Search Results for "owasp broken web"
Sort By:
Showing 24 open source projects for "owasp broken web"
View related business solutions-
Context for your AI agentsBuild data pipelines that feed your AI models and agents without managing infrastructure. Crawl any website, transform content, and push directly to your preferred vector store. Use 10,000+ tools for RAG applications, AI assistants, and real-time knowledge bases. Monitor site changes, trigger workflows on new data, and keep your AIs fed with fresh, structured information. Cloud-native, API-first, and free to start until you need to scale.
-
Turn more customers into advocates.The platform's advanced capabilities ensure companies get the most out of their referral programs. Leverage custom events, profiles, and attributes to enable dynamic, audience-specific referral experiences. Use first-party data to tailor customer segment messaging, rewards, and engagement strategies. Use our flexible APIs to build management capabilities and consumer experiences–headlessly or hybrid. We have all the tools you need to build scalable, secure, and high-performing referral programs.
-
1
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. -
2
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ... -
3
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. -
4
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. -
Inventors: Validate Your Idea, Protect It and Gain Market AdvantagessenseIP is an AI innovation platform for inventors, automating any aspect of IP from the moment you have an idea. You can have it researched for uniqueness and protected; quickly and effortlessly, without expensive attorneys. Built for business success while securing your competitive edge.
-
5
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. -
6
OnlineToolsBook
Online tool cheats, write a high-quality manual for online tools
...For someone who frequently resorts to ad-hoc web tools to solve tasks (text manipulation, image processing, conversion, utilities), OnlineToolsBook acts as an aggregator of “cheat sheets” or curated pointer collection rather than a specific application. The intention appears to be long-term: the repository can be updated to reflect new tools, remove broken ones, organize categories, or provide usage hints — so it becomes a living, crowd-maintained reference. -
7
m23
Your linux deployment tool!
m23 is a free software distribution system (license: GPL), that installs (via network, starting with partitioning and formatting) and administrates (updates, adds / removes software, adds / removes scripts) clients with Debian, (X/K)Ubuntu and LinuxMint. It is used for deployment of Linux clients in schools, institutions and enterprises. The m23 server is controlled via a web interface. A new m23 client can be installed easily in only three steps. Group functions and mass installation... -
8
patch-package
Fix broken node modules instantly
patch-package lets app authors instantly make and keep fixes to npm dependencies. It's a vital band-aid for those of us living on the bleeding edge. Patches created by patch-package are automatically and gracefully applied when you use npm(>=5) or yarn. No more waiting around for pull requests to be merged and published. No more forking repos just to fix that one tiny thing preventing your app from working. You can use --save-dev if you don't need to run npm in production, e.g. if you're... -
9
CSS Critic
Lightweight CSS regression testing
A lightweight tool for regression testing of Cascading Style Sheets. Your web stack should be fully testable. CSS Critic closes the gap in front-end testing and makes HTML & CSS testable - no more broken UI. For example, make it supervise changes to your project's responsive style guide so you know things are looking good. We believe that your UI will change often enough that a lightweight process on managing changes (near instant feedback, anyone?) -
DAT Freight and Analytics - DATDAT Freight & Analytics operates DAT One, North America’s largest truckload freight marketplace; DAT iQ, the industry’s leading freight data analytics service; and Trucker Tools, the leader in load visibility. Shippers, transportation brokers, carriers, news organizations, and industry analysts rely on DAT for market trends and data insights, informed by nearly 700,000 daily load posts and a database exceeding $1 trillion in freight market transactions. Founded in 1978, DAT is a business unit of Roper Technologies (Nasdaq: ROP), a constituent of the Nasdaq 100, S&P 500, and Fortune 1000. Headquartered in Beaverton, Ore., DAT continues to set the standard for innovation in the trucking and logistics industry.
-
10
The Lift Web Framework
Lift Framework
Lift is the most powerful, most secure web framework available today. There are Seven Things that distinguish Lift from other web frameworks. Lift apps are resistant to common vulnerabilities including many of the OWASP Top 10. Lift apps are fast to build, concise and easy to maintain. Lift apps are high-performance and scale in the real world to handle insane traffic levels. -
11
Photonix Photo Manager
A modern, web-based photo management server
A modern, web-based photo management server. Run it on your home server and it will let you find the right photo from your collection on any device. Smart filtering is made possible by object recognition, face recognition, location awareness, color analysis and other ML algorithms. This project is currently in development and not feature complete for a version 1.0 yet. -
12
Ooui Web Framework
UI library that brings the simplicity of native UI development to web
...Ooui has been broken up into several packages to increase the variety of ways that it can be used. When the user requests a page, the page will connect to the server using a web socket. This socket is used to keep the server's in-memory model of the UI (the one you work with as a programmer) in sync with the actual UI shown to the user in their browser. -
13
chklinks is a non-threaded Perl link checker. It helps finding broken links on your website. It does not raises many simultaneously connections for its job, run out of the resources and crash your system in a moment.
-
14
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
15
Offensive Web Testing Framework
Offensive Web Testing Framework (OWTF), is a framework
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted... -
16
webchat
Websocket project based on vue
Websocket project based on vue. Register and log in, chat with others View history, multiple chatrooms, chat with a robot, send pictures, send links, send emoji, preview picture, Message not read, and broken line reconnection. -
17
Texinfo Web Publisher
Multi-format web publishing system based on Texinfo
Texinfo Web Publisher is a Makefile based publishing system featuring simultaneous con- tent creation into HTML, non-split HTML, Framed HTML, HTML Zip, XML, DocBook, PDF, DjVu, PostScript, DVI, Plain text, Info and EPUB book formats. All Texinfo Web Publisher output formats are from a single source. Texinfo Web Publisher can be used for website creation has FTP deployment capabilities and supports Cascading Style Sheets (CSS). Texinfo Web Publisher is a low maintenance solution for... -
18
OWASP Security Shepherd
Web and mobile application security awareness/training platform
The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security... -
19
xxe
Intentionally vulnerable web services exploitable with XXE
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability... -
20
sitecheck
Modular web site spider for web developers.
More than just a link checker, sitecheck is a website spider (also known as a crawler) which can assist with SEO by testing an entire site plus both inbound links from search engines and outbound links to other sites for the following issues: looping redirects (HTTP 301/302), broken links (HTTP 404), server errors (HTTP 500), spelling mistakes, low readability scores (using the Flesch Reading Ease test), missing/empty/duplicate meta tags, duplicate content, slow page speed, W3C validation... -
21
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
22
phprbac
PHP Role Based Access Control library
RBAC (role based access control) is the de-facto standard in authorization and access control, because its much easier to maintain and use than traditional ACLs. Unfortunately due to its complicated internals, not many implementations are available. PHP RBAC is compatible with NIST Level 2 RBAC standard and provides even more, with best performance yet available for any authorization library, and its for PHP. Note: Development and support has been moved to Github... -
23
Tryit Editor
A free, open source, and easy to use HTML editor
WEBS TOOK TRYIT EDITOR DOWN, TRYING TO REUPLOAD TRYIT EDITOR TO ANOTHER HOSTING SERVICE. Tryit Editor is a lightweight HTML editor that uses CodeMirror to highlight code. It features an easy to use WYSIWYG interface, as well as many functions, such as saving to local disk. Features automatic updates of main script files. Code is released under MIT license. CodeMirror is copyright Marijn Haverbeke, and is released under a MIT-style license. Read the CodeMirror license at:... -
24
The Filters project team are building API's which will filter malicious input to applications that is used to launch various attacks. The filters will sanitize input rendering it harmless and detect specific attacks. This project will develop imple
- Previous
- You're on page 1
- Next
