Search Results for "security" - Page 2
Sort By:
Showing 1807 open source projects for "security"
View related business solutions-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
DSVPN
A dead simple VPN
DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable. Uses only modern cryptography, with formally verified implementations. Small and constant memory footprint. Doesn't perform any heap memory allocations. Small (~25 KB), with an equally small and readable code base. No external dependencies. Works out of the box. No lousy documentation to read. No... -
2
KadNode
P2P DNS with content key, crypto key and PKI support
KadNode is a decentralized DNS resolver that uses the BitTorrent Distributed Hash Table (DHT) network to resolve domain names, particularly those ending with .p2p. It operates as a lightweight daemon, intercepting DNS requests and providing IP address resolutions without relying on centralized DNS infrastructure. KadNode supports authentication mechanisms to ensure the integrity and authenticity of the resolved addresses. -
3
pgAudit
PostgreSQL Audit Extension
pgaudit is a PostgreSQL extension that provides detailed session and object-level auditing to meet compliance and security requirements. It extends the standard PostgreSQL logging capabilities by capturing structured audit logs for activities such as DML, DDL, and role changes. Designed for environments that require traceability, pgaudit makes it easier to track who did what, when, and where in a database. -
4
syslog-ng
Log management solution that improves the performance of SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to... -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
5
VirtualBox
Virtualization software for x86_64 hardware
...This flexibility makes VirtualBox ideal for developers, testers, sysadmins, or hobbyists who need different OS environments, want to test software across systems, or need isolation for development, sandboxing, or security experiments. VirtualBox offers both a user-friendly GUI as well as a command-line interface and headless mode, making it useful for desktop usage as well as server or automated environments. -
6
Linux Kernel
Linux Kernel source tree
The Linux Kernel is the core component of the Linux operating system—a free, open-source, monolithic, Unix-like system kernel initiated by Linus Torvalds in 1991 and since evolved into a foundational technology powering everything from servers and supercomputers to smartphones and embedded devices. There are various text files in the Documentation/ subdirectory, several of them using the reStructuredText markup notation. Extensive filesystem compatibility (ext4, Btrfs, FUSE, XFS, etc.) Broad... -
7
ByteHook
ByteHook is an Android PLT hook library
...The repository appears to aim at low-level hooking/injection capabilities, perhaps to support runtime introspection, behavioral monitoring, or hooking-based instrumentation (e.g. for security, tracing, sandboxing, or debugging). Because hooking is a common technique for intercepting library or system calls, Bhook likely provides abstractions to inject hooks into processes or libraries, enabling custom behavior monitoring or modification — which can be useful for building security tools, monitoring frameworks, or dynamic instrumentation. ... -
8
Osquery
SQL operating system instrumentation and monitoring framework
Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser... -
9
Google Authenticator PAM Library
Example PAM module demonstrating two-factor authentication
...A lightweight enrollment program bootstraps each account by generating a secret, printing a QR code, and writing per-user configuration with safe file permissions. Because verification happens locally, codes work offline and do not depend on any Google service, which suits high-security and air-gapped environments. Administrators can tune skew tolerance, rate limiting, emergency scratch codes, and which PAM control flags enforce 2FA for specific users or groups. The project’s design favors simplicity and auditability, keeping the runtime small and the configuration explicit so it’s easy to review in production change control. -
Earn up to 16% annual interest with Nexo.Generate interest, borrow against your crypto, and trade a range of cryptocurrencies — all in one platform. Geographic restrictions, eligibility, and terms apply.
-
10
Tempesta FW
All-in-one solution for high performance web content delivery
Tempesta FW is an all-in-one open-source solution for high performance web content delivery and advanced protection against DDoS and web attacks. This is a drop-in-replacement for the whole web server frontend infrastructure: an HTTPS load balancer, a web accelerator, a DDoS mitigation system, and a web application firewall (WAF). Tempesta FW is the first and only hybrid of a Web accelerator and a multi-layer firewall. This unique architecture provides seamless integration with the Linux... -
11
AWS Nitro Enclaves SDK for C
This repo provides a C API for AWS Nitro Enclaves, including a KMS SDK
...Note that this SDK is currently not supported on Windows. Only the client-side sample application (kmstool_instance) is supported on Windows. If you discover a potential security issue in the Nitro Enclaves SDK for C, we ask that you notify AWS Security via our vulnerability reporting page. -
12
Dirty Frag
Universal Linux LPE
...The project explores how fragmented packets can be crafted and transmitted to alter how traffic is interpreted by inspection systems or network devices. It is primarily aimed at networking enthusiasts, security researchers, and developers experimenting with packet-level behavior and protocol edge cases. dirtyfrag emphasizes lightweight execution and direct control over fragmentation workflows rather than providing a full networking suite. The project can be useful for research into censorship circumvention, packet analysis, and protocol handling inconsistencies across different systems. ... -
13
gVisor
Application Kernel for Containers
...Written in Go, it implements a Linux-compatible system call interface that runs entirely in user space, creating a secure sandboxed environment for containers. Unlike traditional virtual machines or lightweight syscall filters, gVisor follows a third approach that offers many of the security benefits of virtualization while maintaining the speed, resource efficiency, and flexibility of containers. Its key runtime, runsc, integrates seamlessly with container ecosystems such as Docker and Kubernetes, making it easy to deploy sandboxed workloads using familiar tools. By intercepting and safely handling syscalls from applications, gVisor reduces the attack surface of the host kernel, mitigating risks associated with running untrusted or potentially malicious code in containerized environments. -
