Search Results for "web http"
Sort By:
Showing 167 open source projects for "web http"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
2
Web-Check
All-in-one OSINT tool for analysing any website
Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,... -
3
mitmproxy
A free and open source interactive HTTPS proxy
mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of features like request interception and replay. ... -
4
Proxyee
HTTP proxy server,support HTTPS & websocket
...You can use the CertDownIntercept interceptor to enable the web certificate download feature. -
Catch Bugs Before Your Customers DoMove from alert to fix before users notice. AppSignal monitors errors, performance bottlenecks, host health, and uptime—all from one dashboard. Instant notifications on deployments, anomaly triggers for memory spikes or error surges, and seamless log management. Works out of the box with Rails, Django, Express, Phoenix, Next.js, and dozens more. Starts at $23/month with no hidden fees.
-
5
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted from the previous use of mitmproxy, go-mitmproxy can use it directly. ... -
6
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. ... -
7
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
8
ModSecurity
Cross platform web application firewall (WAF) engine for Apache
ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. -
9
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. ... -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
10
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. -
11
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. ... -
12
Tempesta FW
All-in-one solution for high performance web content delivery
Tempesta FW is an all-in-one open-source solution for high performance web content delivery and advanced protection against DDoS and web attacks. This is a drop-in-replacement for the whole web server frontend infrastructure: an HTTPS load balancer, a web accelerator, a DDoS mitigation system, and a web application firewall (WAF). Tempesta FW is the first and only hybrid of a Web accelerator and a multi-layer firewall. -
13
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of... -
14
OAuthLib
A generic, spec-compliant, thorough implementation of the OAuth
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.8+. OAuthLib is a framework which implements the logic of OAuth1 or OAuth2 without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort. -
15
gorush
A push notification server written in Go (Golang)
A push notification micro server using Gin framework written in Go (Golang) and see the demo app. Support graceful shutdown that workers and queue have been sent to APNs/FCM before shutdown service. Support different Queue as backend like NSQ or NATS, defaut engine is local Channel. You can deploy gorush to alternative solution like netlify functions. Netlify lets you deploy serverless Lambda functions without an AWS account, and with function management handled directly within Netlify.... -
16
FlareSolverr
Proxy server to bypass Cloudflare protection
...It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. ... -
17
Alerta
Alerta monitoring system
...There are integrations available with Prometheus, Riemann, Nagios, Zabbix, netdata, Sensu, Pingdom and Cloudwatch. Integrating bespoke systems is easy using the API or command-line tool. Alerts are submitted in JSON format to an HTTP API. Alerts can be queried from the command line or viewed in a slick web console optimized for desktop, tablet, and mobile. User logins can be added using Google, GitHub or GitLab OAuth and programmatic access is managed using API keys. -
18
Raccoon
High-performance reconnaissance and vulnerability scanning tool
Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security assessments. It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a... -
19
teler
Real-time HTTP Intrusion Detection
teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. teler provides alerting when a threat is detected, push notifications include Slack, Mattermost, Telegram and Discord. ... -
20
mod_qos
Quality of service module for Apache httpd
mod_qos is a quality of service module for the Apache Web Server. It implements control mechanisms that can provide different priority to different requests and controls server access based on available resources. -
21
CacheGuard Gateway
CacheGuard Gateway is a UTM, a WAF, and a QoS management appliance.
CacheGuard Gateway is a free and open-source Unified Threat Management (UTM) solution, a Web Application Firewall (WAF), and a Quality of Service (QoS) platform designed to optimize WAN traffic. To obtain a CacheGuard Gateway appliance, download CacheGuard-OS and install it on the bare-metal or virtual machine of your choice. It’s that simple and completely free. The UTM includes a firewall, web antivirus, VPN server, and a URL-filtering and SSL-inspection web proxy. The WAF operates in... -
22
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script gives you the perfect ingredients to create the best dating web app or social networking site on the World Wide Web! ... -
23
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
24
ufonet
UFONet - Denial of Service Toolkit
UFONet - Is a set of hacktivist tools that allow launching coordinated DDoS and DoS attacks and combine both in a single offensive. It also works as an encrypted DarkNET to publish and receive content by creating a global client/server network based on a direct-connect P2P architecture. + FAQ: https://ufonet.03c8.net/FAQ.html -------------------------------------------- -> UFONet-v1.8 [DPh] "DarK-PhAnT0m!" (.zip) -> md5 = [ c8ab016f6370c8391e2e6f9a7cbe990a ] -> UFONet-v1.8... -
25
Password-Manager
Online keepass-like tool to manage password. client-side AES encrypt!
v11.00 greatly enhanced security! This password manager can generate and store random strong passwords for users. Passwords are generated on users' browsers and then encrypted using AES256 (mode CBC). PBKDF2 with SHA512 is used for user identification check. In trusted computers, user can enable a PIN to login faster. PIN verification is complicated and involves both server and client. Though PIN is only 4 digits, it's still safe (server will disable PIN upon 3 errors) You can...
