Search Results for "iis"

ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. ...

...The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is not intended as a replacement for the frameworks for C2 Server (i.e. Meterpreter, Empire, etc..) but this should be used when you land on a fully restricted server where inbound and outbound connections are very limited. In this framework, you will have all the tools needed to privesc, net discovery, and lateral movement as you are typing behind the cmd of the target server.

Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org

A geoblock module created by Triple IT. It can be added to the IIS7 pipeline (now also on IIS 8.5). It uses the IPv4 address to determine the geographic location of the request by using maxminds geo IP file and takes action accordingly. Next to the module, 2 tools are included. 1 to quickly lookup the country for a specific IP address and 1 to help you automate the update of the MaxMind data file. An extensive manual is available to install and use the module.

...The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. This project is part of the ITSEC GAMES project. You can find more about the ITSEC GAMES and bWAPP projects on our blog. For security-testing and educational purposes only! Cheers Malik Mesellem

Combat the hackers with ‘Simple Site Audit Multisite’ website protection. With SSAM installed, you will be notified by email of any file changes that occur on your monitored sites. SSAM will detect files that have been added, removed or modified and if file permissions are changed. You will be able to automatically monitor all your sites from one ‘Master’ web site. Your sites can be monitored for hacker activity without any detectable monitoring system on the sites themselves. The...

It's a simple IIS web application firewall made on ISAPI filters and HTTP modules that can be easily deploy in any Web application for securing against SQL, Blind, XPATH, XSS injections.

** Guys I have built a much more powerful Fully Featured CMS system at: https://github.com/MacdonaldRobinson/FlexDotnetCMS Macs CMS is a Flat File ( XML and SQLite ) based AJAX Content Management System. It focuses mainly on the Edit In Place editing concept. It comes with a built in blog with moderation support, user manager section, roles manager section, SEO / SEF URL