Search Results for "vulnerability" - Page 2
Sort By:
Showing 51 open source projects for "vulnerability"
View related business solutions-
Atera - an All-in-one platform for IT managementYour IT essentials, integrated & elevated. Take your IT management from automated to autonomous, download Atera's agent to start your free trial!
-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
1
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
2
TRAK Viewpoints
Specifications for TRAK architecture views
The architecture viewpoints (specifications for architecture views iaw ISO 42010) for TRAK. TRAK is a general systems-thinkers'/system engineering enterprise architecture framework. It is simple, user-friendly, pragmatic and not limited to IT. 100% triple-centric and semantically-sound. Defines a total of 24 viewpoints. The ones needed are selected by taking the task sponsor's concerns and matching them to the typical concerns that each TRAK viewpoint addresses. The triples that address... -
3
Sparx' EA - MDG for TRAK
MDG for Sparx' Enterprise Architect to Create TRAK arch. descriptions
Custom add-in (MDG technology) for Sparx Systems Enterprise Architect UML modelling tool (https://sparxsystems.com/products/ea/index.html) to create architecture descriptions using TRAK https://sf.net/projects/trak Provides: - the set of TRAK views that can be represented using UML and SysML . Each view display a custom toolbox palette with the objects and relationships that are needed for that TRAK view - relationships can be made directly from the objects on a view using the... -
4
BlackBuntu Linux
BlackBuntu Linux
BlackBuntu is born from the passion and spirit of 2 specialists. Let’s cut the bullshit, this distribution is a GNU/Linux distribution based on Ubuntu and designed with Pentest, Security and Development in mind for the best experience. With advanced accessibility tools and options to change language, colour scheme and text size, Blackbuntu makes computing easy – whoever and wherever you are. BlackBuntu is a fully open source project, anyone can see what is inside. The building source code... -
5
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Inter-procedural taint analysis for input data. Continuous Integration (CI) support for GitHub and GitLab pipelines. Stand-alone runner or through MSBuild for custom integrations. Analyzes .NET and .NET Core projects in the background (IntelliSense) or during a build. -
6
GoKart
A static analysis tool for securing Go code
...For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. GoKart also helps to power Chariot, Praetorian's security platform that helps you find, manage, and fix vulnerabilities in your source code and cloud environments. Chariot makes it simple to run automated, continuous GoKart scans on your source code. If you want to try GoKart, you can set up a free Chariot account in minutes. -
7
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
...It supports additional probes on custom ports and protocols, enabling more flexible scanning scenarios. httprobe also allows users to adjust timeouts and prioritize HTTPS results, making it adaptable to different reconnaissance needs. Its output can be easily piped into other tools for further analysis, such as vulnerability scanning or content discovery. -
8
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
waybackurls is a command-line reconnaissance tool that retrieves historical URLs associated with a given domain by querying the Internet Archive’s Wayback Machine. It accepts input domains via standard input and outputs a list of discovered URLs, making it easy to integrate into pipelines and automated workflows. The tool is particularly valuable in security research, bug bounty hunting, and penetration testing, as it uncovers endpoints that may no longer be publicly linked but still exist... -
9
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
10
django-summernote
Simply integrate Summernote editor with Django project
...Please mind, that the widget does not provide any escaping. If you expose the widget to external users without taking care of this, it could potentially lead to an injection vulnerability. Therefore you can use the SummernoteTextFormField or SummernoteTextField, which escape all harmful tags through mozilla's package bleach. django-summernote is served with Bootstrap3 by default, but you can choose other options. -
11
ESP8266 Deauther Version 2
Affordable WiFi hacking platform for testing and learning
...This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is used to disconnect devices from their WiFi network. No one seems to care about this huge vulnerability in the official 802.11 WiFi standard, so I took action and enabled everyone who has less than 10 USD to spare to recreate this project. I hope it raises more attention on the issue. In 2009 the WiFi Alliance actually fixed the problem (see 802.11w), but only a few companies implemented it into their devices and software. -
12
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
13
reg
Docker registry v2 command line client and repo listing generator
Docker registry v2 command line client and repo listing generator with security checks. We do not allow users to pass all the custom certificate flags on commands because it is unnecessarily messy and can be handled through Linux itself. Which we believe is a better user experience than having to pass three different flags just to communicate with a registry using self-signed or private certificates. -
14
dependency-check
Checks which modules you have used in your code
Dependency-Check is a security tool that scans project dependencies to identify known vulnerabilities. It supports various package managers and helps developers secure their software supply chain. -
15
It's a long time. portablePGP need upgrade due to the vulnerability of library Bouncy Castle. ( https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on ) I need help. if you are interested. let me know. jeff, juain farn, liu 劉君帆 (jeffliu@gisbim.com)
-
16
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
17
xxe
Intentionally vulnerable web services exploitable with XXE
...This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability able to place their name on a leaderboard. As with other challenges in the OWASP Vicnum project the overall purpose is to have fun and generate interest in the topic. This challenge was used in an OWASP APPSEC 'Breaking Bad' event. -
18
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
19
ESSPEE - Penetration Testing & Forensics
(Android Forensics & Malware Analysis Included)
...Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it would help Open Source community with a better interface for Vulnerability Analysis, Penetration Testing, Malware analysis, Android and Cyber Forensics. I really enjoyed my work for the last three years. Please let me know about bugs and if possible provide solution also. -
20
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
21
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2... -
22
PyLoris
A protocol agnostic application layer denial of service attack.
PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet. -
23
Orizon is a framework intended to provide tools and facilities to test java sources for security flaws. The main goal is to detect common threats as described in Owasp top 10 vulnerability document.
-
24
Nessconnect is a GUI, CLI and API client for Nessus and Nessus compatible servers. With an improved user interface, it provides local session management, scan templates, report generation through XSLT, charts and graphs, and vulnerability trending.
-
25
The Web Application Reliability and Defense (WARD) framework is a two-part security solution composed of a vulnerability detection component, SecureUnit, and a vulnerability protection component, SecureFilter.
