Grow your team on GitHub
GitHub is home to over 28 million developers working together. Join them to grow your own development teams, manage permissions, and collaborate on projects.Sign up
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
A Social Media Enumeration & Correlation Tool
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
ModSecurity v3 Nginx Connector
Simple REST-style web service for the CVE searching
Regression tests for OWASP CRS v3
This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
Set of CLI tools to transform ModSecurity logs into a meaningful information, given a context.
ModSecurity v3 Apache Connector
cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys
Next generation remote logging tool for ModSecurity, supporting native and JSON format.
Python script for dumping firmware from read-back protected nRF51 chips
A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
Set of Python scripts to perform SecRules language evaluation on a given http request.
Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.
Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
Set of test cases that can be used to test custom implementations of the SecRules language (ModSecurity rules format).
Documentation for the OWASP CRS project
Net::TNS, a Ruby library for connecting to Oracle databases.
A repository of tools and scripts related to malware analysis
Performs method enumeration and interrogation against flash remoting end points.
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
Python bindings for libModSecurity (aka ModSecurity v3)