Search Results for "malicious"
Sort By:
Showing 43 open source projects for "malicious"
View related business solutions-
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
Go from Data Warehouse to Data and AI platform with BigQueryBigQuery is more than a data warehouse—it's an autonomous data-to-AI platform. Use familiar SQL to train ML models, run time-series forecasts, and generate AI-powered insights with native Gemini integration. Built-in agents handle data engineering and data science workflows automatically. Get $300 in free credit, query 1 TB, and store 10 GB free monthly.
-
1
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
...This is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance. Compare extracted records to a provided list of malicious indicators in STIX2 format. Generate JSON logs of extracted records, and separate JSON logs of all detected malicious traces. -
2
uBlock Origin
An efficient blocker for Chromium and Firefox
...The default behavior of uBlock Origin, when newly installed, is to block ads, trackers and malware sites through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, Online Malicious URL Blocklist, and uBlock Origin's own filter lists. uBlock Origin (or uBlock₀) is not an ad blocker; it's a general-purpose blocker. uBlock Origin blocks ads through its support of the Adblock Plus filter syntax. uBlock Origin extends the syntax and is designed to work with custom rules and filters. Furthermore, the advanced mode allows uBlock Origin to work in default-deny mode, which mode will cause all 3rd-party network requests to be blocked by default unless allowed by the user. -
3
Open Source API Firewall by Wallarm
Fast and light-weight API proxy firewall for request and response
API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else. -
4
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository. -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
Falco
Malicious activity detection for Cloud-native applications
Falco is a open source project to detect abnormal application behavior in a cloud native environment like Kubernetes. This cloud native runtime security project allows you to detect unexpected application behavior and alerts on threats. -
6
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for... -
7
tirith
Your browser catches homograph attacks
...The project emphasizes local-only analysis with no telemetry and no background daemons, so it can run offline and keep sensitive command context on-device. It integrates into popular shells via hooks (zsh, bash, fish, and PowerShell), including paste-aware protections so hidden characters or malicious rewrites get caught at the moment they enter the terminal. -
8
Osquery
SQL operating system instrumentation and monitoring framework
...With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. -
9
SafeLine
Serve as a reverse proxy to protect your web services from attacks
...While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
Laravel CSP
Set content security policy headers in a Laravel app
...This can be a security problem. Imagine one of your JavaScript dependencies sends all keystrokes, including passwords, to a third party website. It's very easy for someone to hide this malicious behaviour, making it nearly impossible for you to detect it (unless you manually read all the JavaScript code on your site). For a better idea of why you really need to set content security policy headers, read this excellent blog post by David Gilbertson. Setting Content Security Policy headers helps solve this problem. These headers dictate which sites your site is allowed to contact. ... -
11
Latte
The safest & truly intuitive templates for PHP
The first truly secure and intuitive templates for PHP. The most common critical vulnerability in websites is Cross-Site Scripting (XSS). It allows an attacker to insert a malicious script into a page that executes in the browser of an unsuspecting user. It can modify the page, obtain sensitive information or even steal the user's identity. Templating systems fail to defend against XSS. Latte is the only system with an effective defense, thanks to context-sensitive escaping. Latte is based on PHP, whereas Twig is based on Python. ... -
12
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors... -
13
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
14
CacheGuard Gateway
CacheGuard Gateway is a UTM, a WAF, and a QoS management appliance.
...The UTM includes a firewall, web antivirus, VPN server, and a URL-filtering and SSL-inspection web proxy. The WAF operates in conjunction with a reverse proxy, web application load balancer, and SSL offloader, and is capable of blocking malicious requests as well as traffic from IP addresses with poor reputations. The QoS manager enables traffic shaping to prioritize critical network flows, load balance multiple WAN links, and cache web traffic. -
15
ClamSAP exists of two 'C' shared libraries which link between ClamAV and the Virus Scan Interface (VSI) of SAP (offical name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads for example.
