SaaSHub helps you find the best software and product alternatives Learn more →
Url.sh Alternatives
Similar projects and alternatives to url.sh based on common topics and language
-
Filestash
đŸ¦„ A modern web client for SFTP, S3, FTP, WebDAV, Git, Minio, LDAP, CalDAV, CardDAV, Mysql, Backblaze, ...
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
url.sh reviews and mentions
-
From 7 Years of Apache HTTP Server Logs: 5528 Unique Recon and Attack Vectors
(or run "cat" instead of cowsay to block their script)
- Pick a header, then insert one from [EICAR test string[2], \x00, \n] somewhere in the middle.
- Or just add a "Server:" header with a random line from the Big List of Naughty Strings[3].
- Redirect to a normal URL, but with a trailing dot in the domain name[4], like "example.com.". It's valid, but you'd be surprised how many things it breaks.
- Nested content encoding with "Content-Encoding: gzip, gzip, gzip, gzip, ...", with a randomly selected depth. Or where the n-1 payload is "WAZAAAA" instead of a valid gzip.
- "Content-Type: image/jpeg" and "Content‑Encoding: gzip" with a valid gzip body... But the ‑ in "Content‑Encoding" is U+2011 NON-BREAKING HYPHEN.
- Spin the wheel of HTTP status codes! res.WriteHeader(rand.Intn(1000))
- Infinite loop sending a 100 (Continue) every five seconds (they might have a timeout for the TCP and TLS handshakes, but did they remember to set a timeout for receiving the HTTP body?). Watch out for running out of connections.
[1] https://github.com/jwilk/url.sh
[2] https://en.wikipedia.org/wiki/EICAR_test_file
[3] https://github.com/minimaxir/big-list-of-naughty-strings
[4] https://en.wikipedia.org/wiki/Fully_qualified_domain_name
- URL is also a shell script that executes some malicious(?) code
- This URL is also malicious(?!) shell script
- URL is also malicious(?) shell script
-
A note from our sponsor - SaaSHub
www.saashub.com | 4 May 2024
Stats
jwilk/url.sh is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of url.sh is Shell.
Popular Comparisons
Sponsored