Search Results for "vulnerability web scanner"
Sort By:
Showing 26 open source projects for "vulnerability web scanner"
View related business solutions-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
1
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
...This is especially valuable for projects that mix web UIs with server-side scripting, developer tooling, or plugin ecosystems where untrusted input could enter execution paths. The scanner integrates with standard CI/CD pipelines, letting teams detect issues early in development rather than discovering them in production or during penetration testing. -
2
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
3
Trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers
Trivy is the most popular open source security scanner, reliable, fast, and easy to use. Use Trivy to find vulnerabilities & IaC misconfigurations, SBOM discovery, Cloud scanning, Kubernetes security risks,and more. Trivy is praised by professionals from organizations worldwide. Are you a Trivy fan as well? We’d love to hear from you! Trivy detects vulnerabilities from a wide array of operating systems and programming languages, across different versions, and vulnerability sources. ... -
4
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. -
6
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
7
NGINX Admin’s Handbook
How to improve NGINX performance, security, and other important things
nginx-admins-handbook is a practical, in-depth guide for configuring, securing, and operating NGINX across real-world deployments. It distills years of research, notes, and field experience into a single handbook that complements the official docs with concrete rules, explanations, and curated external references. The handbook spans fundamentals and advanced topics alike, from HTTP and SSL/TLS basics to reverse proxy patterns, performance tuning, debugging workflows, and hardening... -
8
SafeUtils
110+ developer tools as native MacOS, Linux & Windows desktop apps.
Tools: https://safeutils.com/barcode-generator https://safeutils.com/color-picker https://safeutils.com/qr-code-generator https://safeutils.com/qr-code-scanner https://safeutils.com/word-counter https://safeutils.com/base-64-decoder https://safeutils.com/diff-checker https://safeutils.com/hex-to-ascii https://safeutils.com/json-formatter https://safeutils.com/lorem-ipsum-generator https://safeutils.com/random-generator https://safeutils.com/time-converter https://safeutils.com/... -
9
MBR WP Performance
Comprehensive WordPress performance optimization plugin
MBR WP Performance is the WordPress optimisation plugin for users who want real control. Instead of hiding complexity behind a single button, it provides transparent, granular controls for every performance technique—so you understand exactly what each feature does. Core Features: Disable WordPress features that you don’t need. Self-host and preload Google Fonts, lazy load images and videos, defer/delay JavaScript execution, generate and inline critical CSS, preload critical resources,... -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
WebDeets
WebDeets Powerful And Versatile Network Utility App
WebDeets Is A Network Utility App That Is Used For Network Diagnostics And Troubleshooting. Provide Features That Can Help, Network Administrators And IT Professionals To Monitor And Troubleshoot Network Performance, Identify Potential Vulnerabilities And Take Proactive Steps To Address Any Issues. It Can Convert IP Addresses To Hostnames And Vice Versa And Comes With Preloaded Commands Of Netstat And Ping. It Allows You To Save Results In Different Formats And Has A Real-Time... -
11
ESP8266 Deauther Version 2
Affordable WiFi hacking platform for testing and learning
Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners! Version 3 is in development. It is stable to use, but it is very different. It is command-line based, which allows it to offer not just more features, but make them more customizable. This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is... -
12
Paperless-ng
A supercharged version of paperless, scan, index and archive docs
...I do not have to worry about finding stuff again. I feed documents right from the post box into the scanner and then shred them. Perhaps you might find it useful too. Paperless-ng is a fork of the original paperless project. It changes many things both on the surface and under the hood. Paperless-ng was created because I feel that these changes are too big to be pushed into the main repository right away. -
13
ATTendee Biometric Attendance Solution
ATTendee Biometric Time Attendance Solution with ZK Devices
ATTendee Time and Attendance lets you control how your employees clock in and out hourly – all of which are easy to use and integrate automatically with payroll. With the use of an ATTendee biometric solution, employees’ arrival and departure times are registered with the touch of a finger on biometric scanner. Installation throughout your work locations is easy to make it convenient for employees to clock in and out at the start of their day, for lunch and other scheduled... -
14
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
15
xxe
Intentionally vulnerable web services exploitable with XXE
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability... -
16
Hcon Security Testing Framework
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more. -
17
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
18
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2... -
19
Umbrella Project 2012
Security (Hack) Application
What is include 1.Web Scanners a) RFI Scanner b) LFI Scanner c) SQLi Scanner d) Log Scanner e) Xss Scanner f) Google Scanner h) Joomla and WordPress Scanner 2.IP Reverse 3. Deface Mass Saver a) Zone-h deface saver b) IMT deface saver 4. MD5 Hash Cracker a) Online MD5 Hash Cracker (49 Sites) b) Manuel MD5 Hash Cracker 5. Admin Finder 6.Exploit Finder 7. -
20
You know the component scanning feature of Spring? You'll love this: component scanning as easy as select(javaClasses()).from("your.package").returning(allAnnotatedWith(YourAnnotation.class)). Can support any language running on the JVM. ---------- eXtcos is now also available from Maven Central. To include it into your Maven project just add this dependency: groupId: net.sf.extcos artifactId: extcos version: 0.4b Unfortunately Sourceforge doesn't support XML snippets in the...
-
21
PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...
-
22
This application uses the index facilities created with the JarIndexer to determine what dependencies a project needs based on the source code imports, spring configurations, etc.
-
23
The Web Application Reliability and Defense (WARD) framework is a two-part security solution composed of a vulnerability detection component, SecureUnit, and a vulnerability protection component, SecureFilter.
-
24
Many Tools: PHP-based context-free grammar (CFG) parser generator, simple scanner generator, and nascent object relational mapping/query language in PHP. Talks to Postgres, MySQL for now. Needs PHP5. Comes with (relies on) many convenience functions.
-
25
Code name 'Monkey Juice' is an attempt to create versatile, modular remote security scanner for the Win32 platform. Written in C#, 'Monkey Juice' will incorporate an XML plugin database of C# libraries that will be loaded at scan time.
