Search Results for "http"
Sort By:
Showing 472 open source projects for "http"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Cloud tools for web scraping and data extractionAutomate web data collection with cloud tools that handle anti-bot measures, browser rendering, and data transformation out of the box. Extract content from any website, push to vector databases for RAG workflows, or pipe directly into your apps via API. Schedule runs, set up webhooks, and connect to your existing stack. Free tier available, then scale as you need to.
-
1
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
2
mitmproxy
A free and open source interactive HTTPS proxy
mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of features like request interception and replay. ... -
3
Proxyee
HTTP proxy server,support HTTPS & websocket
Proxyee is a JAVA-written HTTP proxy server library that supports HTTP, HTTPS, and WebSocket protocols, and supports MITM (Man-in-the-middle), which can capture and tamper with HTTP, and HTTPS packets. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. -
4
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. ... -
Nonprofit Budgeting SoftwareMartus' collaborative and easy-to-use budgeting and reporting platform will save you hundreds of hours each year. It's designed to make the entire budgeting process easier and create unlimited financial transparency.
-
5
Proxify
A versatile and portable proxy for capturing HTTP/HTTPS traffic
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into BurpSuite or any other proxy by simply setting the upstream proxy to proxify. -
6
InterceptSuite
A TLS MITM proxy for Non-HTTP traffic, with support for TLS upgrades
InterceptSuite is a cross‑platform, SOCKS5‑based MITM proxy specially designed to intercept, inspect, analyze, and manipulate encrypted network traffic at the TCP/TLS layer. It goes beyond HTTP‑focused tools like Burp Suite and ZAP by providing universal TLS interception—including STARTTLS and non‑HTTP protocols—offering deep visibility and control for security testing and debugging. InterceptSuite bridges this gap by providing a universal TLS interception engine that works with any protocol, giving security researchers the tools they need to analyze, understand, and test encrypted communications effectively. ... -
7
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. ... -
8
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. ... -
9
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted from the previous use of mitmproxy, go-mitmproxy can use it directly. ... -
AestheticsPro Medical Spa SoftwareAestheticsPro is the most complete Aesthetics Software on the market today. HIPAA Cloud Compliant with electronic charting, integrated POS, targeted marketing and results driven reporting; AestheticsPro delivers the tools you need to manage your medical spa business. It is our mission To Provide an All-in-One Cutting Edge Software to the Aesthetics Industry.
-
10
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. Nuclei has built-in support for automatic template download/update as default since version v2.5.2. ... -
11
ModSecurity
Cross platform web application firewall (WAF) engine for Apache
ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity SecRules format and apply them to HTTP content provided by your application via Connectors. ... -
12
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
13
thc-hydra
Shows how easy it would be to gain unauthorized access to a system
...Via the command line options you specify which logins to try, which passwords, if SSL should be used, how many parallel tasks to use for attacking, etc. PROTOCOL is the protocol you want to use for attacking, e.g. ftp, smtp, http-get or many others are available. -
14
Modlishka
Powerful and flexible HTTP reverse proxy
Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? -
15
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. ... -
16
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice. -
17
Apisauce
Axios + standardized errors + request/response transforms
Talking to APIs doesn't have to be awkward anymore. Low-fat wrapper for the amazing Axios HTTP client library. All responses follow the same flow: success and failure alike. Responses have a problem property to help guide exception flow, attach functions that get called each request, attach functions that change all request or response data. Detects connection issues (on React Native). The only required property is baseURL and it should be the starting point for your API. -
18
proxy.py
Utilize all available CPU cores for accepting new client connections
...Each Acceptor process delegates the accepted client connection to a threadless process via Work class. Currently, HttpProtocolHandler is the default work class. HttpProtocolHandler simply assumes that incoming clients will follow HTTP specification. Specific HTTP proxy and HTTP server implementations are written as plugins of HttpProtocolHandler. -
19
FlareSolverr
Proxy server to bypass Cloudflare protection
...It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. ... -
20
Conscrypt
Conscrypt is a Java Security Provider
...Because it builds on BoringSSL’s audited primitives and constant-time implementations, it reduces the risk of subtle side-channel issues while improving handshake and bulk crypto throughput. Conscrypt also exposes platform accelerations (like AES-GCM and ChaCha20-Poly1305) and supports features important to HTTP/2 and HTTP/3 stacks. Its goal is pragmatic: deliver a fast, well-maintained TLS provider that behaves like modern browsers and mobile stacks. -
21
gorush
A push notification server written in Go (Golang)
...You can deploy gorush to alternative solution like netlify functions. Netlify lets you deploy serverless Lambda functions without an AWS account, and with function management handled directly within Netlify. Support for HTTP, HTTPS or SOCKS5 proxy. Support retry send notification if server response is fail. Support install TLS certificates from Let's Encrypt automatically. Support send notification through RPC protocol, we use gRPC as default framework. Support running in Docker, Kubernetes or AWS Lambda (Native Support in Golang). -
22
Amazon SNS Message Validator for PHP
Amazon SNS message validation for PHP
...Amazon Simple Notification Service (Amazon SNS) is a fast, fully-managed, push messaging service. Amazon SNS can deliver messages to email, mobile devices (i.e., SMS; iOS, Android and FireOS push notifications), Amazon SQS queues, and of course HTTP/HTTPS endpoints. -
23
Web-Check
All-in-one OSINT tool for analysing any website
Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,... -
24
K9s
Kubernetes CLI To Manage Your Clusters In Style!
...Supports for viewing RBAC rules such as cluster/roles and their associated bindings. Reverse lookup to asserts what a user/group or ServiceAccount can do on your clusters. You can benchmark your HTTP services/pods directly from K9s to see how your application fare and adjust your resources request/limit accordingly. -
25
OAuthLib
A generic, spec-compliant, thorough implementation of the OAuth
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.8+. OAuthLib is a framework which implements the logic of OAuth1 or OAuth2 without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.
