Search Results for "attacks"
Sort By:
Showing 52 open source projects for "attacks"
View related business solutions-
Auth0 for AI Agents now in GAConnect your AI agents to apps and data more securely, give users control over the actions AI agents can perform and the data they can access, and enable human confirmation for critical agent actions.
-
FusionAuth: Authentication and User Management SoftwareFusionAuth adds login, registration, SSO, MFA, and a bazillion other features to your app in days - not months.
-
1
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. ... -
2
airgeddon
This is a multi-use bash script for Linux systems
...DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). "DoS Pursuit mode" is available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks). Full support for 2.4Ghz and 5Ghz bands. Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing. Cleaning and optimizing Handshake captured files. Offline password decrypting on WPA/WPA2 captured files for personal networks (Handshakes and PMKIDs) using a dictionary, brute-force, and rule-based attacks with aircrack, crunch and hashcat tools. ... -
3
ShellHub
Get seamless remote access to any Linux device
ShellHub is a centralized SSH gateway that allows users to remotely access and manage their servers and devices from anywhere, using a web browser or a mobile app. It provides a secure and convenient way to connect to and control your servers and devices and can help to improve the security of your servers by preventing unauthorized access. ShellHub incorporates the use of Docker containers to facilitate the integration of new devices into the platform, simplifying configuration. ShellHub... -
4
MemGuard
Secure software enclave for storage of sensitive information in memory
...It aims to support all major operating systems and is written in pure Go. Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. The effort is taken to prevent sensitive data from touching the disk. ... -
Teradata VantageCloud Enterprise is a data analytics platform for performing advanced analytics on AWS, Azure, and Google Cloud.VantageCloud is the complete cloud analytics and data platform, delivering harmonized data and Trusted AI for all. Built for performance, flexibility, and openness, VantageCloud enables organizations to unify diverse data sources, run complex analytics, and deploy AI models—all within a single, scalable platform.
-
5
Druid
Database connection pool written in Java
...Druid provides a monitoring feature that can be implemented through filter-chain. It also comes with WallFilter, that is based on the SQL semantic analysis to protect from SQL injection attacks. Monitor connection leaks and connect to other databases, like Oracle database. -
6
endlessh-go
A golang implementation of endlessh exporting Prometheus metrics
Endlessh is a great idea that not only blocks the brute force SSH attacks, but also wastes attackers time as a kind of counter-attack. Besides trapping the attackers, I also want to visualize the Geolocations and other statistics of the sources of attacks. Unfortunately the wonderful original C implementation of endlessh only provides text based log, but I do not like the solution that writes extra scripts to parse the log outputs, then exports the results to a dashboard, because it would introduce extra layers in my current setup and it would depend on the format of the text log file rather than some structured data. ... -
7
Slonik
A Node.js PostgreSQL client with runtime and build time type safety
Slonik is a PostgreSQL client for Node.js that ensures safe and efficient query execution by using tagged template literals, preventing SQL injection attacks and promoting better query structure. -
8
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
9
Scapy
Scapy is a Python-based interactive packet manipulation program
...It is designed to allow fast packet prototyping by using default values that work. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected channel, ...), etc. ... -
The Original Buy Center Software.VAN sources private-party vehicles from over 20 platforms and provides all necessary tools to communicate with sellers and manage opportunities. Franchise and Independent dealers can boost their buy center strategies with our advanced tools and an experienced Acquisition Coaching™ team dedicated to your success.
