Search Results for "web security"
Sort By:
Showing 33 open source projects for "web security"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ... -
2
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. ... -
3
Zuul
Gateway service providing dynamic routing, monitoring and more
Zuul is an L7 application gateway that offers many capabilities, including dynamic routing, monitoring, security, resiliency and more. It is used in the backend of the Netflix streaming service as a front door for all requests from devices and web sites. Zuul is ideal for cases like this where API traffic volume and diversity can become overwhelming and cause production issues to arise suddenly and without warning. Zuul has a broad range of filters that enable it to perform multiple functions quickly and apply functionality to services like Netflix. ... -
4
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of... -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
6
Bootsmann
A minimalistic, lean and fast HTTP REST API test application
Bootsmann is an opensource C++ alternative to Postman/Insomnia/Hoppscotch for simple HTTP REST API testing. It is especially useful for embedded devices and local development, where low memory usage and fast response times are crucial. -
7
retrap
Open-Source intelligence tracking and analysis tool.
(OSINT) Open-Source intelligence tracking and analysis tool. - Disclaimer: This tool is experimental in its Alpha phase. It's developed and published as a small building block of a master's thesis research. So use it for educational purposes only and at your own discretion, the author cannot be held responsible for any damages caused. -
8
httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.
-
9
RND
Random data generator: secure character streams and large files
Generate a lot of random junk. Create: • huge files • random character stream • specific character sequence Example uses - generate: • specific number of characters for testing web forms • restricted range character stream • control characters, 'high characters', emojis for fuzzing application input • specific byte sequence • Unicode character range • file overwrites to the exact byte count • custom text strings as content filler • long password strings • specific... -
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
10
Nishang
Offensive PowerShell for red team and penetration testing
...Two basic methods to execute PowerShell scripts in memory. Use the in-memory dowload and execute: Use below command to execute a PowerShell script from a remote shell, meterpreter native shell, a web shell etc. and the function exported by it. -
11
FoxNuke
A Proffesional Stress-Testing(ddos) tool for pentesters
The FoxNuke program is written in python and uses Firefox in order to complete the distributed denial of service attack feature. Multiple headers are used from the Firefox browser, along with a personal configuration option for the Opera browser. The FoxNuke Program is still underdevelopment as of 8/24/17, full release is set to come out sometime during 2017-2018. If you would like to participate in the TESTING of this program and would like to help report bugs, etc. then please email... -
12
Filler Studio
Filler Studio for any kind of automation for Windows,Linux,Mac.
Filler Studio for any kind of automation based on Java for Windows,Linux,Mac. Automation for Web Applications and Desktop Applications and OS itself also. Automation for IRCTC. Key Replacement Utility,Print Screen Utility are also included. Video tutorials are available on youtube. List Of Utilities in Filler Studio? Filler contain List of Utility use to Deduct Repetitive task in computer. Print Screen Utility IRCTC Filler Links Screen Record Fillers Key... -
13
This is a tool to help manage multiple hosts files on one system. Check out the readme: https://svn.code.sf.net/p/hostsmanager/code/trunk/Readme.txt Please use the request tracker if you have suggestions. I also accept patches! https://sourceforge.net/p/hostsmanager/feature-requests/ https://sourceforge.net/p/hostsmanager/code/
-
14
LOIC-0
A NETWORK STRESS TOOL BASED ON PRAETOX LOIC
...IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES THIS TOOL IS RELEASED WITH NO WARRANTY AT ALL. TAGS: LOIC,Low Orbit Ion Cannon, network, stress test, security software, network tool, Windows,Linux, LOWC, Low Orbit Web Cannon, network, stress testing, load testing, server load testing, server testing. -
15
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with...
-
16
The SoapUI download has moved to https://www.soapui.org/downloads/soapui/source-forge.html With more than 9 million downloads SoapUI is the de-facto standard for REST and SOAP API functional, security and performance testing.
-
17
OWASP Security Shepherd
Web and mobile application security awareness/training platform
The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security... -
18
The concept behind DataWoo is to create a Spring-based architecture that allows developers to jump-start their coding efforts by providing a hardened and secure foundation when developing new systems; it can also be used as a reference for incorporating new technologies into existing systems. DataWoo is meant to be a research and development platform that can be extended into just about any enterprise-level web application. The architecture will be developed in three phases: 1. Basic Spring Architecture: Provides all the basic components needed to field an enterprise-level application. 2. Programmatic Security Model: Incorporates the components needed to dynamically assign users to user roles and user roles to profiles. 3. Meta-Driven Architecture: Use meta-data to dynamically configure 80%-90% of the application using the concepts exemplified in the Compiere open source project.
-
19
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS... -
20
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2... -
21
ATP
Automated Testing for Web Applications
ATP (Automatic Testing Platform) is an automated assessment framework for web applications at client-side. It performs automated functional, performance, security testing and compatibility, usability, accessibility analysis based on web navigation. -
22
fastest
Automate your software testing, the fastest way!
Fastest stands for 'Fast Automated Software test'. * This is a compilation of various open source tools complemented with a set of useful programs that help a Software Test Engineer perform the test automation with ease. * It can be envisioned as a toolkit that every test engineer would need! * Currently implemented in Java * Test Automation is not just about writing test cases in a particular programming language. There are a lot more activities that need to be accomplished in... -
23
This program implements a SOAP client that could send an XML to a web service and display a response interactively. It was primarily built to test different security measures that are usually implemented to protect SOAP traffic.
-
24
What is Aurora Phishing Aurora Phishing is an Package with Online Web Services like Facebook, Gmail, Twitter ripped websites used for Phishing Attack. This project was started by Croatian Security Engineer Dalibor Vlaho as a part of another project
-
25
A VM containing a turn-key solution for continuous integration with source code control, build management, automated testing, security analysis, defect tracking, and project management, all using open source tools.
