souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
page 4 / 4
75 results tagged security  ✕   ✕
Skipfish http://code.google.com/p/skipfish
08/08/2011 cluster icon
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Kali Linux : Penetration Testing Linux OS containing tools to test the security of system or a network.
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • YSlow for PhantomJS : YSlow for PhantomJS
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

web security tool test
domsnitch https://code.google.com/p/domsnitch
23/06/2011 cluster icon
  • DOMAssistant : The modular lightweight JavaScript library, with CSS selectors, event handling, AJAX and complete Unicode support
  • Zombie.js : Zombie.js is a lightweight framework for testing client-side JavaScript code in a simulated environment. No browser required.
  • The Big List of Naughty Strings : The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
  • Svelte : Svelte is a radical new approach to building user interfaces. Whereas traditional frameworks like React and Vue do the bulk of their work in the brows...
  • vue.js : Vue.js is a library for building interactive web interfaces. It provides data-reactive components with a simple and flexible API. Core features includ...

A passive reconnaissance tool inside the DOM (experimental)

security javascript dom test
Wapiti http://wapiti.sourceforge.net
18/06/2011 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.

Wapiti allows you to audit the security of your web applications.

It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

web security software test scan
Nikto2 http://www.cirt.net/nikto2
18/06/2011 cluster icon
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • vicnum : A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing ...
  • BeEF : The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetra...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

web security software test
Naked Password http://www.nakedpassword.com
01/03/2011 cluster icon
  • Clipperz : Online vault and password manager that knows nothing about you and your data. Everything you submit is locally encrypted by your browser before being ...
  • OverTheWire: Wargames : The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
  • The Big List of Naughty Strings : The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • SensioLabs Security Advisories Checker : The SensioLabs security advisories checker is a simple tool, available as a web service or as an online application, that uses the information from yo...

jQuery Plugin to Encourage Stronger Passwords

jquery security password
HTML Purifier http://htmlpurifier.org
20/10/2010 cluster icon
  • HTML_QuickForm2 : This PHP package provides methods to create, validate and render HTML forms.
  • Photon : UI toolkit for building desktop apps with Electron.
  • cssQuery() : cssQuery() is a powerful cross-browser JavaScript function that enables querying of a DOM document using CSS selectors. All CSS1 and CSS2 selectors ar...
  • BotMan : BotMan is a framework agnostic PHP library that is designed to simplify the task of developing innovative bots for multiple messaging platforms, inclu...
  • vfsStream : vfsStream is a stream wrapper for a virtual file system that may be helpful in unit tests to mock the real file system. It can be used with any unit t...

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications.

xss security html php library
Web Application Exploits and Defenses http://google-gruyere.appspot.com
24/09/2010 cluster icon
  • Security Guide for Developers : A practical security guide for web developers.
  • BlackBox : Safely store secrets in a VCS repo (i.e. Git, Mercurial, Subversion or Perforce).
  • SQL Injection Cheat Sheet : Samples are provided to allow reader to get basic idea of a potential SQL Injection attack and almost every section includes a brief information about...
  • The Bastion : Bastions are a cluster of machines used as the unique entry point by operational teams to securely connect to devices using ssh. The Bastion provides ...
  • Inj3ct0r 1337day.com : Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)
security knowledge tutorial
CWE/SANS Top 25 Most Dangerous Programming Errors http://cwe.mitre.org/top25/#Listing
06/04/2010 cluster icon
  • XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
  • Mobile Web Application Best Practices : The goal of this document is to aid the development of rich and dynamic mobile Web applications. It collects the most relevant engineering practices, ...
  • API Security Checklist : Checklist of the most important security countermeasures when designing, testing, and releasing your API.
  • The SaaS CTO Security Checklist : This is a basic checklist that all SaaS CTOs (and anyone else) can use to harden their security. Security shouldn’t feel like a chore. Select your sta...
  • How to systematically secure anything : Security engineering is the discipline of building secure systems. Its lessons are not just applicable to computer security. In fact this repo aims to...

The CWE/SANS Top 25 Most Dangerous Software Errors is a list of the most widespread and critical errors that can lead to serious vulnerabilities in software. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

development security reference
XSS (Cross Site Scripting) Prevention Cheat Sheet http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules
19/01/2010 cluster icon
  • XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
  • XSS game : Warning: You are entering the XSS game area.
  • HTML Purifier : HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS)...
  • SensioLabs Security Advisories Checker : The SensioLabs security advisories checker is a simple tool, available as a web service or as an online application, that uses the information from yo...
  • SecTools.Org : Top Network Security Tools

The following rules are intended to prevent all XSS in your application. While these rules do not allow absolute freedom in putting untrusted data into an HTML document, they should cover the vast majority of common use cases.

xss security
OpenDNS http://www.opendns.com
10/12/2009 cluster icon
  • namebench : namebench hunts down the fastest DNS servers available for your computer to use. namebench runs a fair and thorough benchmark using your web browser h...
  • HttpWatch : An HTTP Viewer and HTTP Sniffer for IE and Firefox
  • Clipperz : Online vault and password manager that knows nothing about you and your data. Everything you submit is locally encrypted by your browser before being ...
  • Wireshark : Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de fac...
  • SecTools.Org : Top Network Security Tools
thumbnail

The safest, smartest, fastest and most reliable DNS on the planet.

security network dns software
Clipperz http://www.clipperz.com
13/11/2009 cluster icon
  • Naked Password : jQuery Plugin to Encourage Stronger Passwords
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • BeEF : The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetra...
  • DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...

Online vault and password manager that knows nothing about you and your data.

Everything you submit is locally encrypted by your browser before being transmitted to Clipperz. The encryption key is a passphrase known only to you! It is impossible for anyone without that key to decrypt your data.

password security online storage software
SQL Injection Cheat Sheet http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
19/12/2008 cluster icon
  • DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...
  • Security Guide for Developers : A practical security guide for web developers.
  • WWW SQL Designer : WWW SQL Designer allows users to create database designs, which can be saved/loaded and exported to SQL scripts. Various databases and languages are s...
  • OWASP : The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software.
  • WebPlatform.org : Web Platform Docs is a community-driven site that aims to become a comprehensive and authoritative source for web developer documentation.

Samples are provided to allow reader to get basic idea of a potential SQL Injection attack and almost every section includes a brief information about itself.

web reference mysql security php
Run your own identity server http://wiki.openid.net/w/page/12995226/Run%20your%20own%20identity%20server
08/12/2008 cluster icon
  • 2016 Guide to User Data Security : This guide is for the software developer, architect or system administrator who doesn't want to spend a lifetime wading through cryptographic algorith...
  • My First 10 Minutes On a Server : Primer for Securing Ubuntu
  • The Big List of Naughty Strings : The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
  • Inj3ct0r 1337day.com : Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.

Running your own identity server allows you to act as an OpenID Provider. You could run one just for yourself, for a community of users or, if you wish, for the general public.

openid security reference server
Inj3ct0r 1337day.com http://1337day.com
10/06/2008 cluster icon
  • Kata-log : Resources to facilitate coding katas
  • textfiles.com : What this site offers is a glimpse into the history of writers and artists bound by the 128 characters that the American Standard Code for Information...
  • XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.
  • Security Guide for Developers : A practical security guide for web developers.

Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)

security code reference hack
Copyscape http://www.copyscape.com
12/06/2007 cluster icon
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
  • ack : ack is a tool like grep, optimized for programmers Designed for programmers with large heterogeneous trees of source code, ack is written purely in po...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...

Website Plagiarism Search - Web Site Content Copyright Protection

search security tool copyright
page 4 / 4
1656 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn