Search Results for "vulnerable"
Sort By:
Showing 22 open source projects for "vulnerable"
View related business solutions-
Office Ally: Healthcare Software for Your Medical PracticeService Center by Office Ally is a trusted revenue cycle management platform used by over 65,000 healthcare organizations processing more than 350 million claims annually. With it, providers can verify patient eligibility and benefits, upload and submit claims, correct rejected claims, check claim status, and obtain remits. With multiple claim types and submission options, providers can easily submit claims to any payer from any practice management system. Transactions are secure, ensuring the confidentiality of sensitive patient information. With no needed implementation, providers can quickly and effortlessly streamline their billing processes, increase their financial performance, simplify medical billing, and reduce claim rejections for faster reimbursements.
-
Curtain LogTrace File Activity MonitoringCurtain LogTrace File Activity Monitoring is an enterprise file activity monitoring solution. It tracks user actions: create, copy, move, delete, rename, print, open, close, save. Includes source/destination paths and disk type. Perfect for monitoring user file activities.
-
1
Metarget
Framework for automatic construction of vulnerable infrastructures
Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. During security research, we might find that the deployment of a vulnerable environment often takes much time, while the time spent on testing PoC or ExP is comparatively short. In the field of cloud-native security, thanks to the complexity of cloud-native systems, this issue is more terrible. ... -
2
Retire.js
Scanner detecting the use of JavaScript libraries
..."Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. ... -
3
subjack
Subdomain Takeover tool written in Go
...Subjack will also check for subdomains attached to domains that don't exist (NXDOMAIN) and are available to be registered. No need for dig ever again! This is still cross-compatible too. You can use scanio.sh which is kind of a PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar. This script parses and greps through the dump for desired CNAME records and makes a large list of subdomains to check with subjack if they're vulnerable to Hostile Subdomain Takeover. Of course, this isn't the only method to get a large amount of data to test. -
4
GuardDog
GuardDog is a CLI tool to Identify malicious PyPI and npm packages
guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain risks and prevent malicious or vulnerable packages from being used. -
End-To-End Document Management SoftwareUnForm® is a platform-independent software product that creates, delivers, stores and retrieves graphically enhanced documents from ERP application printing. A complete, end-to-end document management solution, UnForm interfaces at the point of printing to produce documents in various formats for printing and electronic delivery.
-
5
QRCoder
A pure C# Open Source QR Code implementation
...The main target of the QRCoder library is to deliver a small and easy-to-use solution, which has no dependencies to other libraries or network stacks. (Like QR Code generators which are relying on online services which makes them vulnerable/slow in some cases.) Although simplicity is one of the main goals, QRCoder is really flexible, in both "output formats" as well as in "payload types". Payload types? Yes, QRCoder brings its own "payload generator", which helps you to create a big list of different payload types to generate special QR codes like "WiFi QR Codes", "Girocodes", "SwissQRCodes" and many more. -
6
KubeClarity
KubeClarity is a tool for detection and management of vulnerabilities
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines. It allows to analyze images and directories to generate... -
7
Google CTF
Google CTF
Google CTF is the public repository that houses most of the challenges from Google’s Capture-the-Flag competitions since 2017 and the infrastructure used to run them. It’s a learning and practice archive: competitors and educators can replay tasks across categories like pwn, reversing, crypto, web, sandboxing, and forensics. The code and binaries intentionally contain vulnerabilities—by design—so users can explore exploit chains and patching in realistic settings. The repo also includes... -
8
BenchmarkTools.jl
A benchmarking framework for the Julia language
BenchmarkTools makes performance tracking of Julia code easy by supplying a framework for writing and running groups of benchmarks as well as comparing benchmark results. This package is used to write and run the benchmarks found in BaseBenchmarks.jl. The CI infrastructure for automated performance testing of the Julia language is not in this package but can be found in Nanosoldier.jl. Our story begins with two packages, "Benchmarks" and "BenchmarkTrackers". The Benchmarks package... -
9
Slither
Static Analyzer for Solidity
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses. Slither is the first open-source static analysis framework for Solidity. Slither is fast and precise; it can find real vulnerabilities in a few seconds... -
The most user-friendly sales commission software for revenue-focused teamsRated as #1 sales compensation management software, Everstage helps businesses streamline commission administration, boost sales performance and improve ROI with actionable insights. Top features: No-code plan designer, detailed commission statements, advanced commission forecasting, quota management, queries & approval workflows, deferred commissions (ASC606), BI-powered reporting, and more.
-
10
TypeScript Express Starter
Quick and Easy TypeScript Express Starter
Express consists of JavaScript, which makes it vulnerable to type definitions. That's why we avoid supersets with starter packages that introduce TypeScript. The package is configured to use TypeScript instead of JavaScript. Express is a fast, open and concise web framework and is a Node.js based project. npx is a tool in the JavaScript package management module, npm. This is a tool that allows you to run the npm package on a single run without installing the package. -
11
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
...The tool is particularly valuable in security research, bug bounty hunting, and penetration testing, as it uncovers endpoints that may no longer be publicly linked but still exist on servers. By leveraging archived data, waybackurls helps identify hidden attack surfaces, legacy APIs, and forgotten resources that could be vulnerable. Its design is intentionally simple and efficient, focusing on delivering large volumes of URLs quickly with minimal configuration. The output can be combined with other tools for further analysis, such as filtering parameters or probing endpoints. -
12
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. -
13
NodeGoat
The OWASP NodeGoat project
A deliberately vulnerable Node.js application designed for security training, helping developers understand common web vulnerabilities and how to mitigate them. -
14
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
15
Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server.
-
16
Vulnerable Operating Systems
deliberately vulnerable operating systems
VulnOS are a series of deliberately vulnerable operating systems packed as virtual machines to teach Offensive IT Security and to enhance penetration testing skills. For educational purposes! -
17
xxe
Intentionally vulnerable web services exploitable with XXE
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability... -
18
smurfedBTR1
this is a root to boot vmware vulnerable images
the goal is to get the flag in the root directory. /root/ -
19
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
20
Malware Classifier
Perform quick, easy classification of binaries for malware analysis.
Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerable. Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for “malicious,” or “UNKNOWN.” The tool was developed using models resultant from running the J48, J48 Graft, PART, and Ridor machine-learning algorithms on a dataset of approximately 100,000 malicious programs and 16,000 clean programs. ... -
21
NightLight
Network utillity
With this tool you can stress test and find out if your network services is vulnerable to eg. a TCP or UDP attack. It has also a HTTP flooder, slowloris and a port checker. For more information about slowloris: http://en.wikipedia.org/wiki/Slowloris Please note that the coder of this program is not responsible for its use or if it does any damage. -
22
Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.
- Previous
- You're on page 1
- Next
