Search Results for "vulnerability web scanner"

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language.

The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans.

...CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

nginx-admins-handbook is a practical, in-depth guide for configuring, securing, and operating NGINX across real-world deployments. It distills years of research, notes, and field experience into a single handbook that complements the official docs with concrete rules, explanations, and curated external references. The handbook spans fundamentals and advanced topics alike, from HTTP and SSL/TLS basics to reverse proxy patterns, performance tuning, debugging workflows, and hardening...

LabMACOSX: Is a laboratory of applications written in Applescript language. Brutosx is brutus.pl remote login and password bruteforce cracker inserted inside the application Brutosx (need only of Net::Telnet Perl module are required get them at CPAN, while the list of users and passwords, and the service is inserted inside the application). SSHOSX is ssh application client to establish an ssh connection from client to server, Nmaposx is nmap port scanner invoked from the application Nmaposx...

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

You know the component scanning feature of Spring? You'll love this: component scanning as easy as select(javaClasses()).from("your.package").returning(allAnnotatedWith(YourAnnotation.class)). Can support any language running on the JVM. ---------- eXtcos is now also available from Maven Central. To include it into your Maven project just add this dependency: groupId: net.sf.extcos artifactId: extcos version: 0.4b Unfortunately Sourceforge doesn't support XML snippets in the...

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

The Web Application Reliability and Defense (WARD) framework is a two-part security solution composed of a vulnerability detection component, SecureUnit, and a vulnerability protection component, SecureFilter.

Many Tools: PHP-based context-free grammar (CFG) parser generator, simple scanner generator, and nascent object relational mapping/query language in PHP. Talks to Postgres, MySQL for now. Needs PHP5. Comes with (relies on) many convenience functions.

Extended BON is a superset of BON, a clear and concise graphical and textual specification language for software systems. This tool suite consists of a scanner, parser, documentation generator, and design model checker for Extended BON.