Search Results for "security" - Page 23
Sort By:
Showing 10945 open source projects for "security"
View related business solutions-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
Application Inspector
A source code analyzer built for surfacing features of interest
...Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security. -
2
DeepAudit
AI multi-agent platform for automated code security auditing system
DeepAudit is an open source code security auditing platform that uses a multi-agent architecture to analyze and identify vulnerabilities in software projects. Instead of relying solely on traditional static analysis, it simulates the reasoning process of security experts through coordinated agents responsible for orchestration, reconnaissance, analysis, and verification. -
3
Ente
End-to-end encrypted cloud for photos, videos and 2FA secrets
Ente is a fully open-source, end‑to‑end encrypted cloud platform designed for securely storing and managing your photos, videos, and 2FA secrets — without needing to trust the service provider. It includes cross‑platform clients and a CLI for self‑hosting needs. Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente... -
4
SecretScanner
Find secrets and passwords in container images and file systems
...For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers. Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. Also, sometimes users store passwords in plain text. -
Earn up to 16% annual interest with Nexo.Generate interest, access liquidity without selling, and execute trades seamlessly. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
5
jCasbin
An authorization library that supports access control models
An authorization library that supports access control models like ACL, RBAC, ABAC for Golang, Java, C/C++, Node.js, Javascript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter) and Elixir. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration.... -
6
jrean/laravel-user-verification
PHP package built for Laravel 5.* & 6.* & 7.* & 8.* & 9.* & 10.*
jrean/laravel-user-verification is a PHP package built for Laravel 5., 6., 7., 8., 9.* & 10.* to easily handle a user verification and validate the e-mail. -
7
OWASP WrongSecrets
Vulnerable app with examples showing how to not use secrets
Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques. Solving these challenges will help you recognize common mistakes & can help you to reflect on your own secrets management strategy. -
8
LuLu
LuLu is the free open-source macOS firewall
...It blocks unauthorized outgoing network connections, allowing users to monitor and control which applications can transmit data externally. Designed for privacy and security, LuLu provides real-time prompts, rule-based filtering, and an intuitive interface, making it a valuable tool for Mac users seeking visibility over their system’s network behavior. -
9
KernelSU
A Kernel based root solution for Android
...KernelSU also includes a permission management system that allows fine-grained control over root access for applications. The project is designed to be compatible with modern Android versions and focuses on security and performance. It is widely used by advanced users who want powerful customization capabilities. Overall, KernelSU redefines Android rooting by embedding control directly into the kernel layer. -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
Java and Spring Tutorials
Getting Started with Spring Boot 3
...It serves as a companion resource for Baeldung articles, offering real-world code implementations that demonstrate concepts such as Spring Boot, persistence frameworks, REST APIs, security, testing, and more. The repository is organized into multiple modules, each targeting specific technologies or frameworks, making it easy for developers to explore topics independently. It emphasizes best practices, clean code structure, and production-ready patterns, allowing learners to not only understand theoretical concepts but also apply them in real applications. ... -
11
ggshield
Detect and validate 500+ types of hardcoded secrets
GitGuardian’s ggshield is an open-source command-line interface (CLI) tool designed to help developers and security teams detect hardcoded secrets and sensitive credentials early in the development process, either locally or in CI/CD pipelines. It scans source code, configuration files, commit history, and other artifacts to automatically detect hundreds of different secret types — such as API keys, tokens, and passwords — helping prevent accidental leaks before they reach version control or production environments. ggshield can be used interactively on a developer’s machine, integrated as a pre-commit or pre-push git hook, and run as part of automated build or merge workflows to enforce security policies consistently across teams. ... -
12
OpenZeppelin Contracts
OpenZeppelin Contracts is a library for secure smart contracts
A library for secure smart contract development. Build on a solid foundation of community-vetted code. OpenZeppelin Contracts uses semantic versioning to communicate backward compatibility of its API and storage layout. To keep your system secure, you should always use the installed code as-is, and neither copy-paste it from online sources nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it... -
13
Laravel Breeze
Minimal Laravel authentication scaffolding with Blade, Vue, or React
