Search Results for "keys"
Sort By:
Showing 238 open source projects for "keys"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Secretive
Protect your SSH keys with your Mac's Secure Enclave
Secretive is a macOS app that generates and stores SSH keys inside the Secure Enclave, keeping private keys non-exportable and bound to your hardware. It runs an ssh-agent compatible service, so existing tools can use the keys without any changes to your workflows. Because the keys never leave the Secure Enclave, even root on the host cannot read them, which raises the bar against credential theft. -
2
SOPS
Simple and flexible tool for managing secrets
...We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. It is recommended to use at least two master keys in different regions. If you want to use PGP, export the fingerprints of the public keys, comma separated, in the SOPS_PGP_FP env variable. -
3
YouTube Music
YouTube Music Desktop App bundled with custom plugins
...Apply compression to audio (lowers the volume of the loudest parts of the signal and raises the volume of the softest parts) Next/Back navigation arrows directly integrated in the interface, like in your favorite browser. Allows setting global hotkeys for playback (play/pause/next/previous) + disable media osd by overriding media keys + enable Ctrl/CMD + F to search + enable Linux mpris support for media keys + custom hotkeys for advanced users. -
4
AWS Encryption SDK for Java
AWS Encryption SDK
...The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. By default, the AWS Encryption SDK generates a unique data key for each data object that it encrypts. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
YubiKey Guide
Community guide to using YubiKey for GnuPG and SSH
The YubiKey-Guide by drduh is a community-maintained, in-depth tutorial and reference on how to use a YubiKey (hardware authentication token) with GPG, SSH, and related cryptographic setups. It explains how to generate, manage, and use keys, configure pin / touch policies, and integrate the YubiKey into secure workflows. Configuration instructions for requiring touch for operations. Step-by-step instructions for generating GPG keys and migrating them to a YubiKey. Troubleshooting and advice for different OS environments. Example commands and script snippets for automation. -
6
sbctl
Secure Boot key manager
sbctl intends to be a user-friendly secure boot key manager capable of setting up secure boot, offering key management capabilities, and keeping track of files that need to be signed in the boot chain. It is written top-to-bottom in Golang using go-uefi for the API layer and doesn't rely on existing secure boot tooling. It also tries to sport some integration testing towards tianocore utilizing vmtest. -
7
SecretScanner
Find secrets and passwords in container images and file systems
...Secrets are any kind of sensitive or private data that gives authorized users permission to access critical IT infrastructure (such as accounts, devices, networks, cloud based services), applications, storage, databases, and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers. Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. ... -
8
aws-encryption-sdk
AWS Encryption SDK
...The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. -
9
Metabigor
Command-line OSINT and reconnaissance tool without API keys
...It can also enrich IP information with service, port, and vulnerability data using Shodan InternetDB while remaining accessible without authentication keys. In addition, it provides utilities that coordinate network scanning workflows by acting as a wrapper for tools like rustscan, masscan, and nmap. -
Application Monitoring That Won't Slow Your App DownFull APM with errors, performance, logs, and uptime monitoring. 99.999% uptime SLA on the platform itself.
-
10
gitGraber
Real-time GitHub monitor that detects leaked API keys and secrets
gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It scans recently indexed files on GitHub and searches for patterns that may indicate leaked credentials, API keys, or other confidential data used by popular online services. Instead of analyzing the full history of repositories, the tool focuses on newly indexed content, allowing security researchers and bug bounty hunters to quickly identify fresh leaks as they appear. gitGraber uses carefully crafted regular expressions to detect tokens and secrets associated with platforms such as AWS, Google, PayPal, Twitter, Stripe, and many others. ... -
11
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders
PersistenceSniper is a digitally signed PowerShell module aimed at blue teams and incident responders for automated detection of persistence mechanisms on Windows systems. It implements detection logic for techniques listed in MITRE ATT&CK (e.g. registry run keys, scheduled tasks, service modifications) and is regularly updated with new detection paths. -
12
Laravel Vonage Notification Channel
Vonage Notification Channel for Laravel.
