Search Results for "http header injection"
Sort By:
Showing 38 open source projects for "http header injection"
View related business solutions-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
1
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. ... -
2
WireMock
A tool for mocking HTTP services
HTTP response stubbing, matchable on URL, header and body content patterns. Request verification, runs in unit tests, as a standalone process or as a WAR app. Configurable via a fluent Java API, JSON files and JSON over HTTP. Record/playback of stubs, fault injection, per-request conditional proxying, browser proxying for request inspection and replacement. -
3
Beast
HTTP and WebSocket built on Boost.Asio in C++11
Beast is a header-only C++ library that provides low-level HTTP, WebSocket, and networking protocol building blocks on top of Boost.Asio. It is designed for developers who need to build interoperable clients, servers, proxies, gateways, or custom protocol components rather than using a high-level web framework. Beast follows Boost.Asio’s asynchronous model, so it fits naturally into event-driven C++ networking applications. -
4
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics... -
Stop vibe-debugging.AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of... -
6
jwt-auth
JSON web token authentication for Laravel and Lumen
...Once a user has logged in with their credentials, then the next step would be to make a subsequent request, with the token, to retrieve the users' details, so you can show them as being logged in. To make authenticated requests via http using the built in methods, you will need to set an authorization header. If you don't like the idea of catching mulitple exceptions inline, then you are free to add a global exception handler with Laravel. -
7
Go Backend Clean Architecture
A Go (Golang) Backend Clean Architecture project with Gin, MongoDB
This repository is a production-minded Go backend starter that applies Clean Architecture to keep business logic independent from frameworks, databases, and delivery mechanisms. It organizes code into layers—domain, use cases, interfaces/adapters—so swapping an HTTP framework or database does not ripple through core logic. The template includes well-chosen scaffolding for configuration, logging, dependency injection, error handling, and request validation so teams can focus on business features. It demonstrates practical patterns for repository interfaces, DTOs, and consistent response envelopes that keep APIs predictable. ... -
8
Apache APISIX
The cloud-native API gateway
Provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more. Based on the Nginx library and etcd. Cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices. Apache APISIX is based on Nginx and etcd. Compared with traditional API gateways, APISIX has dynamic routing and plug-in hot loading, which is... -
9
Privoxy
HTTP proxy to block ads and customize webpages
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks. -
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
10
FileCentipede
File centipede is an internet file download manager
File centipede is an internet file download/upload manager, Torrent client, WebDAV client, FTP client, and SSH client. It's fast, customizable, user-friendly, multi-protocols supported, and free with no ads. It also contains many useful auxiliary tools such as HTTP requester, file merge, and encoders. With the browser integration, you can download audio and videos from websites, even encrypted videos. File centipede makes everything easy and efficient, it's the best internet download... -
11
WFDownloader App
Free batch downloader for image, wallpaper, video, audio, document,
Use as an image gallery, wallpaper, audio/music, video, document, and other media bulk downloader from supported websites. Also use to download sequential website urls that have a certain pattern (e.g. image01.png to image100.png). Also use app's built-in site crawler for advanced link search or extraction. There is also special support for forum media downloading, forum thread offline archiving, rss feed downloading, and open directory downloading. It's a programmable downloader and also... -
12
DAR - Disk ARchive
For full, incremental, compressed and encrypted backups or archives
DAR is a command-line backup and archiving tool that uses selective compression (not compressing already compressed files), strong encryption, may split an archive in different files of given size and provides on-fly hashing, supports differential backup with or without binary delta, ftp and sftp protocols to remote cloud storage Archive internal's catalog, allows very quick restoration even a single file from a huge, eventually sliced, compressed, encrypted archive eventually located on... -
13
RY GeoIP 3
User-friendly network & geolocation tools, APIs integration and more!
RY GeoIP 3 is a powerful application that combines network and geolocation tools for comprehensive analysis. With its user-friendly interface and integration with Google Maps API and API Ninja DNS Lookups service, you can perform a wide range of operations, from geolocation lookups and ping tests to DNS analysis, traceroute, SSL certificate inspection, header data retrieval, and open port scanning. The ability to save data as PDFs and maps as images further enhances the utility of the... -
14
Nginx-Clojure
Nginx module for embedding Clojure or Java or Groovy programs
Nginx module for embedding Clojure or Java or Groovy programs, typically those Ring based handlers. Compatible with Ring and obviously supports those Ring-based frameworks, such as Compojure, etc. HTTP Services by using Clojure / Java / Groovy to write simple handlers for HTTP services. A build-in Jersey container to support java standard RESTful web services (JAX-RS 2.0). Tomcat 8 embedding support (so servlet 3.1/jsp/sendfile/JSR-356 WebSocket work within nginx!). Dynamic proxying by using... -
15
WebDeets
WebDeets Powerful And Versatile Network Utility App
WebDeets Is A Network Utility App That Is Used For Network Diagnostics And Troubleshooting. Provide Features That Can Help, Network Administrators And IT Professionals To Monitor And Troubleshoot Network Performance, Identify Potential Vulnerabilities And Take Proactive Steps To Address Any Issues. It Can Convert IP Addresses To Hostnames And Vice Versa And Comes With Preloaded Commands Of Netstat And Ping. It Allows You To Save Results In Different Formats And Has A Real-Time... -
16
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
17
KonsolScript: Automate and Orchestrate
Embeddable scripting runtime for live behavior, AI, and automation.
