Search Results for "attacks"
Sort By:
Showing 74 open source projects for "attacks"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Turn traffic into pipeline and prospects into customersDocket is an AI-powered sales enablement platform designed to unify go-to-market (GTM) data through its proprietary Sales Knowledge Lake™ and activate it with intelligent AI agents. The platform helps marketing teams increase pipeline generation by 15% by engaging website visitors in human-like conversations and qualifying leads. For sales teams, Docket improves seller efficiency by 33% by providing instant product knowledge, retrieving collateral, and creating personalized documents. Built for GTM teams, Docket integrates with over 100 tools across the revenue tech stack and offers enterprise-grade security with SOC 2 Type II, GDPR, and ISO 27001 compliance. Customers report improved win rates, shorter sales cycles, and dramatically reduced response times. Docket’s scalable, accurate, and fast AI agents deliver reliable answers with confidence scores, empowering teams to close deals faster.
-
1
BeEF
The browser exploitation framework project
...BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. -
2
Pants Build System
The Pants Build System
...Pants has out-of-the-box support for multiple dependency resolves and their corresponding lockfiles, so you can have hermetic, repeatable builds that are resilient to supply chain attacks, even in complex situations where you have multiple versions of the same dependencies in different parts of the codebase. -
3
Node Argon2
Node.js bindings for Argon2 hashing algorithm
A Node.js library for hashing passwords securely using the Argon2 key derivation function, a modern cryptographic algorithm. -
4
GuardDog
GuardDog is a CLI tool to Identify malicious PyPI and npm packages
guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain risks and prevent malicious or vulnerable packages from being used. -
Total Network Visibility for Network Engineers and IT ManagersThis means every device on your network, and every interface on every device is automatically analyzed for performance, errors, QoS, and configuration.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
6
NPQ
Install packages with npm or yarn by auditing them
npq is a security-focused package manager that analyzes npm dependencies for potential vulnerabilities before installation. It helps developers ensure the safety of their projects by checking for malicious or outdated packages. -
7
lockfile linting
Lint an npm or yarn lockfile to analyze and detect security issues
lockfile-lint is a security tool that helps validate npm and Yarn lockfiles to prevent malicious dependency injections. It checks for common security issues such as package integrity violations and unauthorized registry usage. -
8
Locust
Scalable open source load testing tool
Locust is an open source user load testing tool written in Python. The idea behind Locust is to swarm your web site or other systems with attacks from simulated users during a test, with each user behavior defined by you using Python code. This swarming process is then monitored from a web UI in real-time, and will help identify any bottlenecks in your code before real users can come in. As it is completely event-based, Locust can have thousands or even millions of simultaneous users distributed over multiple machines swarming your system. ... -
9
Scapy
Scapy is a Python-based interactive packet manipulation program
...It is designed to allow fast packet prototyping by using default values that work. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected channel, ...), etc. ... -
Pest Control Management SoftwareBuilt for the pest control industry, but also works great for Mosquito Control, Bin Cleaning, Window Washing, Solar Panel Cleaning, and other Home Service Businesses in need of an easy-to-use software that helps you simplify routing, scheduling, communications, payment processing, truck tracking, time tracking, and reporting.
