Search Results for "attacks"
Sort By:
Showing 62 open source projects for "attacks"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Context for your AI agentsBuild data pipelines that feed your AI models and agents without managing infrastructure. Crawl any website, transform content, and push directly to your preferred vector store. Use 10,000+ tools for RAG applications, AI assistants, and real-time knowledge bases. Monitor site changes, trigger workflows on new data, and keep your AIs fed with fresh, structured information. Cloud-native, API-first, and free to start until you need to scale.
-
1
BeEF
The browser exploitation framework project
...BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. -
2
Pants Build System
The Pants Build System
...Pants has out-of-the-box support for multiple dependency resolves and their corresponding lockfiles, so you can have hermetic, repeatable builds that are resilient to supply chain attacks, even in complex situations where you have multiple versions of the same dependencies in different parts of the codebase. -
3
Node Argon2
Node.js bindings for Argon2 hashing algorithm
A Node.js library for hashing passwords securely using the Argon2 key derivation function, a modern cryptographic algorithm. -
4
GuardDog
GuardDog is a CLI tool to Identify malicious PyPI and npm packages
guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain risks and prevent malicious or vulnerable packages from being used. -
The Most Powerful Software Platform for EHSQ and ESG ManagementChoose from a complete set of software solutions across EHSQ that address all aspects of top performing Environmental, Health and Safety, and Quality management programs.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
6
NPQ
Install packages with npm or yarn by auditing them
npq is a security-focused package manager that analyzes npm dependencies for potential vulnerabilities before installation. It helps developers ensure the safety of their projects by checking for malicious or outdated packages. -
7
lockfile linting
Lint an npm or yarn lockfile to analyze and detect security issues
lockfile-lint is a security tool that helps validate npm and Yarn lockfiles to prevent malicious dependency injections. It checks for common security issues such as package integrity violations and unauthorized registry usage. -
8
Locust
Scalable open source load testing tool
Locust is an open source user load testing tool written in Python. The idea behind Locust is to swarm your web site or other systems with attacks from simulated users during a test, with each user behavior defined by you using Python code. This swarming process is then monitored from a web UI in real-time, and will help identify any bottlenecks in your code before real users can come in. As it is completely event-based, Locust can have thousands or even millions of simultaneous users distributed over multiple machines swarming your system. ... -
9
Scapy
Scapy is a Python-based interactive packet manipulation program
...It is designed to allow fast packet prototyping by using default values that work. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected channel, ...), etc. ... -
Axe Credit Portal - ACP- is axefinance’s future-proof AI-driven solution to digitalize the loan process from KYC to servicing, available as a locally hosted or cloud-based software.Founded in 2004, axefinance is a global market-leading software provider focused on credit risk automation for lenders looking to provide an efficient, competitive, and seamless omnichannel financing journey for all client segments (FI, Retail, Commercial, and Corporate.)
-
10
Themis
Easy to use cryptographic framework for data protection
...Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. Based on ECC + ECDSA / RSA + PSS + PKCS#7. -
11
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,... -
12
Status - a Mobile Ethereum OS
A free (libre) open source, mobile OS for Ethereum
...Safely send, store and receive cryptocurrencies including ERC20 and ERC721 tokens with the Status crypto wallet. Only you hold the keys to your funds. Status' intuitive design protects you and your funds from attacks. Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. Keep your private messages private with Status. Browse the growing ecosystem of DApps including marketplaces, exchanges, games, and social networks. The latest security standards ensure a private browsing experience. ... -
13
Svix
The enterprise-ready webhooks service
...You need to monitor the deliverability of your webhooks to different endpoints, disable failing ones and notify your customers. Webhooks come with a myriad of security implications, such as SSRF, replay attacks and unauthenticated webhook events. You would need to build a UI for your users to add and remove endpoints, inspect logs and get ongoing reports. Offer your users a great developer experience, including the ability to test, inspect and replay their webhooks. -
14
jsoup
Java library for working with real-world HTML
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. jsoup is designed to deal with all varieties of HTML found in the wild; from pristine and validating, to invalid tag-soup; jsoup will create a sensible parse tree. The parser will make... -
15
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
16
SSRFmap
Automatic SSRF fuzzer and exploitation tool
...It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans. Because SSRF often leads to lateral movement or internal network access, SSRFmap is especially useful for red-teamers and pentesters who want to explore chains rather than just the vulnerability surface. ... -
17
node-rate-limiter-flexible
Count and limit requests by key with atomic increments
rate-limiter-flexible counts and limits number of actions by key and protects from DDoS and brute force attacks at any scale. It works with Redis, process Memory, Cluster or PM2, Memcached, MongoDB, MySQL, PostgreSQL and allows to control of requests rate in single process or distributed environment. All operations in memory or distributed environments use atomic increments against race conditions. Combine limiters, block key for some duration, delay actions, manage failover with insurance options, configure smart key blocking in memory and many others. ... -
18
Apache APISIX
The cloud-native API gateway
...You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc. -
19
HighwayHash
Fast strong hash functions: SipHash/HighwayHash
HighwayHash is a fast, keyed hash function intended for scenarios where you need strong, DoS-resistant hashing without the full overhead of a general-purpose cryptographic hash. It’s designed to defeat hash-flooding attacks by mixing input with wide SIMD operations and a branch-free inner loop, so adversaries can’t cheaply craft many colliding keys. The implementation targets multiple CPU families with vectorized code paths while keeping a portable fallback, yielding high throughput across platforms. It exposes simple one-shot and streaming APIs, so you can hash short keys or long byte streams with the same function. ... -
20
Lapis
A web framework for Lua and OpenResty written in MoonScript
Lapis is a framework for building web applications in Lua (or MoonScript) that primarily targets OpenResty, a high-performance web platform that runs on a customized version of Nginx. Lapis can also be used in other server environments, being compatible with any modern version of Lua. With OpenResty, Lua is run directly inside of the Nginx worker using LuaJIT, giving you the smallest barrier between the webserver and your code. Have a look at Web Framework Benchmarks just to see how... -
21
Secure Protocol Format
Generic binary protocol library that prevents injection attacks
...In addition to delimiting data by length, it also affords programmers the ability to use text for describing data, just like tags are used in HTML and XML. Thus, SPF provides a simple and practical approach to preventing command injection attacks while allowing text to describe data. -
22
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
23
PWSLIB3
Password Safe encrypted databases, Java library
Java module to create, read and write Password Safe V3 encrypted databases. The package is a mature offspring from project JPasswords and can be used with Java 1.8. There is an API document available. -
24
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
25
PetoronHash-System
PHASH | post-quantum XOF hashing algorithm | C++20
...Key Features No external dependencies — pure C++20 implementation. Extendable Output (XOF) — supports arbitrary output length (256–8192+ bits). Post-quantum oriented design — ARX-based sponge resistant to Grover-type attacks. Context and salt separation — unique hashing domains for each use-case. Optimized performance — ~120–130 MB/s Comprehensive verification — verify_all.sh performs KAT tests, determinism checks, and performance validation. Verification Script: chmod +x verify_all.sh ./verify_all.sh https://github.com/01alekseev/PetoronHash-System Ivan Alekseev | petoron.org
