Search Results for "http headers"
Sort By:
Showing 16 open source projects for "http headers"
View related business solutions-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
Wfuzz
Web application fuzzer
...Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
2
Web-Check
All-in-one OSINT tool for analysing any website
Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,... -
3
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and... -
4
MrFish
A anti-phishing Python script with headers and proxies!
MrFish is a powerful tool designed to automate the creation of fake account submissions for phishing tests and vulnerability assessments. With the ability to generate random usernames, passwords, and even credit card data, it simulates real user behavior to help test the security of online forms. Featuring customizable settings for proxy support, user inputs (email or username), and multiple threads for speed, MrFish provides an efficient way to stress-test web servers and form-handling... -
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
5
ufonet
UFONet - Denial of Service Toolkit
UFONet - Is a set of hacktivist tools that allow launching coordinated DDoS and DoS attacks and combine both in a single offensive. It also works as an encrypted DarkNET to publish and receive content by creating a global client/server network based on a direct-connect P2P architecture. + FAQ: https://ufonet.03c8.net/FAQ.html -------------------------------------------- -> UFONet-v1.8 [DPh] "DarK-PhAnT0m!" (.zip) -> md5 = [ c8ab016f6370c8391e2e6f9a7cbe990a ] -> UFONet-v1.8... -
6
Node.js express.js MongoDB JWT REST API
Node.js express.js MongoDB JWT REST API - Basic Project Skeleton
This is a basic API REST skeleton written on JavaScript using async/await. Great for building a starter web API for your front-end (Android, iOS, Vue, react, angular, or anything that can consume an API) This project is created to help other developers create a basic REST API in an easy way with Node.js. This basic example shows how powerful and simple JavaScript can be. Do you want to contribute? Pull requests are always welcome to show more features. Custom email/password user system with... -
7
HostHunter
OSINT reconnaissance tool for discovering hostnames from IP addresses
...This approach enables users to identify hidden or additional services that may be hosted behind a single IP address. By correlating hostname information from certificates, APIs, HTTP headers, and other sources, the tool helps reveal the broader attack surface of an organization or infrastructure. HostHunter is commonly used in penetration testing, bug bounty reconnaissance, and security assessments where identifying virtual hosts is critical. HostHunter supports multiple output formats, making it easier to integrate the results into other security tools or workflows. -
8
NPS
Lightweight, high-performance, powerful intranet penetration proxy
...Powerful extension functions, everything is available (cache, compression, encryption, traffic limit, bandwidth limit, port reuse, etc.) Domain name resolution has functions such as custom headers, 404 page configuration, host modification, etc. -
9
htrace.sh
My simple Swiss Army knife for http/https troubleshooting
htrace.sh is a shell-based “Swiss Army knife” for HTTP/HTTPS troubleshooting that wraps a variety of network and security tools into a single, convenient command. It helps engineers inspect endpoints by collecting connection details, TLS certificate info, and server headers while optionally driving tests from third-party analyzers. The script emphasizes operability: you can run quick checks against URLs to reveal redirects, protocol negotiation, and response timing without assembling a pile of one-off commands. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
phpsploit
Full-featured C2 framework which silently persists on webserver
Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large payloads (such as uploads) Provides a powerful, highly configurable settings engine. ... -
11
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
12
ErrorMint is a tool created to audit the disclose of information through errors in web applications, as explained by OWASP at their Testing Guide: http://goo.gl/UuDpKm So far, there is only one module available that checks some HTTP error responses and obtains the server version from them and from the HTTP headers. This tool has been developed as part of a dissertation for the "Information Technology and Communications Security" master's degree at the UOC University (www.uoc.edu) - http://goo.gl/UCTkcZ
-
13
The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
-
14
It's a tool for testing HTTP servers and Web applications. It supports HTTP/HTTPS protocols, GET,POST and HEAD methods, HTTP proxies, refferes and cookies. It's like HTTP Debugger in network tool AccessDiver or HAS.
-
15
NiktoRAT parses a plaintext Nikto report and outputs a series of navigable web pages for each finding with vulnerability information, HTTP request and response headers, and HTML dumps of the vulnerability URLs.
-
16
SecurityHeaderAudit
Simple Python tool for checking website HTTP security headers
SecurityHeaderAudit is a beginner-friendly defensive security tool that checks websites for common HTTP security headers and reports missing protections.
- Previous
- You're on page 1
- Next