...However, you are not required to export this configuration file to your own application. You can simply use the VONAGE_KEY and VONAGE_SECRET environment variables to define your Vonage public and secret keys. After defining your keys, you should set a VONAGE_SMS_FROM environment variable that defines the phone number that your SMS messages should be sent from by default. -
13
PermissionsKit
Universal API for request permission and get its statuses
Universal API for requesting permission and get its statuses. Available .authorized, .denied & .notDetermined. -
14
OpenPGP.js
OpenPGP implementation for JavaScript
...The idea is to implement all the needed OpenPGP functionality in a JavaScript library that can be reused in other projects that provide browser extensions or server applications. It should allow you to sign, encrypt, decrypt, and verify any kind of text, in particular e-mails, as well as managing keys. Version 3.0.0 of the library introduces support for public-key cryptography using elliptic curves. We use native implementations on browsers and Node.js when available. -
15
Flipper iOS App
iOS Mobile App to rule all Flipper's family
Flipper iOS App is the official mobile companion application designed to interface with the Flipper Zero device, providing users with a portable and intuitive way to manage, control, and extend the functionality of the hardware ecosystem. It acts as a centralized hub where users can organize data such as RFID keys, NFC dumps, infrared signals, and other captured assets directly from their iPhone. The app facilitates wireless communication between the mobile device and Flipper Zero through Bluetooth, enabling real-time interaction and synchronization without requiring a desktop computer. It is also used for firmware updates, file management, and browsing available applications from the Flipper ecosystem, effectively bridging the gap between hardware and user workflows. ... -
16
Infisical
Infisical is the open-source platform for secrets management, PKI
Infisical is an open-source, all-in-one platform for managing secrets, certificates, and privileged access. It delivers modern security workflows like secrets rotation, dynamic credentials, role-based access control, and SSH certificate-based access—tailored for development and infrastructure teams. Manage secrets across projects and environments (e.g. development, production, etc.) through a user-friendly interface. Sync secrets to platforms like GitHub, Vercel, AWS, and use tools like... -
17
GopenPGP V3
A high-level OpenPGP library
...Built on top of a forked version of the Go crypto library, gopenpgp supports current OpenPGP RFC standards and includes examples for working with password-based encryption and PGP keys, as well as detached and inline signatures. Because it’s designed for broad use, the library also targets go-mobile compatibility, meaning it can support mobile app use cases alongside server and desktop tooling. -
18
MicroBurst
A collection of scripts for assessing Microsoft Azure security
...It bundles many functions to enumerate Azure resources (subscriptions, VMs, storage accounts, container registries, App Services and more), probe common misconfigurations, and harvest sensitive artifacts when available (for example storage blobs, keys, automation account credentials, and other subscription-level secrets). The project exposes both interactive helpers and scripted commands (e.g., Invoke-EnumerateAzureBlobs, Invoke-EnumerateAzureSubDomains, REST-based VM command execution and storage key retrieval routines) so operators can pivot from discovery to validated proof-of-concept actions during authorized penetration tests. -
19
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
...Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure. -
20
Google APIs Node.js Client
Google's supported Node.js client library
Google's supported Node.js client library for accessing Google APIs. Support for authorization and authentication with OAuth 2.0, API Keys and JWT (Service Tokens) is included. The full list of supported APIs can be found on the Google APIs Explorer. The API endpoints are automatically generated, so if the API is not in the list, it is currently not supported by this API client library. These client libraries are supported by Google. However, these libraries are considered complete and are in maintenance mode. ... -
21
SimpleX
The first messaging platform operating without user identifiers
...It allows to deliver messages without user profile identifiers, providing better meta-data privacy than alternatives. Many communication platforms are vulnerable to MITM attacks by servers or network providers. To prevent it SimpleX apps pass one-time keys out-of-band when you share an address as a link or a QR code. Double-ratchet protocol. OTR messaging with perfect forward secrecy and break-in recovery. NaCL cryptobox in each queue to prevent traffic correlation between message queues if TLS is compromised. -
22
GitHound
Search GitHub for leaked API keys, credentials, and exposed secrets
GitHound is a reconnaissance and security scanning tool designed to search GitHub for exposed secrets such as API keys, credentials, and other sensitive tokens. It works by combining GitHub search queries (often called “GitHub dorks”) with pattern matching techniques to locate potential secrets across public repositories. Instead of scanning only a limited set of repositories, the tool leverages GitHub’s Code Search API to analyze results from across the entire public GitHub ecosystem, including repositories and Gists. ... -
23
Tomb
the Crypto Undertaker
...Under the hood it uses Linux dm-crypt with LUKS for strong, disk-level encryption, and separates the key material from the vault itself to improve security workflows. Keys can be protected with passphrases and even hidden via steganography inside innocuous files, giving you options for concealment and off-device storage. The interface is deliberately simple—dig a tomb, forge a key, lock it, and open it—yet provides hooks to bind directories or run scripts on open/close so you can tailor behavior to your workstation. ... -
24
Hemmelig
Keep your sensitive information out of chat logs, emails, and more
Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. -
25
subfinder
Fast passive subdomain enumeration tool
...The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. Its modular architecture allows users to enable dozens of data providers through API keys, expanding coverage as needed. Subfinder integrates easily into automation pipelines and CI workflows thanks to its clean command-line design and structured output formats. The tool is intentionally specialized, doing one job extremely well rather than attempting to be an all-in-one scanner. In practice, Subfinder serves as a foundational building block for modern reconnaissance stacks.