...Hot-reload behavior, patch running apps, and orchestrate AI workflows - without rebuilding or redeploying the binary. Ship once. Evolve forever. Key capabilities: - Embed into any C++ app with a single header - Hot-reload scripts at runtime without restarting - AI-safe: validate or reject scripts before execution - Orchestrate LLMs (OpenAI, Claude, Gemini, Ollama) in .ks scripts - Built-in: String, File, JSON, CSV, Math, Regex, and more - Plugins: HTTP, SQLite, MySQL, TCP, Redis, Crypto, JWT, Zip - Push behavior updates to remote instances over TCP Use cases: - Scriptable game engines (hot-patch rules mid-session) - AI event bridges (natural language to live app behavior) - Automation pipelines (CI, log triage, file processing) - LLM orchestration workflows Docs: https://konsolscript.sf.net/kookbook.html -
18
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
19
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
20
DOClever
The best interface management platform
...Whether you are a front-end engineer or a back-end engineer, the interface is always the bridge for the interaction between the two, so DOClever is specially designed for small and medium-sized teams, aiming to solve interface management, testing and data generation, and achieve a truly integrated solution plan. Can edit and manage interface information, support five methods of getting, post, put, delete, patch, support HTTP and HTTPS protocols, and support visual editing of query, body, JSON, raw, rest, formdata parameters. At the same time, unlimited levels of visual editing can be performed on JSON. And, additional features like status codes, code injection, markdown documentation, and more. Support the import of postman, rap, and swagger, which is convenient for you to do seamless migration, and also supports the export of HTML files, which is convenient for you to browse offline! -
21
Zeus Scanner
Advanced reconnaissance utility
...It also supports proxy configurations, Tor proxy compatibility, and Tor browser emulation for flexible routing during authorized assessments. Zeus-Scanner includes checks for issues such as XSS, SQL injection, clickjacking, exposed admin panels, port scanning, whois lookup, and header protection. It is most useful for penetration testers and researchers who need a broad reconnaissance toolkit, though its older Python 2-style setup makes environment compatibility important. -
22
Ethernet POWERLINK XDD Tool Suite
Provides eclipse plugins for XDD edit, validation and OD generation.
The plugins include functionality to edit and check CN / MN XDD / XDC files against the DS311 V1.2.0 and the DS 301 1.3.0 specification. Another plugin enables the user to generate the object dictionary header file from an XDD / XDC file for the openPOWERLINK (https://goo.gl/Cg77Oi) implementation. Please note that the validation functionality works properly for Controlled and Managing Node XDD / XDC files. Please use the update site to install the plugin in your eclipse environment: http://sourceforge.net/projects/xddpluginsuite.openconf.p/files/update_site/ User Manual: https://goo.gl/hvtLAq XDD editor plugin user manual: https://goo.gl/Fo5pUQ Install via Eclipse marketplace: https://goo.gl/eAZAn9 Link to the openCONFIGURATOR parent project: https://sourceforge.net/projects/openconf/ -
23
TOFFEE-DataCenter
Linux Server and Data-Center WAN Optimization
TOFFEE-DataCenter is the new TOFFEE variant meant for Data-Center, Server, HPC, Load Balancing, Cluster/Cloud Computing and SDN deployments. With TOFFEE-DataCenter (and or TOFFEE), OEMs and other equipment vendors can make use of this platform/stack, integrate, port and build WAN Optimization devices/appliances on to their existing product range. Or build a dedicated WAN Optimization hardware product series via the same. -
24
ng-token-auth
Token based authentication module for angular.js
ng‑token‑auth is an AngularJS module that provides token-based authentication for single-page applications by coordinating with server-side token systems like the devise_token_auth gem. Oauth2 authentication. Email authentication, including user registration. Password reset, account updates, account deletion, seamless integration with the devise token auth Rails gem, and extensive event notifications. This module relies on token based authentication. This requires coordination between the... -
25
lua-resty-waf
High-performance WAF built on the OpenResty stack
...The result is a flexible, scriptable WAF that pairs the performance of NGINX with the expressiveness of Lua for nuanced HTTP defense.
