Search Results for "http header injection"
Sort By:
Showing 34 open source projects for "http header injection"
View related business solutions-
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
$300 Free Credits to Build on Google CloudStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
-
1
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. ... -
2
WireMock
A tool for mocking HTTP services
HTTP response stubbing, matchable on URL, header and body content patterns. Request verification, runs in unit tests, as a standalone process or as a WAR app. Configurable via a fluent Java API, JSON files and JSON over HTTP. Record/playback of stubs, fault injection, per-request conditional proxying, browser proxying for request inspection and replacement. -
3
Beast
HTTP and WebSocket built on Boost.Asio in C++11
Beast is a header-only C++ library that provides low-level HTTP, WebSocket, and networking protocol building blocks on top of Boost.Asio. It is designed for developers who need to build interoperable clients, servers, proxies, gateways, or custom protocol components rather than using a high-level web framework. Beast follows Boost.Asio’s asynchronous model, so it fits naturally into event-driven C++ networking applications. -
4
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics... -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of... -
6
jwt-auth
JSON web token authentication for Laravel and Lumen
...Once a user has logged in with their credentials, then the next step would be to make a subsequent request, with the token, to retrieve the users' details, so you can show them as being logged in. To make authenticated requests via http using the built in methods, you will need to set an authorization header. If you don't like the idea of catching mulitple exceptions inline, then you are free to add a global exception handler with Laravel. -
7
Go Backend Clean Architecture
A Go (Golang) Backend Clean Architecture project with Gin, MongoDB
This repository is a production-minded Go backend starter that applies Clean Architecture to keep business logic independent from frameworks, databases, and delivery mechanisms. It organizes code into layers—domain, use cases, interfaces/adapters—so swapping an HTTP framework or database does not ripple through core logic. The template includes well-chosen scaffolding for configuration, logging, dependency injection, error handling, and request validation so teams can focus on business features. It demonstrates practical patterns for repository interfaces, DTOs, and consistent response envelopes that keep APIs predictable. ... -
8
Apache APISIX
The cloud-native API gateway
Provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more. Based on the Nginx library and etcd. Cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices. Apache APISIX is based on Nginx and etcd. Compared with traditional API gateways, APISIX has dynamic routing and plug-in hot loading, which is... -
9
Privoxy
HTTP proxy to block ads and customize webpages
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks. -
Error to trace to log to deploy. One click. No SSH.AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
-
10
FileCentipede
File centipede is an internet file download manager
File centipede is an internet file download/upload manager, Torrent client, WebDAV client, FTP client, and SSH client. It's fast, customizable, user-friendly, multi-protocols supported, and free with no ads. It also contains many useful auxiliary tools such as HTTP requester, file merge, and encoders. With the browser integration, you can download audio and videos from websites, even encrypted videos. File centipede makes everything easy and efficient, it's the best internet download... -
11
WFDownloader App
Free batch downloader for image, wallpaper, video, audio, document,
Use as an image gallery, wallpaper, audio/music, video, document, and other media bulk downloader from supported websites. Also use to download sequential website urls that have a certain pattern (e.g. image01.png to image100.png). Also use app's built-in site crawler for advanced link search or extraction. There is also special support for forum media downloading, forum thread offline archiving, rss feed downloading, and open directory downloading. It's a programmable downloader and also... -
12
DAR - Disk ARchive
For full, incremental, compressed and encrypted backups or archives
DAR is a command-line backup and archiving tool that uses selective compression (not compressing already compressed files), strong encryption, may split an archive in different files of given size and provides on-fly hashing, supports differential backup with or without binary delta, ftp and sftp protocols to remote cloud storage Archive internal's catalog, allows very quick restoration even a single file from a huge, eventually sliced, compressed, encrypted archive eventually located on... -
13
Nginx-Clojure
Nginx module for embedding Clojure or Java or Groovy programs
Nginx module for embedding Clojure or Java or Groovy programs, typically those Ring based handlers. Compatible with Ring and obviously supports those Ring-based frameworks, such as Compojure, etc. HTTP Services by using Clojure / Java / Groovy to write simple handlers for HTTP services. A build-in Jersey container to support java standard RESTful web services (JAX-RS 2.0). Tomcat 8 embedding support (so servlet 3.1/jsp/sendfile/JSR-356 WebSocket work within nginx!). Dynamic proxying by using... -
14
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
15
KonsolScript: Automate and Orchestrate
Embeddable scripting runtime for live behavior, AI, and automation.
