Search Results for "vulnerability"
Sort By:
Showing 45 open source projects for "vulnerability"
View related business solutions-
Run your private office with the ONLYOFFICEA Comprehensive Alternative to Office 365 for Business
-
Peer to Peer Recognition Brings Teams TogetherCreate a positive and energetic workplace environment with Motivosity, an innovative employee recognition and engagement platform. With Motivosity, employees can give each other small monetary bonuses for doing great things, promoting trust, collaboration, and appreciation in the workplace. The software solution comes with features such as an open-currency open-reward system, insights and analytics, dynamic organization chart, award programs, milestones, and more.
-
1
Arduino IDE
Arduino IDE library
...This new IDE was developed with the goal of preserving the same interface and user experience of the previous major version in order to provide a frictionless upgrade. If you need assistance, see the Help Center and browse the forum. If you think you found a vulnerability or other security-related bug in this project, please read our security policy and report the bug to our Security Team. The builds are generated every day at 03:00 GMT from the main branch and should be considered unstable. -
2
HiddenVM
HiddenVM — Use any desktop OS without leaving a trace
...There are archived direct HTTP download mirrors of Tails images, archived official torrents with PGP signatures, or third-party archives at linuxtracker.org or fosstorrents.com, etc. (Always verify third-party torrents with archived official PGP sigs for safety.) Unless there is a known security vulnerability patched by the new Tails that actually affects how you use Tails, doing a temporary downgrade is not unsafe. You aren't necessarily unsafe by using older-than-one-month-old Tails software for a short time. Thank you for your patience, and stay safe. -
3
Tsunami
Network security scanner for detecting severity vulnerabilities
...When security vulnerabilities or misconfigurations are actively exploited by attackers, organizations need to react quickly in order to protect potentially vulnerable assets. As attackers increasingly invest in automation, the time window to react to a newly released, high severity vulnerability is usually measured in hours. This poses a significant challenge for large organizations with thousands or even millions of internet-connected systems. In such hyperscale environments, security vulnerabilities must be detected and ideally remediated in a fully automated fashion. To do so, information security teams need to have the ability to implement and roll out detectors for novel security issues at scale in a very short amount of time. ... -
4
Scanner of Death is a network vulnerability scanner.
-
Safety Compliance Made EasyIdeally designed for business that deals with Construction, Oil & Gas, Mining, Manufacturing, Mechanical, Electrical, Plumbing, Heating, and Excavating, SiteDocs is a perfect solution for any size business looking to modernize the way Safety Compliance is organized.
-
5
MrFish
A anti-phishing Python script with headers and proxies!
MrFish is a powerful tool designed to automate the creation of fake account submissions for phishing tests and vulnerability assessments. With the ability to generate random usernames, passwords, and even credit card data, it simulates real user behavior to help test the security of online forms. Featuring customizable settings for proxy support, user inputs (email or username), and multiple threads for speed, MrFish provides an efficient way to stress-test web servers and form-handling systems. ... -
6
VcenterKit
Vcenter Comprehensive Penetration and Exploitation Toolkit
...The project includes modules that automate the detection and exploitation of specific CVEs (common vulnerabilities and exposures) in vCenter servers, often used to manage virtual infrastructure in enterprise environments. With features tailored toward reconnaissance, vulnerability triggering, and payload generation, the toolkit helps testers simulate real-world attack vectors on vulnerable vCenter instances. Although its primary function is offensive security, the tool can also aid defenders by highlighting weak points and verifying patch efficacy in controlled environments. VcenterKit comes with both command-line and optional graphical variants via PyQt6, making it flexible for different user preferences. -
7
Mosca
Tool to find bugs like a grep unix command
Just another Simple static analysis tool to find bugs like a grep unix command, at mosca have a modules, that was call egg, each egg is a simple config to find bug at especific language like PHP,Ruby,ASP etc... Example of egg config at directory "egg", If Mosca read a line with vunerability of egg in source code, then, mosca have alert about vulnerability and save at logs. *why static ? because is not dynamic... uses static code to search... don't confuse with academic views hahaha this program use simple regex with PCRE... https://github.com/CoolerVoid/Mosca -
8
BlackBuntu Linux
BlackBuntu Linux
BlackBuntu is born from the passion and spirit of 2 specialists. Let’s cut the bullshit, this distribution is a GNU/Linux distribution based on Ubuntu and designed with Pentest, Security and Development in mind for the best experience. With advanced accessibility tools and options to change language, colour scheme and text size, Blackbuntu makes computing easy – whoever and wherever you are. BlackBuntu is a fully open source project, anyone can see what is inside. The building source code... -
9
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
Gearset | The complete Salesforce DevOps solutionGearset is the only platform you need for unparalleled deployment success, continuous delivery, automated testing and backups.
