8 repositorios
Verification of the HTTP host header against a list of trusted domains to prevent host poisoning attacks.
Distinct from Domain Trust Validation: Focuses on network-level host header validation rather than AI domain trust or certificate validation.
Explore 8 awesome GitHub repositories matching security & cryptography · Host Header Validations. Refine with filters or upvote what's useful.
Helmet is an Express.js middleware library that sets a comprehensive collection of HTTP security headers to protect web applications from common vulnerabilities like cross-site scripting and clickjacking. At its core, it provides a configurable middleware system for injecting security headers into HTTP responses, with a primary focus on Content Security Policy configuration through custom directives and report-only testing modes. The library distinguishes itself through a flexible configuration surface that supports method chaining for composing multiple headers in a single expression, as wel
Sets custom X-Frame-Options header values, including the obsolete ALLOW-FROM directive, via middleware.
Paseo is an LLM coding agent orchestrator and multi-agent workflow manager designed to coordinate multiple AI agents across isolated git worktrees. It provides a unified control interface for managing these agents and their associated environments to execute complex programming tasks. The system distinguishes itself through a remote agent daemon that enables secure access to local coding agents via encrypted relays. It employs a git worktree environment manager to isolate parallel tasks into dedicated directories and branch-based server URLs, preventing file collisions and network port confli
Verifies the HTTP host header against a trusted allowlist to prevent DNS rebinding attacks.
all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on
Prevents host poisoning by validating the host header of incoming requests against permitted hostnames.
Gixy is a static configuration analyzer and security auditor for Nginx. It functions as an infrastructure-as-code security scanner and web server configuration linter designed to identify vulnerabilities and misconfigurations in server definitions before deployment. The tool focuses on detecting high-risk security flaws, including host header spoofing, server-side request forgery, and path traversal. It specifically audits Nginx configurations for risks such as HTTP splitting, multiline header issues, and unauthorized third-party access resulting from incorrect Referer or Origin header patter
Identifies risks where forged Host headers could lead to phishing or server-side request forgery.
Este proyecto es un generador de artefactos HTML para LLM y un previsualizador en sandbox diseñado para la creación rápida de prototipos y contenido. Funciona como un puente de agente de IA local que reutiliza sesiones autenticadas de agentes de codificación de línea de comandos para ejecutar tareas de generación sin requerir claves de API separadas. El sistema convierte diseños web en formatos específicos de plataforma a través de una herramienta de exportación a redes sociales, utilizando CSS y metadatos en línea para garantizar una publicación consistente. Emplea un entorno de renderizado en sandbox para ejecutar código y scripts generados por IA de forma aislada, protegiendo al navegador anfitrión de envenenamiento. La plataforma maneja la transformación de contenido convirtiendo datos estructurados (incluyendo CSV, JSON y SQL) en artefactos web pulidos como páginas de destino, informes profesionales y mazos de presentación. Admite actualizaciones visuales en tiempo real mediante el streaming de código generado por IA al navegador a través de eventos enviados por el servidor. Las capacidades de exportación incluyen la conversión de nodos web renderizados en imágenes PNG de alta resolución y archivos HTML independientes.
Validates HTTP host headers against a permitted list of domains to prevent DNS rebinding and unauthorized access.
AllAboutBugBounty is a curated collection of bug bounty techniques and payloads for web application security testing. It serves as a reference resource covering common web vulnerabilities and exploitation methods for security researchers, providing a structured approach to identifying and exploiting web application security flaws in bug bounty programs. The repository covers a wide range of attack categories including authentication bypass, cross-site scripting injection, server-side request forgery, web cache poisoning, and business logic abuse. It includes techniques for bypassing access co
Documents a specific technique for bypassing host header validation using override headers.
Overrides X-Frame-Options headers to allow embedding pages in iframes during testing.
Cronicle is a distributed job scheduler that replaces traditional cron with a browser-based management interface. It runs scheduled tasks across a cluster of servers with automatic failover, using a custom cron parser that intersects day-of-month and day-of-week constraints when both are specified. The system executes jobs through a plugin framework that runs command-line scripts in any language, communicating via JSON over standard input and output. The scheduler provides a web-based real-time dashboard for monitoring running jobs with live logs, resource usage charts, and progress updates.
Rejects incoming HTTP requests unless the Host header matches a configured domain name.