...Hot-reload behavior, patch running apps, and orchestrate AI workflows - without rebuilding or redeploying the binary. Ship once. Evolve forever. Key capabilities: - Embed into any C++ app with a single header - Hot-reload scripts at runtime without restarting - AI-safe: validate or reject scripts before execution - Orchestrate LLMs (OpenAI, Claude, Gemini, Ollama) in .ks scripts - Built-in: String, File, JSON, CSV, Math, Regex, and more - Plugins: HTTP, SQLite, MySQL, TCP, Redis, Crypto, JWT, Zip - Push behavior updates to remote instances over TCP Use cases: - Scriptable game engines (hot-patch rules mid-session) - AI event bridges (natural language to live app behavior) - Automation pipelines (CI, log triage, file processing) - LLM orchestration workflows Docs: https://konsolscript.sf.net/kookbook.html -
16
OWASP ModSecurity CRS
OWASP ModSecurity Core Rule Set (CRS) Project
The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ... -
17
inspectIT
inspectIT is the leading Open Source APM
inspectIT is the leading open-source APM (application performance management) tool for monitoring and analyzing your Java(EE) software applications. Various sensors capture end-to-end information for every request from the end user, to the business tier all the way to the backends. inspectIT is based on an application-centric, business-focused approach, where each technical request is mapped to an application and to a business use case. With inspectIT you always know about the health of your... -
18
Zeus Scanner
Advanced reconnaissance utility
...It also supports proxy configurations, Tor proxy compatibility, and Tor browser emulation for flexible routing during authorized assessments. Zeus-Scanner includes checks for issues such as XSS, SQL injection, clickjacking, exposed admin panels, port scanning, whois lookup, and header protection. It is most useful for penetration testers and researchers who need a broad reconnaissance toolkit, though its older Python 2-style setup makes environment compatibility important. -
19
Ethernet POWERLINK XDD Tool Suite
Provides eclipse plugins for XDD edit, validation and OD generation.
The plugins include functionality to edit and check CN / MN XDD / XDC files against the DS311 V1.2.0 and the DS 301 1.3.0 specification. Another plugin enables the user to generate the object dictionary header file from an XDD / XDC file for the openPOWERLINK (https://goo.gl/Cg77Oi) implementation. Please note that the validation functionality works properly for Controlled and Managing Node XDD / XDC files. Please use the update site to install the plugin in your eclipse environment: http://sourceforge.net/projects/xddpluginsuite.openconf.p/files/update_site/ User Manual: https://goo.gl/hvtLAq XDD editor plugin user manual: https://goo.gl/Fo5pUQ Install via Eclipse marketplace: https://goo.gl/eAZAn9 Link to the openCONFIGURATOR parent project: https://sourceforge.net/projects/openconf/ -
20
TOFFEE-DataCenter
Linux Server and Data-Center WAN Optimization
TOFFEE-DataCenter is the new TOFFEE variant meant for Data-Center, Server, HPC, Load Balancing, Cluster/Cloud Computing and SDN deployments. With TOFFEE-DataCenter (and or TOFFEE), OEMs and other equipment vendors can make use of this platform/stack, integrate, port and build WAN Optimization devices/appliances on to their existing product range. Or build a dedicated WAN Optimization hardware product series via the same. -
21
ng-token-auth
Token based authentication module for angular.js
ng‑token‑auth is an AngularJS module that provides token-based authentication for single-page applications by coordinating with server-side token systems like the devise_token_auth gem. Oauth2 authentication. Email authentication, including user registration. Password reset, account updates, account deletion, seamless integration with the devise token auth Rails gem, and extensive event notifications. This module relies on token based authentication. This requires coordination between the... -
22
lua-resty-waf
High-performance WAF built on the OpenResty stack
...The result is a flexible, scriptable WAF that pairs the performance of NGINX with the expressiveness of Lua for nuanced HTTP defense. -
23
Pop Framework
Use Java bean as model of web page, reference beans in hyperlinks
Pop Framework (or Pop), http://www.popframework.net, is a bean-based MVC framework for Java/J2EE web applications. Pop implements IoC, Dependency Injection, and AOP. Pop provides annotations for users to define and reference a bean. Pop can help users to customize a bean, a scope, a factory and a reference in object-oriented way. Pop treats a bean as the model of a web page (JSP or servlet), the webpage itself is a view of the bean. -
24
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
25
Evolution 1.0.2.2 RS
Modify Request Headers And Response Headers
Update Version 1.0.2.2 RS · Added New Data, Avaible Single Data And Double Data. · Options Extended Borders · Added Tun Sock's Tap · Bugs Fix For Header Evolution Version 1.0.2.1 RS · Methode · Encrype Line · Mode Line · End Line · Query · Add Header · Replacer · Network · A & T Command · Multi Connection · Setting Proxy IDM · Setting Proxy IE · HTTP Ping Manual URL · Added Encrypt Line LF · Mode Line Maximum ( Infinity ) · Custom Header 1 · Custom Header 2 · Header Log · Clear Manual Header Log · Save / Copy Header Log With a nice and simple interface, a decent feature pack and easy enough to be handled by less experienced users, Evolution RS puts up a good performance and earns a place among the recommended tools in its category...
