Search Results for "concept"
Sort By:
Showing 35 open source projects for "concept"
View related business solutions-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
1
YellowKey
YellowKey Bitlocker Bypass Vulnerability
YellowKey is a security research repository documenting a reported BitLocker bypass vulnerability affecting modern Windows recovery environments. The project is not a general-purpose application, but a proof-of-concept disclosure intended for vulnerability awareness, defensive research, and incident response discussion. It highlights how recovery tooling and boot-adjacent components can create serious risks even when full-disk encryption is enabled. The repository is relevant to security teams, system administrators, forensic analysts, and researchers who monitor Windows endpoint exposure. ... -
2
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
3
thc-hydra
Shows how easy it would be to gain unauthorized access to a system
Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however, none does either support more than one protocol to attack or support parallelized connects. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and MacOS. ... -
4
Al-Khaser
Public malware techniques used in the wild: Virtual Machine, Emulation
al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these behaviors. ... -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Brook
Brook is a cross-platform strong encryption and not detectable proxy
...Usually, if you use Brook, you will need a combination of Server and Client, Of course Brook CLI also has many other independent functions. The Brook CLI file is an independent command file, it can be said that there is no concept of installation, just download this file to your computer, run it after granting it executable permissions in the command line interface. -
6
Locker Password Manager
Open source secure password manager
Locker is a password manager that goes beyond the mere concept of password management. Whatever your previous password manager provided, we offer even more. Store passwords, passkeys and personal data in one encrypted vault. Manage effectively with categories and folders. Save your passwords with a click, login and checkout made effortlessly with auto-saving and auto-fill features from passwords, payment details to two-factor authentication passcodes. -
7
Devise
Flexible authentication solution for Rails with Warden
Devise is a flexible authentication solution for Rails that is based on Warden, a general Rack authentication framework. It is a complete MVC solution based on Rails engines that lets you have several models signed in at the same time. It consists of 10 modules: 1. Authenticatable Module, responsible for password hashing and validating user authenticity when signing in 2. Omniauthable adds OmniAuth support 3. Confirmable is responsible for verifying if an account is already confirmed... -
8
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for... -
9
MicroBurst
A collection of scripts for assessing Microsoft Azure security
...The project exposes both interactive helpers and scripted commands (e.g., Invoke-EnumerateAzureBlobs, Invoke-EnumerateAzureSubDomains, REST-based VM command execution and storage key retrieval routines) so operators can pivot from discovery to validated proof-of-concept actions during authorized penetration tests. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Guardian
Elixir Authentication
...If you're implementing a TCP/UDP protocol directly or want to utilize your authentication via channels in Phoenix, Guardian can work for you. The core currency of authentication in Guardian is the token. By default JSON Web Tokens are supported out of the box but you can use any token that Has the concept of a key-value payload, is tamper-proof, can serialize to a String, or that has a supporting module that implements the Guardian.Token behavior. You can use Guardian tokens to authenticate web endpoints (Plug/Phoenix/X), channels/Sockets (Phoenix - optional), and any other system you can imagine. If you can attach an authentication token you can authenticate it. -
11
GoldBug - Encrypted Communications
Chat Messenger. E-Mail-Client. Websearch. Filetransfer.
...Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ● https://sourceforge.net/p/goldbug/wiki/compiling As Spot-On implemented the minimal GB-concept & Nuvola Icons, GoldBug has now been fully integrated into Spot-On Win64: Just choose Tabs at East & Mini-View in Options - w/ Nuvola Icons of course! Voilá! & Many Thanks, Pro-Files can be found archived at ● current source: https://github.com/textbrowser/spot-on ● EN Manual: https://www.amazon.com/dp/3749435065 ● DE: https://compendio.github.io/goldbug-manual-de/ ● Study: https://www.amazon.com/asin/dp/3750408971 -
12
WeIdentity is a set of distributed multi-center technical solutions that can carry the credible mapping of the actual identity and chain identity of the entity object (person or thing), as well as the realization of safe access authorization and data exchange between the entity objects. WeIdentity is independently developed and fully open source by the Microbank. It adheres to the concept of public alliance chains integrating resources, exchanging value, and serving the public. It is committed to becoming a distributed commercial infrastructure linking multiple vertical industry fields, promoting pan-industry, cross-institution, and cross-regional. Identity authentication and data cooperation. In the traditional way, user registration and identity management are completely dependent on the single center's registration agency; with the emergence of distributed ledger technology (such as blockchains), distributed multi-center identity registration, and identification.
