Search Results for "gnu/linux" - Page 6
Sort By:
Showing 153 open source projects for "gnu/linux"
View related business solutions-
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Confused
Tool to check for dependency confusion vulnerabilities
A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt, JavaScript (npm) package.json, PHP (composer) composer.json or MVN (maven) pom.xml. confused simply reads through a dependency definition file of an application and checks the public package repositories for each dependency entry in that file. It will proceed to report all the package names that are not found in the public repositories - a... -
2
certstrap
Tools to bootstrap CAs, certificate requests, and signed certificates
A simple certificate manager written in Go, to bootstrap your own certificate authority and public key infrastructure. Adapted from etcd-ca. certstrap is a very convenient app if you don't feel like dealing with OpenSSL, its myriad of options or config files. certstrap allows you to build your own certificate system. certstrap can init multiple certificate authorities to sign certificates with. Users can make arbitrarily long certificate chains by using signed hosts to sign later certificate... -
3
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. Horusec can be used by the developer through the CLI and by the... -
4
Hakrawler
Fast Go web crawler for discovering URLs and web app endpoints
hakrawler is a lightweight command-line web crawler built in Go that is designed to quickly discover URLs, endpoints, and assets within web applications. It is primarily used during the reconnaissance phase of security testing, bug bounty hunting, and penetration testing. It works by automatically crawling web pages and extracting links, JavaScript file locations, and other resources that may reveal additional attack surface or hidden functionality. hakrawler is implemented as a simple and... -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
mkcert
Zero-config tool to make locally trusted development certificates
mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration. Using certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like example.test, localhost or 127.0.0.1), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps. mkcert automatically creates and installs a local CA in... -
6
Hetty
An HTTP toolkit for security research
Hetty is an HTTP toolkit for security research. It aims to become an open-source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty communities. Machine-in-the-middle (MITM) HTTP proxy, with logs and advanced search. HTTP client for manually creating/editing requests, and replay proxied requests. Intercept requests and responses for manual review (edit, send/receive, cancel) Scope support, to help keep work... -
7
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is... -
8
wholeaked
Tool that embeds identifiers in files to trace leak sources
wholeaked is an open source file distribution and tracking tool designed to help identify the source of leaked files. It works by generating unique versions of a file for each recipient and embedding identifying signatures or metadata into each distributed copy. If the file later appears in an unauthorized location, the embedded identifier can be analyzed to determine which recipient originally received that specific version. This approach allows organizations, researchers, or individuals to... -
9
kiam
Integrate AWS IAM with Kubernetes
kiam runs as an agent on each node in your Kubernetes cluster and allows cluster users to associate IAM roles with Pods. [a] role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumed by anyone who needs it. Also, a role does not have any credentials (password or access keys) associated with it. Instead, if a user is... -
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
10
GoSpider
Gospider - Fast web spider written in Go
GoSpider - Fast web spider written in Go. Fast web crawling. Brute force and parse sitemap.xml. Parse robots.txt. Generate and verify link from JavaScript files. Link Finder. Find AWS-S3 from response source. Find subdomains from the response source. Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault. Format output easy to Grep. Support Burp input. Crawl multiple sites in parallel. -
11
sso
Single sign-on solution for securing internal services
sso — lovingly known as the S.S. Octopus or octoboi — is the authentication and authorization system BuzzFeed developed to provide a secure, single sign-on experience for access to the many internal web apps used by our employees. It depends on Google as its authoritative OAuth2 provider and authenticates users against a specific email domain. Further authorization based on Google Group membership can be required on a per-upstream basis. The main idea behind sso is a "double OAuth2" flow,... -
12
NPS
Lightweight, high-performance, powerful intranet penetration proxy
...Comprehensive protocol support, compatible with almost all commonly used protocols, such as tcp, udp, http(s), socks5, p2p, http proxy. Full platform compatibility (linux, windows, macos, Synology, etc.), support installation as a system service simply. Comprehensive control, both client and server control are allowed. Https integration, support to convert backend proxy and web services to https, and support multiple certificates. Just simple configuration on web ui can complete most requirements. ... -
13
gitjacker
Leak git repositories from misconfigured websites
Leak git repositories from misconfigured websites. Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled. For educational/penetration testing use only. You will need to have git installed to use Gitjacker. -
