Search Results for "security certificate"
Sort By:
Showing 168 open source projects for "security certificate"
View related business solutions-
$300 in Free Credit for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credit—no hidden charges. Test, build, and deploy without risk. Use your credit across the Google Cloud platform to find what works best for your needs. After your credits are used, continue building with free monthly usage products. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
99.99% Uptime for MySQL and PostgreSQL on Google CloudCloud SQL Enterprise Plus gives you a 99.99% availability SLA with near-zero downtime maintenance—typically under 10 seconds. Get 2x better read/write performance, intelligent data caching, and 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server with built-in vector search for gen AI apps. New customers get $300 in free credit.
-
1
Proxyee
HTTP proxy server,support HTTPS & websocket
Proxyee is a JAVA-written HTTP proxy server library that supports HTTP, HTTPS, and WebSocket protocols, and supports MITM (Man-in-the-middle), which can capture and tamper with HTTP, and HTTPS packets. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. You can use the CertDownIntercept interceptor to... -
2
Step Certificates
A private certificate authority (X.509 & SSH) & ACME server
Open Source step-ca provides the infrastructure, automations, and workflows to securely create and operate a private certificate authority. step-ca makes it easy for developers, operators and security teams to manage certificates for production workloads. Get a public key infrastructure and certificate authority running in minutes. Automate enrollment using ACME, OIDC, one-time tokens, cloud APIs and more. Use systemD timers, daemon mode, cron jobs, CI/CD, and more to automate certificate management. ... -
3
Boulder
An ACME-based certificate authority, written in Go
This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains. Boulder is the software that runs Let's Encrypt. This component model lets us separate the function of the CA by security context. The Web Front End, Validation Authority, OCSP Responder and Publisher need access to the Internet, which puts them at greater risk of compromise. ... -
4
apk-mitm
Application that automatically prepares Android APK files for HTTPS
Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious. -
Ship AI Apps Faster with Vertex AIShip AI apps and features faster with Vertex AI—your end-to-end AI platform. Access Gemini 3 and 200+ foundation models, fine-tune for your needs, and deploy with enterprise-grade MLOps. Build chatbots, agents, or custom models. New customers get $300 in free credit.
-
5
cert-manager
Automatic TLS certificate manager for Kubernetes
Automate certificate management in cloud native environments. Cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide 'certificates as a service' to developers working within your Kubernetes cluster. upport for popular CA types. Out of the box, cert-manager supports ACME (i.e. Let's Encrypt), HashiCorp Vault, Venafi, self signed and internal CA issuer types.... -
6
Gpg4win
GnuPG for Windows
Gpg4win is the official Windows distribution of the GnuPG encryption ecosystem, providing an accessible graphical environment for secure email and file protection. It packages the GnuPG engine together with user-friendly tools such as certificate management utilities, Windows Explorer integration, and Outlook plugins, enabling encryption workflows without requiring command-line expertise. The suite supports both OpenPGP and S/MIME standards, allowing organizations and individuals to secure... -
7
CFSSL
Cloudflare's PKI and TLS toolkit
CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. It requires Go 1.12+ to build. Note that certain linux distributions have certain algorithms removed (RHEL-based distributions in particular), so the golang from the official repositories will not work. Users of these distributions should install go manually to install CFSSL. You can set the GOOS and GOARCH environment variables to have... -
8
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted... -
9
Santa
A binary authorization system for macOS
Santa is a binary authorization system for macOS, aptly named since its main purpose is to keep track of binaries that are either naughty or nice. Santa is made up of a kernel extension (or a system extension on macOS 10.15+) that monitors and participates in execve() decisions, a userland daemon that makes the execution decisions, a GUI agent that shows notifications when an execve() is blocked, and a command-line utility that oversees system management and the synchronization of database... -
Go from Data Warehouse to Data and AI platform with BigQueryBigQuery is more than a data warehouse—it's an autonomous data-to-AI platform. Use familiar SQL to train ML models, run time-series forecasts, and generate AI-powered insights with native Gemini integration. Built-in agents handle data engineering and data science workflows automatically. Get $300 in free credit, query 1 TB, and store 10 GB free monthly.
-
10
Infisical
Infisical is the open-source platform for secrets management, PKI
Infisical is an open-source, all-in-one platform for managing secrets, certificates, and privileged access. It delivers modern security workflows like secrets rotation, dynamic credentials, role-based access control, and SSH certificate-based access—tailored for development and infrastructure teams. Manage secrets across projects and environments (e.g. development, production, etc.) through a user-friendly interface. Sync secrets to platforms like GitHub, Vercel, AWS, and use tools like Terraform, Ansible, and more. ... -
11
eCapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF
Capture SSL/TLS text content without a CA certificate using eBPF. Supports Linux/Android kernel versions x86_64 4.18 and above, aarch64 5.5 and above. Does not support Windows and macOS systems. -
12
Ghostunnel
A simple SSL/TLS proxy with mutual authentication
Ghostunnel is a simple TLS proxy with mutual authentication support for securing non-TLS backend applications. Ghostunnel supports two modes, client mode and server mode. Ghostunnel in server mode runs in front of a backend server and accepts TLS-secured connections, which are then proxied to the (insecure) backend. A backend can be a TCP domain/port or a UNIX domain socket. Ghostunnel in client mode accepts (insecure) connections through a TCP or UNIX domain socket and proxies them to a... -
13
Kubernetes Dashboard
General-purpose web UI for Kubernetes clusters
...To access Dashboard from your local workstation you must create a secure channel to your Kubernetes cluster. Kubeconfig Authentication method does not support external identity providers or certificate-based authentication. Metrics-Server has to be running in the cluster for the metrics and graphs to be available. Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk. In most cases after provisioning cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. ... -
14
Trillian
A transparent, highly scalable and cryptographically verifiable data
trillian is a transparent, cryptographically verifiable data store built on Merkle trees that provides append-only logs and verifiable key–value maps. It separates a storage layer from a verifiability layer, letting applications prove inclusion, consistency, and non-existence through compact cryptographic proofs. The system is designed for horizontal scale with gRPC APIs, enabling multiple frontends and sequencers to operate over a shared backend. Common use cases include certificate... -
15
PyRDP
RDP monster-in-the-middle (mitm) and library for Python
PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library. -
16
Ligolo-ng
An advanced, yet simple, tunneling/pivoting tool
Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). When running the relay/proxy server, a tun interface is used, packets sent to this interface are translated and then transmitted to the agent's remote network. You need to download the Wintun driver (used by WireGuard) and place the wintun.dll in the same folder as Ligolo. You can listen to ports on the agent and... -
17
Syncthing
Open Source Continuous File Synchronization
Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. It is very easy to use, cross-platform and automatic. As such,... -
18
Conscrypt
Conscrypt is a Java Security Provider
Conscrypt is a modern TLS/SSL provider for Java that replaces the default JCE/JCA crypto stack with one backed by BoringSSL for better performance and security posture. It is implemented as a drop-in SecurityProvider, so applications and frameworks can opt in without changing high-level HTTPS or socket code. The provider focuses on contemporary protocol hygiene—up-to-date cipher suite selection, ALPN, session resumption, and hardened defaults—so Java servers and clients negotiate secure... -
19
Internal All The Things
Active Directory and Internal Pentest Cheatsheets
Internal All The Things is a large, community-driven cheat-sheet and documentation repository focused on internal network penetration testing and Active Directory (AD) exploitation. It covers a broad range of topics; AD certificate services, Kerberos attacks, lateral movement, tooling, post-exploitation techniques, and networking. The content is designed to help both learners and experienced red-teamers fill gaps in their internal pentest knowledge, especially for environments where AD and... -
20
Modlishka
Powerful and flexible HTTP reverse proxy
Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios. Modlishka was written as... -
21
AWS IoT Device SDK for Python
SDK for connecting to AWS IoT from a device using Python
...By connecting their devices to AWS IoT, users can securely work with the message broker, rules, and the device shadow (sometimes referred to as a thing shadow) provided by AWS IoT and with other AWS services like AWS Lambda, Amazon Kinesis, Amazon S3, and more. It is a complete rework, built to improve reliability, performance, and security. We invite your feedback! The SDK is built on top of a modified Paho MQTT Python client library. Developers can choose from two types of connections to connect to AWS IoT. For MQTT over TLS (port 8883 and port 443), a valid certificate and a private key are required for authentication. For MQTT over the WebSocket protocol (port 443), a valid AWS Identity and Access Management (IAM) access key ID and secret access key pair are required for authentication. -
22
X509 GUI Certificate Viewer
Display online (TLS, DTLS, OPC, QUIC, SMTP) & offline certificates
-
23
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
-
24
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your... -
25
GOAD (Game of Active Directory)
game of active directory
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). ...