14
Crosvm
The Chrome OS Virtual Machine Monitor
crosvm (ChromeOS Virtual Machine Monitor) is a secure, lightweight virtual machine monitor built on top of the Linux KVM hypervisor. Developed for ChromeOS, it is designed to isolate and execute Linux and Android guests efficiently while maintaining strong security boundaries. Unlike general-purpose emulators like QEMU, crosvm avoids full hardware emulation and focuses on modern paravirtualized I/O using the virtio standard, reducing complexity and attack surface. Written in Rust, it emphasizes memory safety and modularity, allowing sandboxed device emulation with fine-grained privilege separation. crosvm underpins several ChromeOS subsystems, including Android Runtime for Chrome (ARCVM) and Crostini Linux containers, enabling rich application compatibility within a tightly controlled environment. -
15
Tox
A New Kind of Instant Messaging
Tox is a peer to peer (serverless) instant messenger that focuses on security and privacy. In today's world where digital surveillance is rampant, Tox offers users a communication software alternative that's free from prying eyes and ears, and is, quite literally free and without advertising. Tox comes with all the great features you'd expect from an instant messenger application, including voice calls, video calls, file sharing and screen sharing. -
16
Dunst
Lightweight and customizable notification daemon
Dunst is a lightweight replacement for the notification daemons provided by most desktop environments. It’s very customizable, isn’t dependent on any toolkits, and therefore fits into those window manager-centric setups we all love to customize to perfection. Customize fonts, icons, timeouts, and more. Are you unhappy with the default shortcuts and colors? No worries, you can change these all with a simple configuration file tweak. Change the look or behavior of notifications matching a... -
17
Wuffs
Wrangling Untrusted File Formats Safely
...Its standard library emphasizes portability and constant-time behavior where appropriate, which is valuable in security-sensitive contexts. Because the language is purpose-built, the resulting C output is small, auditable, and easy to embed in larger systems. -
18
SWUpdate
Software Update for Embedded Systems
SWUpdate is a Linux Update agent with the goal to provide an efficient and safe way to update an embedded Linux system in the field. SWUpdate supports local and OTA updates and multiple update strategies and it is designed with security in mind. To start with SWUpdate, it is suggested you look at the documentation and build for one evaluation board (or you run SWUpdate on your host for a first overview). If you plan to update your device locally or remotely, SWUpdate is the right framework for you. Thanks to its high flexibility, you can tune any aspect of the update and integrate it into your project. ... -
19
Arcan
Powerful development framework for creating virtually anything
Arcan is a powerful development framework for creating virtually anything from user interfaces for specialized embedded applications all the way to full-blown standalone desktop environments. At its heart lies a robust and portable multimedia engine, with a well-tested and well-documented Lua scripting interface. The development emphasizes security, debuggability and performance, guided by a principle of least surprise in terms of API design. For the main engine there has been quite some refactoring to reduce input latency; better accommodate variable-refresh rate display; prepare for asymmetric uncooperative multi-GPU and GPU handover; explicit synchronization and runtime transitions back and forth between low (16-bit) to standard (32-bit) to high-definition rendering (10-bit + fp16/fp32). -
20
VeraCrypt
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. ... -
21
s2n
An implementation of the TLS/SSL protocols
...For forward secrecy, s2n-tls supports both DHE and ECDHE. s2n-tls also supports the Server Name Indicator (SNI), Application-Layer Protocol Negotiation (ALPN), and Online Certificate Status Protocol (OCSP) TLS extensions. SSLv3, RC4, 3DES, and DHE are each disabled by default for security reasons. -
22
fluentbit
Fast and Lightweight Logs and Metrics processor for Linux, BSD, OSX
...Proven across distributed cloud and container environments. Highly available with I/O handlers to store data for disaster recovery. Granular management of data parsing and routing. Filtering and enrichment to optimize security and minimize cost. The lightweight, asynchronous design optimizes resource usage: CPU, memory, disk I/O, network. No more OOM errors! Integration with all your technology, cloud-native services, containers, streaming processors, and data backends. Fully event-driven design leverages the operating system API for performance and reliability. ... -
23
Memcached
memcached development tree
...If you want TLS support, install OpenSSL's development packages and change the configure line. libseccomp (optional, experimental, Linux), enables process restrictions for better security. Tested only on x86-64 architectures. -
24
eCapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF
Capture SSL/TLS text content without a CA certificate using eBPF. Supports Linux/Android kernel versions x86_64 4.18 and above, aarch64 5.5 and above. Does not support Windows and macOS systems. -
25
The Bitdefender disassembler
bddisasm is a fast, lightweight, x86/x64 instruction decoder
The Bitdefender disassembler is a highly optimized, lightweight x86/x64 instruction decoder designed for security, reverse engineering, and low-level systems analysis. It focuses on decoding machine instructions with high precision while providing detailed metadata about each instruction, including operands, access modes, CPU flags, and feature requirements. Unlike many disassemblers, bddisasm is built with zero dynamic memory allocation and no external dependencies, making it extremely portable and suitable for constrained environments such as kernels, hypervisors, and embedded systems. ...