-
16
url-checker-php-sdk
Official PHP SDK for the EmailVeritas URL Checker API
The EmailVeritas URL Checker PHP SDK provides real-time phishing and malicious link detection through the official EmailVeritas API. It enables developers to classify and analyze URLs directly from PHP applications using simple methods for URL Lookup and URL Scan. Lightweight and dependency-free, the SDK performs redirect-chain, WHOIS, and HTML metadata analysis. Composer support makes integration seamless with PSR-4 autoloading. -
17
Metlo
Metlo is an open-source API security platform
Metlo is an open source API security tool you can set up in < 15 minutes that inventories your endpoints, detects bad actors, and blocks malicious traffic in real time. Metlo passively listens to your API traffic and tags every malicous request. Our models are built on patterns of malicous requests to detect bad actors and API attacks. -
18
VENOM C2 shellcode
C2 shellcode generator/compiler/handler
The script will use msfvenom (metasploit) to generate shellcode in different formats ( C# | python | ruby | dll | msi | hta-psh | doc | apk | macho | elf | deb | mp4 | etc ) injects the shellcode generated into one template (example: python) "the python function will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file. It also starts a handler to receive the remote connection (shell or meterpreter) venom... -
19
Key Transparency
A transparent and secure way to look up public keys
Key Transparency is a system for accountable public-key discovery that lets users and senders verify the keys associated with an account over time. It combines an append-only log with a verifiable map so changes to a user’s keys produce cryptographic proofs, enabling clients to detect malicious insertions or undetected key rotations. The architecture separates operators from verifiers: even if the service is compromised, independent clients can audit inclusion and consistency proofs to maintain trust. APIs and reference components demonstrate how account lookup, update, and auditing flows fit together for messaging or identity systems. ... -
20
Security Datasets
Re-play Security Events
Security‑Datasets is a community-driven repository maintained by the Open Threat Research Forge (OTRF) that curates publicly available malicious and benign datasets for threat-hunting, machine learning, event analysis, and cybersecurity research. Datasets include Windows events, logs, alerts, and simulated attack data to support detection engineering and academic research. -
21
Cuckoo Sandbox
Cuckoo Sandbox is for automated analysis of malware
Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android. -
22
JChecksum
MD5 Checksum Tool
This tool checks the integrity of files. It is very important if you don’t want your computer to get infected with viruses and malware. Sometimes, hackers and malicious software developers modify the contents of a downloadable zip, which can even result in granting them remote access to your system. While downloading various software, you might have noticed that developers usually provide hash values (MD5) of their files. This tool enables you to verify the file integrity of the downloaded content. ... -
23
Tattle Trail
PHP 404 pages to trap malicious web requests and report abusers
Catch bad visitors to your php website that are looking for admin access or exploitable web scripts, automatically lookup abuse information for their IP address and notify their network's administrators of their bad behavior. Most network operators provide abuse contact email addresses in their WHOIS information, and your webserver can immediately report malicious access attempts as they happen. A large amount of bots that sniff around websites for unsecured standard web apps (like phpMyAdmin or WordPress) to exploit are run by a very few bad actors. They're easy to catch by watching for attempted visits to pages that don't exist (usually with admin or db in the path). The more these bad robots get reported (and shut down by their ISPs), the more time they have to spend looking for new hosts instead of new websites they can hack into. -
24
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
...WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections -
25
wafep
Web Application Firewall Evaluation Project
WAFEP is designed to assess the attack vector support of web application firewalls and application IDS/IPS modules. It operates through an "attacker website" with links, forms, browser controls and other request initiators which send a collection of malicious payloads through the WAF to a target application, which in turn, checks which payloads were blocked and which passed successfully. The WAFEP application serves as both the "attacker" website and the "target" website, and thus, should ideally be used in twin instances - one BEHIND the WAF (the defender/target website), and another before the WAF (the attacker website). ...
