Search Results for "security" - Page 19
Sort By:
Showing 10944 open source projects for "security"
View related business solutions-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
1
Proton Pass for Android
Android code for the Proton Pass application
...The app integrates with Android’s autofill system so users can quickly fill login forms across apps and browsers with a tap while maintaining strong password hygiene and avoiding reused or weak passwords. It also supports biometric unlock (fingerprint or face) for convenience and strong session security, along with multi-device sync when users log into their Proton account, keeping vault data consistent across platforms. -
2
Swift Crypto
Open-source implementation of a substantial portion of the API
Swift Crypto is a cross-platform, open-source implementation that mirrors a substantial portion of CryptoKit so server and Linux/Windows ARM64 apps can share one modern crypto API. It exposes high-level, misuse-resistant primitives with Swift ergonomics while delegating to well-vetted backends under the hood. The repository maintains active releases and issue tracking for enhancements like PEM handling and ecosystem compatibility. High-level, misuse-resistant primitives and key handling.... -
3
Microsoft Defender for Cloud
Welcome to the Microsoft Defender for Cloud community repository
...It packages ready-to-use Azure Policy definitions, Logic App templates, PowerShell automation, remediation actions, and custom workbooks so teams can deploy detections, enforce security posture, and automate responses across subscriptions and tenants. The repo includes playbooks and examples for translating recommendations into automated remediation, along with onboarding and deployment artifacts (including Terraform helpers) to simplify large-scale rollout. Content is explicitly presented as community-driven: contributors can submit Logic Apps, policies, and scripts, and the project documents contribution guidelines and CLA requirements for submissions. -
4
Metarget
Framework for automatic construction of vulnerable infrastructures
Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. During security research, we might find that the deployment of a vulnerable environment often takes much time, while the time spent on testing PoC or ExP is comparatively short. In the field of cloud-native security, thanks to the complexity of cloud-native systems, this issue is more terrible. There are already some excellent security projects like Vulhub, and VulApps in the open-source community, which pack vulnerable scenes into container images so that researchers could utilize them and deploy scenes quickly. ... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
AWS IAM Authenticator for Kubernetes
Tool to use AWS IAM credentials to authenticate to Kubernetes clusters
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using... -
6
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as... -
7
react-native-keychain
Keychain Access for React Native
Keychain Access for React Native. Both setGenericPassword and setInternetCredentials are limited to strings only, so if you need to store objects etc, please use JSON.stringify/JSON.parse when you store/access it. On API levels that do not support Android keystore, Facebook Conceal is used to en/decrypt stored data. The encrypted data is then stored in SharedPreferences. Since Conceal itself stores its encryption key in SharedPreferences, it follows that if the device is rooted (or if an... -
8
Ory Kratos
Next-gen identity server with Ory-hardened authentication
Headless and configurable authentication and user management, including MFA, social login, custom identities and more. Ory Kratos is a fully featured user management system built for the cloud. Control every aspect with a headless API. Ory Kratos comes with support for a wide range of 2FA protocols such as TOTP, FIDO2 & WebAuthn, works with any UI framework, and only a few lines of code are required to get it up and running. Configurable login and registration flows, multi-factor... -
9
Open-Source auth provider
Open source alternative to Auth0 / Firebase Auth, etc.
Add secure login and session management to your apps. SDKs available for popular languages and front-end frameworks e.g. Node.js, Go, Python, React.js, React Native, Vanilla JS, etc. Supertokens architecture is optimized to add secure authentication for your users without compromising on user and developer experience. Frontend SDK: Manages session tokens and renders login UI widgets. Backend SDK: Provides APIs for sign-up, sign-in, signout, session refreshing etc. Your Frontend will talk to... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Authorizer
Your data, your control. Fully open source, authentication, etc.