14
Insider
Static Application Security Testing (SAST) engine
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on agile and easy-to-implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET. Insider is focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and... -
15
Fairwinds Polaris
Configuration Validation and Policy Enforcement for Kubernetes
Fairwinds' Polaris keeps your clusters sailing smoothly. It runs a variety of checks to ensure that Kubernetes pods and controllers are configured using best practices, helping you avoid problems in the future. -
16
CloudBrute
Awesome cloud enumerator
...Cloud detection (IPINFO API and Source Code) Supports all major providers. Black-Box (unauthenticated). Fast (concurrent), modular and easily customizable, cross Platform (windows, linux, mac), user-agent randomization, proxy randomization (HTTP, Socks5). -
17
pico
A Git-driven task runner built to facilitate GitOps and Infrastructure
Pico is a Git-driven task runner built to facilitate GitOps and Infrastructure-as-Code while securely passing secrets to tasks. What once was a place to chat and collaborate with people across the planet is now a platform for the commercialization of products and services. At the seat of the modern web is the browser. The modern browser is very much like an operating system, both in terms of complexity and code size. Only massive corporations can build and maintain it. Further, the web... -
18
Key Transparency
A transparent and secure way to look up public keys
Key Transparency is a system for accountable public-key discovery that lets users and senders verify the keys associated with an account over time. It combines an append-only log with a verifiable map so changes to a user’s keys produce cryptographic proofs, enabling clients to detect malicious insertions or undetected key rotations. The architecture separates operators from verifiers: even if the service is compromised, independent clients can audit inclusion and consistency proofs to... -
19
Gitkube
Build and deploy docker images to Kubernetes using git push
Gitkube is a tool for building and deploying Docker images on Kubernetes using git push. After a simple initial setup, users can simply keep git push-ing their repos to build and deploy to Kubernetes automatically. Ideal for development where you can push your WIP branch to the cluster to test. Reference implementation for writing git-based automation on your server. Fork this repo and create your own CRD + controller + git remote hook that can do things on the Kubernetes cluster. No... -
20
horcrux
Split your file into encrypted fragments
Horcrux is a command-line tool built in Go that enables you to split a file into encrypted fragments (“horcruxes”) so you don’t need to remember a pass-code for later decryption. It uses the Shamir Secret Sharing scheme to break an encryption key into multiple pieces, such that only a threshold of them can reconstruct the original file. You select the number of fragments to create and the minimum number required to recover the file, then scatter the fragments (e.g., on USBs or cloud... -
21
Trousseau
File based encrypted key-value store
Trousseau is an encrypted key-value store designed to be a simple, safe and trustworthy place for your data. It stores data in a single encrypted file. It supports both asymetric encryption using OpenPGP, and symmetric encryption using AES256. It can be easily synced across devices using Dropbox, OneDrive. It can be exported and imported to/from multiple remote storages using integrated S3, ssh, and gist support. If used with OpenPGP encryption, it is able to restrict access to the data... -
22
AQUATONE
A tool for domain flyovers
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface. Aquatone is designed to be as easy to use as possible and to integrate with your existing toolset with no or minimal glue. Aquatone is started by piping output of a command into the tool. It doesn't really care how the piped data looks as URLs, domains, and IP addresses will be extracted with regular expression pattern matching.... -
23
goRBAC
goRBAC provides a lightweight role-based access control (RBAC) in Go
goRBAC provides a lightweight role-based access control implementation in Golang. Currently, goRBAC has two released versions. Version 1 is the original design which will only be mantained to fix bugs. Version 2 is the new design which will only be mantained to fix bugs. Although you can adjust the RBAC instance anytime and it's absolutely safe, the library is designed for use with two phases, preparing and checking. Also, you can implement gorbac.Role and gorbac.Permission for your own data... -
24
goim
goim is a im server writen by golang
GOIM is a IM and push notification server cluster. Supports single push, multiple push and broadcasting. Supports one key to multiple subscribers (Configurable maximum subscribers count). Supports heartbeats (Application heartbeats, TCP, KeepAlive, HTTP long pulling). Supports authentication (Unauthenticated user can’t subscribe). Scalable architecture (Unlimited dynamic job and logic modules). You can view the comments in target/comet.toml,logic.toml,job.toml to understand the meaning of... -
25
Firefly
A proxy software to help circumventing the Great Firewall
Firefly is an agent used to access Great Firewall (GFW) blocked websites and applications. Under the default settings, Firefly only goes through VPN forwarding wall of IP traffic, IP wall straight. If you find a website or application you cannot access, Firefly flow mechanism can be built to distinguish between an error. In this case, you can choose to forward all traffic through the VPN, and then try again.
