk in case of WAF behavior and false positives (legitimate traffic blocking). This talk will demonstrates a new concept to evaluate any WAF without taking risk of putting any WAFs into inline mode.Everything will be in learning or in passive mode.This project describes concept of one special engine,which can be used to evaluate any WAFs with zero risk to the end user (website owner),no matter whether its vendor supports Passive mode or not(i.e. modsecurity or naxsi). -
21
OWASP JSEC CVE Details is is an opensource application developed in Java that is used to know about details of CVE , current CVE releases and also search exploits and proof of concept. https://www.owasp.org/index.php/OWASP_JSEC_CVE_Details [Features] [+] Fetch Recent CVEs [New Features included in v2.0] [+] Search for vulnerabilities of different platform/application/categories [+] Search CVEs [+] Search POC & Exploits Project/Source Code : http://dibsy.github.io/JSEC_CVE_DETAILS/
-
22
Plinko was originally an experiment with Prefix Trees and log parsing. The general concept is to have a single end point you can send any data to, in a "fire and forget" fashion. Plinko should identify and parse the data completely without the sending system caring what it sent. The latest version supports named fields in the STL files for tagging data parsed in the Prefix Tree and anonymous functions for parsing dynamic message payloads.
-
23
sape
self defense system
This is a proof of concept. A tool developed at Universidad Tecnologica Nacional (Argentina). It detects attacks and it responses with isolation attacks. It's supposed to be on the same network of the protected hosts. It must be capable to see all the traffic. It's a basic IPS with a self defense module. So it can prevents future attacks from the same hosts, which is identified by its mac address. -
24
HTTP Anti Flood/DoS Security Module
Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks
...(like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? ... -
25
Tsukuba-GAMA provides user and credential management, using the Grid Security Infrastructure (GSI) based on Public Key Infrastructure (PKI), X.509 certificate, proxy certificate, and the concept of Virtual Organization (VO).
