•        0

NeatHtml™ is a highly-portable open source website component that displays untrusted content securely, efficiently, and accessibly. Untrusted content is any content that is not trusted by the website owner (e.g. blog comments, forum posts, or user pages on social networks).



Related Projects

OWASP Joomla Vulnerability Scanner Project

Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site. It Searches known vulnerabilities of Joomla! and its components, Web application firewall detection and lot more.


Training and educating about the web security

Wapiti - Web application vulnerability scanner / security auditor

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. It is able to differentiate ponctual and permanent XSS vulnerabilities.


ProceXSS is a Asp.NET Http module for detecting and ignoring xss attacks.


Cross Site quot;Scripterquot; is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Php-antixss - PHP Anti-XSS Library

DescriptionPHP Anti-XSS Library developing for prevent the XSS(Cross Site Scripting) vulnerabilities on the web applications. PHP Anti-XSS Library automatically detect the encoding of the data that you want filter and if you wish its encoding your data again. Also there are 3 type of filtering option. Filter OptionsBlacklist Filtering: Compares the data with a blacklist that you specify. Whitelist Filtering: In the case of a data that does not conform to the type of data you've specified that do

Phprotector - Allows to easily secure a PHP/Mysql page in a matter of minutes!

PhProtector allows you to easily secure a PHP site. It uses regular expression pattern matching to find malicious http Sql injection requests. It protects against Cross-site transforming the special characters in html entities. It protects against Spam/CSRF by using javascript and CSS with random security tokens, this should keep you safe against spam crawlers that do not understand JS/CSS and CSRF attacks. It protects your backoffice by having sessions terminating by inactivity time and prevent

Secure-action-plugin - Rails plugin to defend your site against 'assumed logged in' attacks.

secure_action is a ruby on rails plugin which makes it easy to defend your site against assumed logged in attacks, also called CSRF(cross site request forgery) attacks. In an assumed logged in attack, a malicious site assumes the visitor is logged into a target site. The malicious site crafts a URL to a destructive action on the target site (change email, delete account, etc) and opens the URL to that action in a hidden iframe. The browser then sends the user's cookies and actions may be perform

Owasp-java-html-sanitizer - Fast Java-based HTML Sanitizer

A fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. This code was written with security best practices in mind, has an extensive test suite, and has undergone adversarial security review.


eXlent2k7 is a CMS based on the most modern technologies (XHTML 1.1, CSS 2.1, PHP 5 objects, PDO, XML, DOM) with good security (CSRF protection, XSS prevention in template system, JavaScript can be disabled, SQL injection prevention in database class).