-
13
messor-opencart
Messor Security - IPS/WAF anti DDOS/bot and more for OpenCart3
...Each network member collects intruders and attacks data and then sends it to central servers, as well as distributes the current database to the rest network participants. The current concept provides real-time protection of your store from the network attacks. -
14
email2phonenumber
OSINT tool to discover phone numbers using an email address
email2phonenumber is an open source OSINT (Open Source Intelligence) tool designed to help researchers identify a target’s phone number using only an email address. The project was created as a proof-of-concept during research into new OSINT methodologies for extracting personal information from publicly accessible sources and account recovery mechanisms. The tool works by automating interactions with password reset processes on various online services, which may reveal masked phone number digits associated with an account. By combining these partial digits with other publicly available information, the tool attempts to reconstruct or identify the full phone number. ... -
15
Drive Badger
Open source platform for covert data exfiltration operations.
Drive Badger is a software tool for data exfiltration – which means, for copying data from the computer to external USB drive. Unlike many other tools from IT security area, it's not a Proof-of-Concept kind of tool, bringing some groundbreaking techniques. Everything, what Drive Badger does, can be as well run manually, step by step. Instead, what Drive Badger really does, is doing it all better, by putting the maximum focus on: -
16
MaskPhish
Introducing "URL Making Technology" to the world
MaskPhish is not any Phishing tool. It's just a proof of concept of "URL Making Technology". It is a simple Bash Script to hide phishing URLs under a normal-looking URL (google.com or facebook.com). It can be integrated into Phishing tools (with proper credits) to look the URL legit. Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal link because the top-level domain (like Google, YouTube, New York Times, etc) is considered clean. -
17
Nothing Private
A proof of concept that any website can identify and track you
This project is a proof of concept that any website can identify and track you, even if you are using private browsing or incognito mode in your web browser. Many people think that they can hide their identity if they are using private browsing or incognito mode. This project will prove that they are wrong. -
18
Cassiopeia's BitMail
Encrypting E-Mail Client
BitMail is a Proof-of-Concept- / Design-Study for an Qt E-Mail Client. POP3 / IMAP / SMTP / P2P E-Mail-Client. ● Qt E-Mail Client. ● Build-in Encryption to secure E-Mails ● IMAP & POP3 ● Additionally a full decentral P2P Email-Option via the Echo Protocol ● Store Email for Offline-Friends in the P2P Network. ● Chat and Instant Messaging is build in -
19
Gryptonite
Cross-platform encrypted password and file database
...For advanced users, it includes a separate utility called Grypto-Transforms, which has a universal hash calculator with all the major hash functions, generic encrypt/decrypt functions and a base64/hex converter. It's not just easy to use, it's also highly secure. Security experts will be happy to know that it uses AES with CCM and has a solid security concept. -
20
w-o-f
Passive or learning mode of web application firewalls to evaluate WAF
"Web application firewalls (WAF)" , The today's requirement to secure the web applications without changing the existing infrastructure.But at the same time, it is a big risk in case of WAF behavior and false positives (legitimate traffic blocking). This talk will demonstrates a new concept to evaluate any WAF without taking risk of putting any WAFs into inline mode.Everything will be in learning or in passive mode.This project describes concept of one special engine,which can be used to evaluate any WAFs with zero risk to the end user (website owner),no matter whether its vendor supports Passive mode or not(i.e. modsecurity or naxsi). -
21
OWASP JSEC CVE Details is is an opensource application developed in Java that is used to know about details of CVE , current CVE releases and also search exploits and proof of concept. https://www.owasp.org/index.php/OWASP_JSEC_CVE_Details [Features] [+] Fetch Recent CVEs [New Features included in v2.0] [+] Search for vulnerabilities of different platform/application/categories [+] Search CVEs [+] Search POC & Exploits Project/Source Code : http://dibsy.github.io/JSEC_CVE_DETAILS/
-
22
Plinko was originally an experiment with Prefix Trees and log parsing. The general concept is to have a single end point you can send any data to, in a "fire and forget" fashion. Plinko should identify and parse the data completely without the sending system caring what it sent. The latest version supports named fields in the STL files for tagging data parsed in the Prefix Tree and anonymous functions for parsing dynamic message payloads.
-
23
sape
self defense system
This is a proof of concept. A tool developed at Universidad Tecnologica Nacional (Argentina). It detects attacks and it responses with isolation attacks. It's supposed to be on the same network of the protected hosts. It must be capable to see all the traffic. It's a basic IPS with a self defense module. So it can prevents future attacks from the same hosts, which is identified by its mac address. -
24
HTTP Anti Flood/DoS Security Module
Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks
...(like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? ... -
25
Tsukuba-GAMA provides user and credential management, using the Grid Security Infrastructure (GSI) based on Public Key Infrastructure (PKI), X.509 certificate, proxy certificate, and the concept of Virtual Organization (VO).
