Skip to content
SpiderLabs

SpiderLabs

ModSecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

Updated April 20, 2014

owasp-modsecurity-crs

OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)

Updated April 16, 2014

Python 156 41

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Updated

modsec-sdbm-util

Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.

Updated

MCIR

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

Updated

JavaScript 4 0

ModSecurity-status

ModSecurity status

Updated

BurpNotesExtension

Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.

Updated

Perl 3 1

Keystone

This repository contains the scripts released under the "Keystone Rocks" series of the SpiderLabs blog

Updated

microphisher

µphisher spear phishing tool (reference implementation)

Updated

Malware_Analysis

Repository to store any tools or files related to malware analysis

Updated

Python 2 3

cribdrag

cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys

Updated

UPnP-request-generator

A tool to parse UPnP descriptor XML files and generate SOAP control requests for use with Burp Suite or netcat

Updated

XSSmh

XSSmh - A configurable Cross-Site Scripting testbed

Updated

XMLmao

A configurable XPath/XML injection testbed

Updated

SQLol

A configurable SQL injection test-bed

Updated

ShelLOL

A configurable OS shell command injection vulnerability testbed

Updated July 19, 2013

Nmap-Tools

SpiderLabs shared Nmap Tools

Updated

r509

forked from r509/r509

r509 is a ruby library that allows you to create/parse CSRs, issue certs off arbitrary CAs, parse certs, create CRLs, run an OCSP responder, and much more

Updated

CryptOMG

CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

Updated

Python 5 1

groupenum

Updated

Something went wrong with that request. Please try again.