Search Results for "open source assembly software source code"
Sort By:
Showing 68 open source projects for "open source assembly software source code"
View related business solutions-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
1
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. ... -
2
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take... -
3
kube-score
Kubernetes object analysis with recommendations
Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. ... -
4
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages... -
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
5
hydra
Cloud native, security-first, API security for your infrastructure
Secure access to your applications and APIs, and authenticate third party users. Ory / Hydra is Open Source and OpenID Connect Certified® technology that integrates with any login system. Get started in minutes, and provide secure access to your application and API endpoints. Ory / Hydra works with any login system and only a few lines of code are required. Ory / Hydra is written in Go and we provide SDKs for every language. We work with any login system and it is easy to customize the login experience. ... -
6
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
7
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. Find vulnerabilities for language-specific packages. You can also choose another destination directory and release version for the installation.... -
8
OWASP Amass
In-depth attack surface mapping and asset discovery
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security. The volume argument allows the Amass graph database to persist between executions and output files to be accessed on the host system. ... -
9
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution... -
11
GopenPGP V3
A high-level OpenPGP library
GopenPGP V3 is a high-level OpenPGP cryptographic library developed by ProtonMail that provides a user-friendly API for common encryption and signing operations in Go, abstracting the complexity of the underlying OpenPGP standards and golang crypto primitives. This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when... -
12
Ory Kratos
Next-gen identity server with Ory-hardened authentication
...Control every aspect with a headless API. Ory Kratos comes with support for a wide range of 2FA protocols such as TOTP, FIDO2 & WebAuthn, works with any UI framework, and only a few lines of code are required to get it up and running. Configurable login and registration flows, multi-factor authentication, custom identity models, and bring your own UI. Ory Kratos is open-source and grows more powerful with every pull-request. Ory Kratos is written in Go and we provide SDKs for every language. Customizable login, registration, and profile management without complexity. ... -
13
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By... -
14
Casdoor
An open-source Identity and Access Management (IAM)
A UI-first Identity Access Management (IAM) / Single-Sign-On (SSO) platform supporting OAuth 2.0, OIDC, SAML and CAS, integrated with Casbin RBAC and ABAC permission management. Within a few steps, we can setup a Casdoor app and realize our authorization management. Casdoor has a front-end back-end separation architecture, with maneuverable web UI and supporting high concurrency. Casdoor is supporting multi-languages, using i18n to support multi-languages UI. For more languages support,... -
15
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful, and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and... -
16
Keybase client
Keybase Go library, client, service, OS X, iOS, Android, Electron
Keybase is secure messaging and file-sharing. We use public key cryptography to ensure your messages stay private. Even we can’t read your chats. Keybase works for families, roommates, clubs, and groups of friends, too. Keybase connects to public identities, too. You can connect with communities from Twitter, Reddit, and elsewhere. Don’t live dangerously when it comes to documents. Keybase can store your group’s photos, videos, and documents with end-to-end encryption. You can set a timer on... -
17
Pomerium
Pomerium is an identity and context-aware access proxy
Secure, context-aware access that just works. Access internal resources securely. Implement zero trust. Achieve compliance. All without the headache of a VPN. For teams that prefer a hosted solution while keeping data governance. For organizations that need advanced scaling, access control, and governance capabilities. IT and developers need a scalable access control solution to keep users productive, happy, and secure. Pomerium uses identity and context to ensure secure access to internal... -
18
Kubernetes Dashboard
General-purpose web UI for Kubernetes clusters
Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself. To access Dashboard from your local workstation you must create a secure channel to your Kubernetes cluster. Kubeconfig Authentication method does not support external identity providers or certificate-based authentication. Metrics-Server has to be running in the cluster for the metrics and... -
19
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for... -
20
ZITADEL
Identity infrastructure, simplified for you
Secure authentication management for your application. Customize as you grow, with easy APIs and programmable workflows. Focus on growing, your login is in good hands. Streamline your application development with our all-in-one identity suite. Designed for all user types, be it consumers, businesses, or employees. Offload complex tasks by using our API as solid abstractions. Benefit from an adaptable identity infrastructure with custom code extensions and robust security defaults. -
21
SLSA GitHub Generator
Language-agnostic SLSA provenance generation for Github Actions
This repository contains free tools to generate and verify SLSA Build Level 3 provenance for native GitHub projects using GitHub Actions. Developers can build their software using a secure process that protects against many supply chain attacks and tampering. Users of their software can verify a tamper-proof statement of the process to know how the software was created. -
22
Pumba
Chaos testing, network emulation, stress testing tool for containers
Pumba is a chaos testing command line tool for Docker containers. Pumba disturbs your containers by crashing containerized applications, emulating network failures and stress-testing container resources (cpu, memory, fs, io, and others). -
23
Stacklok Minder
Software Supply Chain Security Platform
Minder by Stacklok is an open source platform that helps development teams and open source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain and attest their security practices to downstream consumers. -
24
Coroot
Open-source observability for microservices
Collecting metrics, logs, and traces alone doesn't make your applications observable. Coroot turns that data into actionable insights for you. Enable system observability in minutes, no code changes required. Each release is automatically compared with the previous one, so you'll never miss even the slightest performance degradation. With integrated Cost Monitoring, developers can track how each change affects their cloud bill. Understand your cloud costs down to any given application.... -
25
Hoverfly
Lightweight service virtualization/ API simulation / API mocking tool
Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice.