Search Results for "endpoint security"
Sort By:
Showing 35 open source projects for "endpoint security"
View related business solutions-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Find Hidden Risks in Windows Task SchedulerWindows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
-
1
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
2
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as... -
3
ASP.NET Minimal APIs Made Easy
A light-weight REST API development framework for ASP.Net 6
...Supports policy/permission/role/claim based security. In-process pub/sub event notifications (with auto discovery). Declarative security policy building (within each endpoint). Easy Server-Sent-Events for real-time data streaming. Supports any IOC container compatible with ASP.NET. Convenient integration testing (route-less & strongly-typed). Constructor & property injection of endpoint dependencies. -
4
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
BadUSB
Flipper Zero badusb payload library
...It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
6
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
...If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure. -
7
PacketFence
Free and Open Source network access control (NAC) solution
PacketFence is a fully-featured, open-source network access control (NAC) solution that provides secure wired and wireless network access. It supports 802.1X, captive portal authentication, device profiling, endpoint compliance, and guest access. PacketFence is used in enterprise, education, and healthcare environments to enforce security policies and network segmentation. -
8
XRAY
XRay for recon, mapping and OSINT gathering from public networks
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services for vulnerabilities. It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or... -
9
Asciinema Server
Platform for hosting and sharing terminal session recordings
asciinema-server is the backend component of the asciinema suite. Built with Elixir and Phoenix, it provides an API and web UI for hosting, sharing, and managing terminal session recordings (asciicasts). It allows you to self-host your own instance or use the public asciinema.org. -
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
10
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful, and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and... -
11
Fingerprint Pro Azure Integration
Proxying identification and JavaScript agent download requests
Fingerprint Pro Azure Integration is responsible for proxying download requests of the latest Fingerprint Pro JS Agent between your site and Fingerprint CDN. Proxying identification requests and responses between your site and Fingerprint Pro API. This improves both accurancy and reliability of visitor identification and bot detection on your site. -
12
KrakenD
High-performance, stateless, declarative, API Gateway written in Go.
KrakenD is more than a typical proxy that forwards clients to backend services, but a powerful engine that can transform, aggregate or remove data from your own or third party services. KrakenD also implements the Backend for Frontend and Micro-frontends patterns to eliminate the necessity of dealing with multiple REST services, isolating clients from the micro-service implementation details. KrakenD's stateless architecture and performance-first approach for every internal component beat... -
13
Traefik Forward Auth
Forward authentication service. Google/OpenID oauth based login
A minimal forward authentication service that provides OAuth/SSO login and authentication for the traefik reverse proxy/load balancer. Traefik prepends the namespace to the name of middleware defined via a Kubernetes resource. This is handled automatically when referencing the middleware from another resource in the same namespace (so the namespace does not need to be prepended when referenced). However, the full name, including the namespace, must be used when referenced from static... -
14
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once... -
15
EKS Best Practices
A best practices guide for day 2 operations
The Amazon EKS Best Practices Guide is a public repository containing comprehensive documentation and guidance for operating production-grade Kubernetes clusters on AWS’s managed service, Amazon EKS. Rather than a code library, it serves as a reference catalogue of patterns, anti-patterns, checklists and architectures across domains such as security, reliability, scalability, networking, cost optimization and hybrid cloud deployments. The repository is maintained by AWS but open to contributions from the community, making it a living document that evolves as Kubernetes and AWS features evolve. Each section dives into operational details—for example, how to manage IAM roles for service accounts, secure the EKS endpoint, handle node auto-scaling, and design for multi-AZ resilience. ... -
16
Amazon SNS Message Validator for PHP
Amazon SNS message validation for PHP
The Amazon SNS Message Validator for PHP library allows you to validate that incoming HTTP(S) POST messages are valid Amazon SNS notifications. This library is standalone and does not depend on the AWS SDK for PHP or Guzzle; however, it does require PHP 5.4+ and that the OpenSSL PHP extension is installed. Next, you must create an instance of MessageValidator, and then use either the isValid() or validate(), methods to validate the message. The message validator checks the SigningCertURL,... -