-
10
ESP8266 Deauther Version 2
Affordable WiFi hacking platform for testing and learning
...This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is used to disconnect devices from their WiFi network. No one seems to care about this huge vulnerability in the official 802.11 WiFi standard, so I took action and enabled everyone who has less than 10 USD to spare to recreate this project. I hope it raises more attention on the issue. In 2009 the WiFi Alliance actually fixed the problem (see 802.11w), but only a few companies implemented it into their devices and software. -
11
openPOWERLINK
An Open Source POWERLINK Stack
...The latter may be moved to a dedicated communication processor or into a kernel module to deliver enhanced performance while still keeping the API in user space. A full documentation of the stack is available on the web site: http://openpowerlink.sourceforge.net The following page can be used to report a security vulnerability: https://sourceforge.net/p/openpowerlink/discussion/ -
12
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
13
HackSys Extreme Vulnerable Driver
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
...HEVD offers a range of vulnerabilities, from simple stack buffer overflows to more complex issues such as use-after-free, pool buffer overflows, and race conditions. This allows researchers to explore exploitation techniques for each implemented vulnerability. -
14
SG ERP
Purchase and Sale Management System
...In addition to the benefits already mentioned, we also access of business data, the end of redundancies, facilitate the creation of estimates, decrease of physical space for storage of data, access from anywhere with the internet and browsing, human error and less vulnerability in access to information information, such as cadastral data, for example. -
15
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich... -
16
SWsterisk Debian based Asterisk
Asterisk and FreePBX on Debian, by Astiostech Sdn Bhd Malaysia
DOWNLOAD | EXTRACT | USE A ready to use Virtual Image or VMDK of Asterisk 11/13, FreePBX 2.11/12.0. Network: After booting, run #ifconfig -a Then either #dhclient ethX or edit manually /etc/network/interfaces #ifup ethX More details can be found here: Asterisk 11: http://highsecurity.blogspot.com/2013/04/sanjay-asterisk-debian-based-asterisk.html Asterisk 13:... -
17
The OVAL Interpreter is a freely available reference implementation that demonstrates the evaluation of OVAL Definitions. Based on a set of OVAL Definitions the interpreter collects system information, evaluates it, and generates a detailed OVAL Results file. Developed to demonstrate the usability of OVAL Definitions and to ensure correct syntax and adherence to the OVAL Schemas by definition writers, it is not a fully functional scanning tool nor an enterprise scanning tool. It is a...
-
18
SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.
-
19
Openvas Raspberry
Turnkey image for the Raspberry Pi running Openvas 7
OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion. -
20
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
21
Revenssis Ethical Hacking Suite
Fully featured network, wireless and web app pentesting suite.
Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation). -
22
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
23
HackShark Linux
Lightweight Linux distro for penetration testing
Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose. -
24
BlackBSD
BlackBSD
BlackBSD Is a NetBSD based LiveCD, with security tools on it, and fluxbox as a window manager. Beta Version 1.0 coming on soon. Packages on it. Nmap - port scanner http://nmap.org/ Nessus - Vulnerability detector http://www.tenable.com/products/nessus Air-Crack - Wireless Cracker http://www.aircrack-ng.org/ Ettercap - port sniffer http://ettercap.github.com/ettercap/ Iptraf - Network Monitor http://iptraf.seul.org/ Medusa - Login brute-forcer http://www.foofus.net/~jmk/medusa/medusa.html Snort - Intrucion Detection http://www.snort.org/ W3af - Web Application Attack http://w3af.org/ NetCat - networking utility http://netcat.sourceforge.net/ THC-Hydra - network logon cracker http://thc.org/thc-hydra/ Wapiti - Web application vulnerability scanner http://wapiti.sourceforge.net/ Rapid7 - http://www.rapid7.com/ -
25
HTTP Anti Flood/DoS Security Module
Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks
This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video:...
