DeXSS provides a SAX2 Parser to help protect against cross site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.
6b2ac847ccc68a5a4b369c54df3b011afeef4702562ef4d6304a3355e16ed115
mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.
8ff3de9c5acc026c6fd74fd8e599c0c2659cd29c51693dbf67a8bf8c609be94e
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the source code release.
541d48c626a68f4fde63c7fca65c1f14bbaf9ece1f236099d199f6a931b408c7
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
86958b3047d7959d500a914ed62d8b67c713cf75cec79b67db8f06864d33d481
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
370b065d9d57839e4c92ef7044e07775cebbdd9c035a7661037505b2e48065b8
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
3bd683f219f1a8e52a26eeb33d928851074609f5b42bca6c635ca3c707167d50
Xenotix KeylogX is a keylogger add-on for Mozilla Firefox. It captures and logs keystrokes sent to the browser and you simply type alt-X to retrieve the data from the logfile.
67b0971f10df230d180133c5c89d059079a85c82d7ef454d272f3decf994a478
dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
acd6962974b366615d52eda38b9efa9e28463c266a80b88cccc0bfb5f0026dea
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
384cc6304a9f881aea8174598cb196a3476ff4511782032d9cc6022cb4240905
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
0ad25e3652e22117abbc17a70b5d8913e05991318a5506bc7437e662616fdf21
WordPress AES-Edition is a modified version of WordPress that implements use of AES.
e2f502cb8fdb0c59b98cba8ed87e9202bdbe753de19f273a5b7224c99090a74a
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
0bf3cec513931b9bf20e6f753dedeaab57b5cad303489ab9ff365786c04d9444
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
7ab4f46f7750e54e54d0f6721053ab9635778e313da8e2369ad9bfd717a28242
dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
8ada50ae477251e389b2c04f9f4cbd299647c98939664b86d46904985dd0c40c
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Linux releases are all included in this file.
318b8a7ac7957abf70378a1b16c1e6d177b97355de8922a2a727da46027d793a
This is the language pack for Zed Attack Proxy (ZAP). Languages supported include English, Brazilian Portuguese, Chinese, Danish, French, German, Greek, Indonesian, Japanese, Polish, and Spanish.
6183ff2dcbca1d90de8be214492f2c35ec55b93ada75f15714619cc720a1aaa9
This is the client API for the Zed Attack Proxy (ZAP).
6d7cff323c60e89b38a9a849a33616a16931393cd68b4f5494c52abb8537b820
URLCrazy enables the study of domainname typos and URL hijacking. URLCrazy is a domainname typo generator that generates 13 types of typos, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
1508aab43633f915ded61710cf102778608f8c3ac34461c12982e8e8afa13a57
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
9aaa651e706fe0c4c2cff95879d614cdcb9791e5120cccc527fcb82922d76fc8
dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
c8c5c324156e7960e3faa20e6ef569ecc3d82808b161102ebb63052564e9d4ba
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
afdd6a37613b8f67cc991a864aeafc32f534399eb0c712a77d8422be363deb32
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.
0142ba35e4b28b85e2e94843a844834439d3f4151a2dec3f69755b3def89d455
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
e36997741f1b457a6eefa1e1c8454ef87e0d9023592db876a6c300d82d468b24
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.
91e84d4d8c33fdbfa8e41f39c4f82e45db20959792a1fa9ddfe0c442f33bb47e
iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project.
b4ef8f5c26215580696167fa50ab9b0e33fb7b37c37004c226ce14cf7b13e4fa