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box. Authorizer is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports 11+... -
11
Secure
HTTP middleware for Go that facilitates some quick security wins
Secure is an HTTP middleware for Go that facilitates some quick security wins. It's a standard net/http Handler, and can be used with many frameworks or directly with Go's net/http package. Be sure to include the Secure middleware as close to the top (beginning) as possible (but after logging and recovery). It's best to do the allowed hosts and SSL check before anything else. When IsDevelopment is true, the AllowedHosts, SSLRedirect, STS header, and HPKP header will not be in effect. ... -
12
Osmedeus Core Engine
A Workflow Engine for Offensive Security
Osmedeus is a Workflow Engine for Offensive Security. It was designed to build a foundation with the capability and flexibility that allows you to build your own reconnaissance system and run it on a large number of targets. Efficiently to customize and optimize your recon process. Seamlessly integrate with new public and private tools. Easy to synchronize the results across many places. -
13
Bitwarden Mobile Application
The mobile app vault (iOS and Android)
...Bitwarden delivers open-source password management solutions to everyone, whether at home, at work, or on the go. Generate strong, unique, and random passwords based on security requirements for every website you frequent. Bitwarden Send quickly transmits encrypted information, files and plaintext, directly to anyone. Passwords are protected with advanced end-to-end encryption (AES-256 bit, salted hashtag, and PBKDF2 SHA-256) so your data stays secure and private. Generate strong, unique, and random passwords based on security requirements for every website you frequent. ... -
14
cert-manager
Automatic TLS certificate manager for Kubernetes
Automate certificate management in cloud native environments. Cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide 'certificates as a service' to developers working within your Kubernetes cluster. upport for popular CA types. Out of the box, cert-manager supports ACME (i.e. Let's Encrypt), HashiCorp Vault, Venafi, self signed and internal CA issuer types.... -
15
GTFOBins
GTFOBins is a curated list of Unix binaries
GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit... -
16
aaPanel
Simple but Powerful web-based Control Panel
...It allows users to deploy and manage web environments such as LAMP or LNMP stacks with a single click, reducing the need for command-line operations. The platform provides tools for managing websites, databases, FTP services, SSL certificates, and server security from a centralized dashboard. It also includes monitoring features that display real-time resource usage and performance metrics. aaPanel is designed for both beginners and experienced administrators, emphasizing ease of use and rapid deployment. The system supports plugins and extensions that expand its capabilities, including Docker management and automated backups. ... -
17
GitHound
Search GitHub for leaked API keys, credentials, and exposed secrets
...It can also dig into commit history to uncover secrets that may have been removed or reverted but still exist in older revisions. This capability makes it useful for security researchers, DevSecOps teams, and bug bounty hunters who need to detect leaked credentials. -
18
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders
PersistenceSniper is a digitally signed PowerShell module aimed at blue teams and incident responders for automated detection of persistence mechanisms on Windows systems. It implements detection logic for techniques listed in MITRE ATT&CK (e.g. registry run keys, scheduled tasks, service modifications) and is regularly updated with new detection paths. -
19
yubiswitch
OSX status bar application to enable/disable Yubikey Nano
yubiswitch is a macOS application that enables users to easily toggle the USB interface of YubiKey devices. It allows enabling or disabling YubiKey on-demand for enhanced physical security, preventing unauthorized use of the key. -
20
aws-encryption-sdk
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and... -
21
phpseclib
PHP secure communications library
phpseclib is designed to be ultra-portable. The 3.0 version works on PHP 5.6+ and doesn't require any extensions. For purposes of speed, OpenSSL, GMP, libsodium or mcrypt are used, if they're available, but they are not required. phpseclib is designed to be fully interoperable with standardized cryptography libraries and protocols. MIT-licensed pure-PHP implementations of SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA /... -
22
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time. ... -
23
Keep
The open-source alert management and AIOps platform
Single pane of glass, filtering, bi-directional integrations, alert correlation, workflows, enrichment, dashboards. Keep is an alerting framework for DevOps that integrates with various monitoring tools, helping teams manage alerts and notifications effectively. -
24
Sliver
Adversary Emulation Framework
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys. The server and client support MacOS, Windows, and Linux. Implants are supported on MacOS, Windows, and Linux (and possibly every Golang compiler target but we've not tested them all). -
25
syslog-ng
Log management solution that improves the performance of SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to...