-
10
Locust
Scalable open source load testing tool
Locust is an open source user load testing tool written in Python. The idea behind Locust is to swarm your web site or other systems with attacks from simulated users during a test, with each user behavior defined by you using Python code. This swarming process is then monitored from a web UI in real-time, and will help identify any bottlenecks in your code before real users can come in. As it is completely event-based, Locust can have thousands or even millions of simultaneous users distributed over multiple machines swarming your system. ... -
11
NewNode
NewNode decentralized Content Distribution Network
NewNode is a decentralized content distribution network (dCDN) developed by Clostra. It functions as a mobile SDK that transforms each device into a node within a peer-to-peer and device-to-device network. This architecture enhances content delivery speed and reliability, particularly in environments prone to network disruptions or censorship. By decentralizing the distribution process, NewNode reduces dependency on traditional CDNs and hosting services, offering a resilient alternative for... -
12
Comeonin
Password hashing specification for the Elixir programming language
...It provides a uniform interface for modern algorithms such as Argon2, Bcrypt, and PBKDF2 (implemented in companion packages), along with guidance for salts, cost factors, and timing-safe comparisons. The library’s helpers make it straightforward to add registration and login flows that resist brute-force and side-channel attacks. Migration paths and checks are included so you can upgrade algorithms or work factors over time without breaking existing credentials. Its focus on practical ergonomics—clear APIs, sensible defaults, and good docs—has made it the de facto choice for password handling in Elixir. By centralizing hashing concerns, Comeonin helps teams avoid subtle security mistakes while keeping authentication code terse and testable. -
13
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Spring Security uses a Gradle-based build system. In the instructions, ./gradlew... -
14
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network. Crowdsec shouldn't, and didn't crash any production so far we know, but some features might be missing or undergo evolutions. IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). ... -
15
PHP OAuth 2.0 Server
A spec compliant, secure by default
...This ensures interoperability with other packages and frameworks. The library uses PHPUnit for unit tests. We use Github Actions, Scrutinizer, and StyleCI for continuous integration. In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by RFC2818 for any request sent to the authorization and token endpoints. The client MUST validate the authorization server’s TLS certificate as defined by RFC6125. -
16
Apache APISIX
The cloud-native API gateway
...You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc. -
17
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. ... -
18
ZipUnlocker2025
Zip Unlocker WinZip/WinRAR Password Unlocker
...Whether you're dealing with important compressed files or simply can't access your archive, this password unlocker can assist in restoring your access. With its easy-to-use interface and fast recovery process, the program supports multiple attack methods, such as brute-force and dictionary attacks, to quickly guess and recover the correct password. https://zipunlocker.com/ -
19
99 Nights in The Forest Script - No Key
99 Nights Script No Key: Auto Combat, Auto Craft, Kill Aura, & more.
Download the most powerful 99 Nights in the Forest script for free, with no key required. Designed for the Delta and Xeno executor, this utility features Item & NPC ESP, an Aimbot, and Auto Farm for effortless resource gathering. With instant travel to key locations and a fly mode, this all-in-one script with its streamlined Xeno UI optimizes your survival and looting experience. This is a Keyless 99 nights in the forest script and open source. ⚠️ Disclaimer For educational and testing... -
20
StrongKey FIDO Server (SKFS)
FIDO® Certified StrongKey FIDO Server (SKFS)
An open source implementation of the FIDO2 protocol to support passwordless strong authentication using public-key cryptography. Supports registration, authentication (all platforms), and transaction authorization (for native Android apps). -
21
WiFi Duck
Wireless keystroke injection attack platform
A user-friendly open-source project to learn about keystroke injection attacks or ‘BadUSBs’. By emulating a USB keyboard, BadUSBs can gain full access to a computer in a matter of seconds! Unlike with other BadUSBs, you don’t need to install an app, log in, compile, or copy scripts onto an SD card. You simply connect via WiFi to manage all your scripts from within the web interface. This tool is intended to be used for testing, training, and educational purposes only. -
22
Abdal FTP BruteForce
FTP BruteForce tool For real Pentest
Abdal FTP BruteForce tool is a powerful software with zero error rate to test the intrusion of servers that work with FTP protocol, this tool supports proxy for attacks and can transfer all your traffic in the hacking process to the proxy Slowly -
23
Hyenae NG
Advanced Network Packet Generator
Hyenae NG is an advanced cross-platform network packet generator and the successor of Hyenae. It features full network layer spoofing, pattern based address randomization and flood detection breaking mechanisms. *** Please check out the latest source from my GitHub repository and check the Build informations. https://github.com/r-richter/hyenae-ng/ -
24
CloseTheDoor indentifies all the listening ports TCP/UDP over IPv4/v6 and the associated program files. This will help you to detect security holes and close backdoors when you want to prevent remote attacks.
-
25
httest is a script based tool for testing and benchmarking web applications, web servers, proxy servers and web browsers. httest can emulate clients and servers in the same test script, very useful for testing proxys.