-
10
Themis
Easy to use cryptographic framework for data protection
...Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. Based on ECC + ECDSA / RSA + PSS + PKCS#7. -
11
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
12
Status - a Mobile Ethereum OS
A free (libre) open source, mobile OS for Ethereum
...Safely send, store and receive cryptocurrencies including ERC20 and ERC721 tokens with the Status crypto wallet. Only you hold the keys to your funds. Status' intuitive design protects you and your funds from attacks. Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. Keep your private messages private with Status. Browse the growing ecosystem of DApps including marketplaces, exchanges, games, and social networks. The latest security standards ensure a private browsing experience. ... -
13
Svix
The enterprise-ready webhooks service
...You need to monitor the deliverability of your webhooks to different endpoints, disable failing ones and notify your customers. Webhooks come with a myriad of security implications, such as SSRF, replay attacks and unauthenticated webhook events. You would need to build a UI for your users to add and remove endpoints, inspect logs and get ongoing reports. Offer your users a great developer experience, including the ability to test, inspect and replay their webhooks. -
14
Marked
A markdown parser and compiler. Built for speed
...The only completely secure system is the one that doesn't exist in the first place. Having said that, we take the security of Marked very seriously. To prevent ReDoS attacks you can run marked on a worker and terminate it when parsing takes longer than usual. Marked can be run in a worker thread on a node server, or a web worker in a browser. Only current and LTS Node.js versions are supported. End-of-life Node.js versions may become incompatible with Marked at any point in time. -
15
jsoup
Java library for working with real-world HTML
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. jsoup is designed to deal with all varieties of HTML found in the wild; from pristine and validating, to invalid tag-soup; jsoup will create a sensible parse tree. The parser will make... -
16
status-react
A free (libre) open source, mobile OS for Ethereum
...Safely send, store and receive cryptocurrencies including ERC20 and ERC721 tokens with the Status crypto wallet. Only you hold the keys to your funds. Status' intuitive design protects you and your funds from attacks. Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. -
17
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Spring Security uses a Gradle-based build system. In the instructions, ./gradlew... -
18
Phusion Passenger
A fast and robust web server and application server for Ruby
Passenger® is an app server that runs and automanages your web apps with ease. Also improves security, reliability and scalability. Passenger 6 introduces standardization across your stack by supporting all languages. From business-critical apps with billions of requests per day to small side projects, Passenger is tailored for each scenario. Passenger has a myriad of features that are invaluable to today’s web apps and microservice APIs. You get these benefits (and more) by simply... -
19
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
20
SSRFmap
Automatic SSRF fuzzer and exploitation tool
...It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans. Because SSRF often leads to lateral movement or internal network access, SSRFmap is especially useful for red-teamers and pentesters who want to explore chains rather than just the vulnerability surface. ... -
21
node-rate-limiter-flexible
Count and limit requests by key with atomic increments
rate-limiter-flexible counts and limits number of actions by key and protects from DDoS and brute force attacks at any scale. It works with Redis, process Memory, Cluster or PM2, Memcached, MongoDB, MySQL, PostgreSQL and allows to control of requests rate in single process or distributed environment. All operations in memory or distributed environments use atomic increments against race conditions. Combine limiters, block key for some duration, delay actions, manage failover with insurance options, configure smart key blocking in memory and many others. ... -
22
Apache APISIX
The cloud-native API gateway
...You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc. -
23
HighwayHash
Fast strong hash functions: SipHash/HighwayHash
HighwayHash is a fast, keyed hash function intended for scenarios where you need strong, DoS-resistant hashing without the full overhead of a general-purpose cryptographic hash. It’s designed to defeat hash-flooding attacks by mixing input with wide SIMD operations and a branch-free inner loop, so adversaries can’t cheaply craft many colliding keys. The implementation targets multiple CPU families with vectorized code paths while keeping a portable fallback, yielding high throughput across platforms. It exposes simple one-shot and streaming APIs, so you can hash short keys or long byte streams with the same function. ... -
24
Lapis
A web framework for Lua and OpenResty written in MoonScript
Lapis is a framework for building web applications in Lua (or MoonScript) that primarily targets OpenResty, a high-performance web platform that runs on a customized version of Nginx. Lapis can also be used in other server environments, being compatible with any modern version of Lua. With OpenResty, Lua is run directly inside of the Nginx worker using LuaJIT, giving you the smallest barrier between the webserver and your code. Have a look at Web Framework Benchmarks just to see how... -
25
SANTETIN
Santetin is a website stress test and DDOS simulation tool
Santetin is a powerful desktop application built with Electron to perform website stress tests, penetration testing simulations, DDOS attacks, and traffic jingling for testing and educational purposes. ⚠️ Disclaimer: This tool is intended for educational and testing purposes only. Do not use it against any website without explicit permission from the owner.
