Search Results for "test php"

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment.

Shaark is a self-hosted platform to keep and share your content: web links, posts, passwords and pictures. All of your data can be private, public or both and can be browsed by tags or all-in-one search. Shaark is production ready, inspired by Shaarli, built with Laravel and Vue.js. All contributions are welcome! Please use the dev branch for your pull requests. If you make changes to JS, don't compile assets in production, I'll manually compile them when merging for security reasons. You're...

We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow...

This tool can create one-time-password values based on HOTP (RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm), TOTP (RFC 6238: TOTP: Time-Based One-Time Password Algorithm) and OCRA (RFC 6287: OCRA: OATH Challenge-Response Algorithm) standards, and also supports client side of OAuth protocols (1.0a, 2.0).

AleHu is an open source encrypted message transfer system that encompasses both server (PHP) and client software (Java). Give it a shot: You can try out AleHu by simply running the client using the preconfigured AleHu test server! For further details and instructions on how to quickly install and run AleHu, have a look at the documentation in the Wiki section.

BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL...

This tool can create XAdES (XML) signatures based upon ETSI TS 101 903 v1.3.2 standard. It also includes handling of ITU-T X.509 certificates and RFC 3161 timestamps.

Wave is a PHP micro-framework that is built loosely following model-view-control architecture and factory method design pattern. It is made for web services, websites and info-systems and is built to support a native API architecture, caching, user control and smart resource management. Wave is a compact framework that does not include bloated libraries and features and is developed keeping lightweight speed and optimizations in mind. While not necessary for using Wave Framework, it comes by...

...Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? ...

About GameOver: Project GameOver was started with the objective of training and educating newbies about the basics of web security and educate them about the common web attacks and help them understand how they work. GameOver has been broken down into two sections. Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal...

The Hackademic Challenges is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques This is a fully functional web site with a content management system based on fckeditor. You can download it as source code or a pre configured

This is is a modular, test driven website that tries to break web clients of all kind. If you are developing applications that interact with websites you might want to throw it at this website first and see if it survives.

In your web applications wherever user registration is required, use this checker script to strictly enforce users to select stronger passwords. It tests cracking passwords against 4 rules. It has also built-in smoke test page.

Pillager is a set of PHP Scripts that allows you to test the security of your web server permissions.

Automated Security Tools (autosec) aims to provide automatic tools which network administrators may use to help check and test the security of their network.

php-backdoor all-in-one administration tool designed as a single phpscript for linux and windows os. features are: browse filesystem, download, upload, create dirs and run phpcode. this tool also can be used to test server security.

WEBsent is a web service test and performance tool. It offers the user, via a client site hypertext browser, some tools and tests to check the performance and validity of his/her web server. WEBsent is designed to monitor webpages, content accessibility

The Registry Server (jUDDI) offers a mechanism for humans or software applications to advertise and discover Web services. The Java Web Services Developer Pack (Java WSDP) Registry Server implements Version 2 of the Universal Description, Discovery and I

protect product by test the number printed in it,easy to vist for wap and http.