Breeze provides a minimal and simple starting point for building a Laravel application with authentication. Styled with Tailwind, Breeze publishes authentication controllers and views to your application that can be easily customized based on your own application's needs. Laravel Breeze is powered by Blade and Tailwind. While you are welcome to use these starter kits, they are not required. You are free to build your own application from the ground up by simply installing a fresh copy of... -
14
UTMStack
Customizable SIEM and XDR powered by Real-Time correlation
Welcome to the UTMStack open-source project! UTMStack is a unified threat management platform that merges SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) technologies. Our unique approach allows real-time correlation of log data, threat intelligence, and malware activity patterns from multiple sources, enabling the identification and halting of complex threats that use stealthy techniques. UTMStack stands out in threat prevention by surpassing the boundaries of traditional systems. ... -
15
Socialite
Socialite is an OAuth2 Authentication tool
Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, you can easily use it without Laravel. Socialite is an OAuth2 authentication tool. It is inspired by laravel/socialite , you can easily use it in any PHP project. The tool now supports the following platforms: Facebook, Github, Google, Linkedin, Outlook, QQ, TAPD, Alipay, Taobao, Baidu, DingTalk, Weibo, WeChat, Douyin, Feishu, Lark, Douban, Enterprise WeChat, Tencent Cloud, Line, Gitee, Coding. Users only need... -
16
PHP dotenv
Loads environment variables automatically
You should never store sensitive credentials in your code. Storing configuration in the environment is one of the tenets of a twelve-factor app. Anything that is likely to change between deployment environments, such as database credentials or credentials for 3rd party services, should be extracted from the code into environment variables. Basically, a .env file is an easy way to load custom configuration variables that your application needs without having to modify .htaccess files or... -
17
Awakened PoE Trade
Path of Exile trading app for price checking
Path of Exile trading app for price checking. If you run PoE client as Admin, OS security boundaries take effect. In order for Awakened PoE Trade to have access to the PoE window, it must be started with Administrator rights. Not compatible with “GeForce Now” or any other cloud gaming service that do not forward clipboard data. When you press Ctrl + C Path of Exile copies the item’s text (under cursor, if any) to the clipboard. -
18
Capslock
Tool to remap Caps Lock key behavior on Windows systems
...Rather than detecting vulnerabilities, Capslock focuses on identifying capabilities — permissions implied by calls to sensitive or privileged standard library functions, such as file system access, networking, or process control. By following transitive call graphs, it classifies which security-sensitive operations each package can reach, giving developers visibility into what their dependencies are capable of doing. This helps apply the Principle of Least Privilege to Go software, guiding audits, supply chain reviews, and trust assessments. Capslock aims to make security posture analysis more proactive by surfacing capability-based risk signals before malicious or overly powerful code is introduced into production. -
19
Leapp
Leapp is the DevTool to access your cloud
...Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security. -
20
modrinth
The Modrinth monorepo containing all code which powers Modrinth
...Built largely with Rust and modern web technologies, the codebase emphasizes performance, reliability, and scalable infrastructure capable of serving large modding communities. The repository acts as the central development hub where contributors can implement improvements, security updates, and new features for the Modrinth ecosystem. -
21
GopenPGP V3
A high-level OpenPGP library
GopenPGP V3 is a high-level OpenPGP cryptographic library developed by ProtonMail that provides a user-friendly API for common encryption and signing operations in Go, abstracting the complexity of the underlying OpenPGP standards and golang crypto primitives. This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when... -
22
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
...Because it’s a native NGINX module, it benefits from NGINX’s event-driven architecture and can be compiled as a dynamic module for flexible packaging. In practice, it provides a portable, policy-driven security layer at the edge without modifying application code. -
23
UFW Docker
To fix the Docker and UFW security flaw without disabling iptables
UFW is a popular iptables front end on Ubuntu that makes it easy to manage firewall rules. But when Docker is installed, Docker bypasses the UFW rules and the published ports can be accessed from outside. Almost all of these solutions are similar. It requires disabling docker's iptables function first, but this also means that we give up docker's network management function. This causes containers will not be able to access the external network. It is also mentioned in some articles that you... -
24
AWS IAM Authenticator for Kubernetes
Tool to use AWS IAM credentials to authenticate to Kubernetes clusters
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using... -
25
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as...