17
DreamFactory
DreamFactory API Management Platform
DreamFactory can run on private, public, or hybrid cloud infrastructure. DreamFactory is easy to deploy with Docker, Kubernetes, or directly from GitHub using our automated installers. Eliminate the biggest bottleneck in modern IT. Launch your project in weeks rather than months. DreamFactory instantly creates a secure, standardized, reusable, fully documented, and live REST API. Connect Salesforce to SQL Server, or your ERP to AWS S3. Transform and mask data along the way. Create reports,... -
18
transfer.sh
Easy and fast file sharing from the command-line
Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj (Storj) providers, and local file system (local). For easy deployment, we've created a Docker container. For the usage with a AWS S3 Bucket, you just need to specify the following options, provider, aws-access-key, aws-secret-key, bucket, and s3-region. If you specify the... -
19
go-elasticsearch
The Go client for Elasticsearch
...The elasticsearch package ties together two separate packages for calling the Elasticsearch APIs and transferring data over HTTP, esapi and elastictransport, respectively. When you export the ELASTICSEARCH_URL environment variable, it will be used to set the cluster endpoint(s). Separate multiple adresses by a comma. The _examples folder contains a number of recipes and comprehensive examples to get you started with the client, including configuration and customization of the client, using a custom certificate authority (CA) for security (TLS), mocking the transport for unit tests. -
20
Artillery
Cloud-scale load testing. Fully serverless, test any stack
Artillery is cloud-native, open source, and integrates with your favorite monitoring and CI/CD stack. Load test anything, at any scale. The most advanced load-testing platform in the world. Get started and run a test in minutes from your local machine. Then scale it out effortlessly. Free & open-source. Artillery scales like no other. Run your tests from your own AWS account with no infra to set up or manage. Use Playwright to load test with real browsers. Test HTTP, WebSocket, Socket.io,... -
21
Tyk API Gateway
Open Source API Gateway written in Go
Tyk is an open source Enterprise API Gateway, supporting REST, GraphQL, TCP and gRPC protocols. Tyk Gateway is provided ‘Batteries-included’, with no feature lockout. Enabling your organization to control who accesses your APIs, when they access, and how they access it. Tyk Technologies uses the same API Gateway for all it’s applications. Protecting, securing, and processing APIs for thousands of organizations and businesses around the world. Ideal for Open Banking, building software... -
22
ESignPDF
Sign PDF with Digital Signature Certificate
Brought to you by parvesh88 System Requirements 1. A Computer running Windows 7 Service Pack 1 or higher 2. Java Runtime Environment (JRE) 8 or higher if JRE is not installed on your Computer, then download and install from here JRE 8 for Windows x86 -> https://www.azul.com/core-post-download/?endpoint=zulu&uuid=55abea0c-2aa5-4316-aafb-e90847f6ee21 JRE 8 for Windows x64 -> https://www.azul.com/core-post-download/?endpoint=zulu&uuid=5a34da4a-1821-4c79-a57c-7fce38d102c2 JRE 8... -
23
EasyAuth
Create a centralized Authentication and Authorization token server
...Easily secure FastAPI endpoints based on Users, Groups, Roles or Permissions with very little database usage. Centralized Auth - Single location for Users & Permissions to share across apps. Granular Endpoint Security - Verify user identity, and define explicitly who and what each user or group of users may access. Admin GUI - easy management of users, permissions, tokens, OAuth, and more! Advanced JWT - Token Based Client authorization with built-in invalidation capabilities. Google Oauth - Easy to configure google login. Integrated Login & Cookie Management - Users are not just authenticated and authorized, they are re-directed on token expiration to login pages via the cookie system and sent back to the last location afterward. -
24
AWS Jupyter Proxy
Jupyter server extension to proxy requests with AWS SigV4 authentican
A Jupyter server extension to proxy requests with AWS SigV4 authentication. This server extension enables the usage of the AWS JavaScript/TypeScript SDK to write Jupyter frontend extensions without having to export AWS credentials to the browser. A single /awsproxy endpoint is added on the Jupyter server which receives incoming requests from the browser, uses the credentials on the server to add SigV4 authentication to the request, and then proxies the request to the actual AWS service... -
25
Security Log Generator
Generates logs of typical formats that would often be found in a SOC
Generates logs of typical formats that would often be found in a SOC. As of 31st January 2023, it supports IDS, Web Access and Endpoint log formats. Can generate a specific number of events in a linear fashion or use a waveform to add 'bumpiness' to your data. The code is modular and extensible, adding additional formats can be done with relative ease.
