Search Results for "cross scripting"
Sort By:
Showing 25 open source projects for "cross scripting"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters
ezXSS is an open-source XSS (Cross-Site Scripting) testing platform designed to help security researchers identify and collect XSS vulnerabilities. It acts as a payload receiver and logger, storing details about triggered XSS attacks such as the user agent, cookies, DOM, and referrer. This tool is highly useful in bug bounty hunting and penetration testing for monitoring and documenting XSS vectors in real-time. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
3
Piknik
Copy/paste anything over the network
Piknik is a secure network-based clipboard tool that allows users to copy and paste data seamlessly across different machines, even when they are on separate networks or behind firewalls. It enables the transfer of virtually any type of data, including text, files, and binary streams, through a staging server that relays encrypted content between clients. The system is designed with strong end-to-end encryption and signing, ensuring that intermediaries cannot access or modify the transmitted... -
4
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for... -
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
5
Latte
The safest & truly intuitive templates for PHP
The first truly secure and intuitive templates for PHP. The most common critical vulnerability in websites is Cross-Site Scripting (XSS). It allows an attacker to insert a malicious script into a page that executes in the browser of an unsuspecting user. It can modify the page, obtain sensitive information or even steal the user's identity. Templating systems fail to defend against XSS. Latte is the only system with an effective defense, thanks to context-sensitive escaping. ... -
6
Digna Web Scanner
A tool to check web apps for vulnerabilty
...It currently performs checks for: SQL Injection (SQLi): Detects vulnerabilities that could allow attackers to inject malicious SQL code and manipulate the database. XSS Cross-site-scripting: Detect vulnerability that allow attackers to inject client-side scripts into web pages Cross-Site Request Forgery (CSRF): Helps discover vulnerabilities that could allow attackers to trick users into performing unintended actions on a website. Insecure Direct Object References (IDOR): Scans for vulnerabilities that might enable attackers to access unauthorized data by manipulating direct object references. ... -
7
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
8
spoof
Easily spoof your MAC address in macOS, Windows, & Linux
...The tool is frequently used in penetration testing, wireless debugging, public Wi-Fi privacy protection, and networking experiments where hardware identity masking is required. Its architecture emphasizes portability and ease of use through Node.js-based scripting and automation support. -
9
raptor_waf
Raptor - Web application firewall [ Stable version ]
Web application firewall in C using DFA to block attacks. read Docs ! http://funguscodes.blogspot.com.br/2016/08/steps-to-create-your-wafweb-application.html -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
10
Web Security Basics
Web security concepts
...The repository focuses on real-world security mechanisms and vulnerabilities, explaining protocols like SSL/TLS for encrypted communications, the principles behind CORS (Cross-Origin Resource Sharing), and widely exploited attack categories such as cross-site scripting (XSS) and cross-site request forgery (CSRF). It also covers token-based authentication patterns like access and refresh tokens, helping developers see how modern web applications attempt to balance security with usability. Rather than providing executable code or automated tools, the project emphasizes conceptual understanding and the reasoning behind why certain defenses matter in web architecture. -
11
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ... -
12
PAVS
PHP Application Vulnerability Scanner
PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation -
13
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
14
ISC - The ISAAC Stream Cipher
ISC lets you encrypt & decrypt text and files of any type up to 4GB
ISAAC is a cryptographically secure pseudo-random number generator (CSPRNG) and stream cipher. It was developed by Bob Jenkins from 1993-1996 and placed in the Public Domain. ISAAC is fast - especially when optimised - and portable to most architectures in nearly all programming and scripting languages. After more than 20 years of existence ISAAC has not been broken, and the little program you have here allows you to use it to encrypt and decrypt text of arbitrary length, files of any... -
15
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
16
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/
-
17
Cross Site Scripting Anonymous Browser (XAB) leverages web sites and client browsers to build a network of drones. It is not to replace the current anonymous browsing applications, but provides an alternative that does not require willing participants.
-
18
Web vulnerable scan tool ※ SQL injection ※ XSS Cross Site Scripting ※ 404/500 server error ※ Admin/Manage folder search ※ web-base or command-line scanner by PHP ※ Check up collate with HTML FORM and LINK http://wstool.sourceforge.net
-
19
Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].
-
20
-
21
Implemented in Java, WebXSSDetector is an automated, open-source testing tool for detecting Cross-Site Scripting Vulnerabilities on Web applications.
-
22
...Twe is used to enforce pre defined html code. Twe takes (evil) html as input and returns html matched against a flexible and easy to extend set of rules. Use Twe to avoid cross side scripting (xss).
-
23
-
24
SecureCFM is an application dedicated to the audit of ColdFusion source code, in order to detect then correct possible Cross Site Scripting vulnerabilities.
-
25
Cake Fuzzer
Security testing tool for CakePHP based web applications
Cake Fuzzer is an open-source project meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently, it is implemented to support the Cake PHP framework. Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). The goals of the project are: - create an automated process of discovering vulnerabilities in applications based on the CakePHP Framework; -...
- Previous
- You're on page 1
- Next
