OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Set of test cases that can be used to test custom implementations of the SecRules language (ModSecurity rules format).
CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
Set of Python scripts to perform SecRules language evaluation on a given http request.
Repository for the OWASP/WASC Distributed Web Honeypots Project -
Inject beef hooks into HTTP traffic and track hooked systems from cmdline
forked from zimmerle/omniauth-identity
A simple login and password strategy for OmniAuth.
Next generation remote logging tool for ModSecurity, supporting native and JSON format.