Search Results for "web applications using java"
Sort By:
Showing 88 open source projects for "web applications using java"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Desktop and Mobile Device Management SoftwareDesktop Central is a unified endpoint management (UEM) solution that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location.
-
1
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web... -
2
AWS Secrets Manager Java caching client
Enables in-process caching of secrets for Java applications
The AWS Secrets Manager Java caching client enables in-process caching of secrets for Java applications. To use this client you must have a Java 8 development environment. If you do not have one, go to Java SE Downloads on the Oracle website, then download and install the Java SE Development Kit (JDK). Java 8 or higher is recommended. An Amazon Web Services (AWS) account to access secrets stored in AWS Secrets Manager and use AWS SDK for Java. ... -
3
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. -
4
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. Spring Security uses a Gradle-based build system. In the instructions, ./gradlew... -
Planfix: Manage Projects, Team's Tasks and Business ProcessesPlanfix is like a souped-up business process management system for folks who really know their stuff. It's built to help you dive deeper and gives you more options than your run-of-the-mill project and task management systems. Best part? Even small businesses and non-profits can get in on the action.
-
5
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
6
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as... -
7
MaxKey
MaxKey SSO ,Leading-Edge IAM-IDaas(Identity and Access Management)
Maxkey Single Sign On System, which means the Maximum key, Leading-Edge IAM/IDaas Identity and Access Management product, supports OAuth 2.x/OpenID Connect, SAML 2.0, JWT, CAS, SCIM, and other standard protocols, and provide Secure, Standard and Open Identity management (IDM), Access management (AM), Single Sign On (SSO), RBAC permission management and Resource management. MaxKey focuses on performance, security, and ease of use in enterprise scenarios, is widely used in industries such as... -
8
Central Authentication Service (CAS)
Identity & Single Sign On for all earthlings and beyond
...Monitor and track application and system behavior, statistics and metrics in real-time. Manage and review audits and logs centrally, and publish data to a variety of downstream systems. Manage and register client applications and services with specific authentication policies. Cross-platform client support (Java, .NET, PHP, Perl, Apache, etc). -
9
OpenWebStart-GNU/LINUX
OpenWebStart deb rpm jnlp gnu linux
OpenWebStart is an open source reimplementation of the Java Web Start technology. It provides the most commonly used features of Java Web Start and the JNLP standard, so that your customers can continue using applications based on Java Web Start and JNLP without any change. OpenWebStart is based on Iced-Tea-Web and the JNLP-specification defined in JSR-56. OpenWebStart is released under the GPL with Classpath Exception. ... -
Download the most trusted enterprise browserChrome Enterprise is ideal for businesses of all sizes, IT professionals, and organizations looking for a secure, scalable, and easily managed browser solution that supports remote work, data protection, and streamlined enterprise operations.
-
10
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
-
11
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, PGP, OOXML and MRTD (ePassport DS).
-
12
StrongKey FIDO Server (SKFS)
FIDO® Certified StrongKey FIDO Server (SKFS)
An open source implementation of the FIDO2 protocol to support passwordless strong authentication using public-key cryptography. Supports registration, authentication (all platforms), and transaction authorization (for native Android apps). -
13
StrongKey PKI2FIDO
Web application to register FIDO keys from TLS ClientAuth sessions
StrongKey PKI2FIDO is a web application written in Angular and Java using REST web service calls for client-server communication. The application enables users that have X.509 digital certificates (optionally, on smart cards—such as the PIV card or CAC) to strongly authenticate to PKI2FIDO using TLS ClientAuth and then register a FIDO Security key with a FIDO Server (such as StrongKey FIDO Server at https://sourceforge.net/projects/strongkeyfido/). ... -
14
SigV4
A SigV4 authentication plugin for the open-source DataStax Java Driver
This package implements an authentication plugin for the open-source Datastax Java Driver for Apache Cassandra. The driver enables you to add authentication information to your API requests using the AWS Signature Version 4 Process (SigV4). Using the plugin, you can provide users and applications short-term credentials to access Amazon Keyspaces (for Apache Cassandra) using AWS Identity and Access Management (IAM) users and roles. -
15
Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org
-
16
PiracyChecker
An Android library that prevents your app from being pirated
An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required. This library applies some techniques to help protect your app's users and attempt to thwart reverse engineers and attackers. BUT, this isn't guaranteed to stop your app from getting pirated. There is no such thing as 100% security, and a determined and skilled attacker with enough time, could remove these checks from the code. The real... -
17
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible... -
18
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
StrongKey CryptoEngine (SKCE) 2.0 is a "crypto Swiss Army knife" server to perform cryptographic functions through web services, while freeing application developers to focus on business functionality. Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services... -
19
StrongKey CryptoCabinet
FIDO-enabled, cloud file encryption with centralized key management.
StrongKey CryptoCabinet (SKCC) 2.0 is a FIDO-enabled (fidoalliance.org) web application built using Regulatory Compliant Cloud Computing (RC3) architecture (http://bit.ly/rc3infoq). It encrypts files/objects of any type or size, and stores the ciphertext either to public/private clouds—AWS, Azure, Eucalyptus—or local/network drives, while keeping cryptographic keys safe and secure OUTSIDE the cloud. CryptoCabinet leverages the StrongKey CryptoEngine (SKCE)—another FOSS on this site—to... -
20
JWT Spring Security Demo
A demo for using JWT (Json Web Token) with Spring Security
This is a demo for using JWT (JSON Web Token) with Spring Security and Spring Boot. I completely rewrote my first version. Now this solution is based on the code base from the JHipster Project. I tried to extract the minimal configuration and classes that are needed for JWT-Authentication and did some changes. -
21
ophcrack
A Windows password cracker based on rainbow tables
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. -
22
CrococryptFile
An encryption tool for creating file archives
CrococryptFile is a file encryption tool which creates encrypted archives of files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a... -
23
Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, bandwidth control, captive portal, VPN, firewall, and more. Visit http://untangle.com
-
24
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. ... -
25
nogotofail
An on-path blackbox network traffic security testing tool
nogotofail is a network security testing tool developed by Google to help developers and researchers identify weaknesses in TLS/SSL implementations and detect unencrypted traffic that could compromise sensitive data. The tool functions as an on-path man-in-the-middle (MiTM) testing system, allowing users to inspect and evaluate how applications and devices handle encrypted connections under real-world conditions. It can detect a wide range of vulnerabilities, including improper SSL...
