Search Results for "api" - Page 4
Sort By:
Showing 549 open source projects for "api"
View related business solutions-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Clair
Vulnerability Static Analysis for Containers
...Please use releases instead of the main branch in order to get stable binaries. Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent. -
2
Findomain
Fast open source tool for discovering and monitoring domain subdomains
Findomain is an open source reconnaissance tool designed to discover and enumerate subdomains associated with a target domain. It focuses on speed and reliability by using Certificate Transparency logs and multiple well tested public APIs instead of relying solely on brute force scanning techniques. By querying multiple passive data sources in parallel, the tool can identify a large number of subdomains within a short time, making it useful for security researchers, penetration testers, and... -
3
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. ... -
4
Payloads All The Things
A list of useful payloads and bypass for Web Application Security
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
...Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. By automating complex recon tasks and combining outputs from many tools, it helps researchers quickly identify potential attacks. -
6
InterceptSuite
A TLS MITM proxy for Non-HTTP traffic, with support for TLS upgrades
InterceptSuite is a cross‑platform, SOCKS5‑based MITM proxy specially designed to intercept, inspect, analyze, and manipulate encrypted network traffic at the TCP/TLS layer. It goes beyond HTTP‑focused tools like Burp Suite and ZAP by providing universal TLS interception—including STARTTLS and non‑HTTP protocols—offering deep visibility and control for security testing and debugging. InterceptSuite bridges this gap by providing a universal TLS interception engine that works with any... -
7
AWS IAM Authenticator for Kubernetes
Tool to use AWS IAM credentials to authenticate to Kubernetes clusters
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using... -
8
Casbin
An authorization library that supports access control models
...Currently, dozens of databases are supported, from MySQL, Postgres, Oracle to MongoDB, Redis, Cassandra, AWS S3. Check the full supported list at: adapters. Casbin is implemented in Golang, Java, PHP and Node.js. All implementations share the same API and behaviors. You can learn Casbin once and use it everywhere. In Casbin, the policy storage is implemented as an adapter(aka middleware for Casbin). -
9
Laravel Fortify
Backend controllers and scaffolding for Laravel authentication
Laravel Fortify is a frontend agnostic authentication backend implementation for Laravel. Fortify registers the routes and controllers needed to implement all of Laravel's authentication features, including login, registration, password reset, email verification, and more. You are not required to use Fortify in order to use Laravel's authentication features. You are always free to manually interact with Laravel's authentication services by following the documentation available in the... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
Hemmelig
Keep your sensitive information out of chat logs, emails, and more
Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. -
11
OpenZeppelin Contracts
OpenZeppelin Contracts is a library for secure smart contracts
A library for secure smart contract development. Build on a solid foundation of community-vetted code. OpenZeppelin Contracts uses semantic versioning to communicate backward compatibility of its API and storage layout. To keep your system secure, you should always use the installed code as-is, and neither copy-paste it from online sources nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs. Reduce the risk of vulnerabilities in your applications by using standard, tested, community-reviewed code. -
12
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
13
React Native Auth0
React Native toolkit for Auth0 API
With a few lines of code, you can have Auth0 integrated into any app written in any language, and any framework. We provide 30+ SDKs & Quickstarts to help you succeed in your implementation. Enable user collaboration and granular access control in your applications with easy-to-use APIs. From improving customer experience through seamless sign-on to making MFA as easy as a click of a button, your login box must find the right balance between user convenience, privacy and security. That’s why... -
14
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful, and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and... -
15
Ory Kratos
Next-gen identity server with Ory-hardened authentication
Headless and configurable authentication and user management, including MFA, social login, custom identities and more. Ory Kratos is a fully featured user management system built for the cloud. Control every aspect with a headless API. Ory Kratos comes with support for a wide range of 2FA protocols such as TOTP, FIDO2 & WebAuthn, works with any UI framework, and only a few lines of code are required to get it up and running. Configurable login and registration flows, multi-factor authentication, custom identity models, and bring your own UI. Ory Kratos is open-source and grows more powerful with every pull-request. ... -
16
PHP-Casbin
An authorization library that supports access control models
...Currently, dozens of databases are supported, from MySQL, Postgres, Oracle to MongoDB, Redis, Cassandra, AWS S3. Check the full supported list at: adapters. Casbin is implemented in Golang, Java, PHP and Node.js. All implementations share the same API and behaviors. You can learn Casbin once and use it everywhere. -
17
Guardian
Elixir Authentication
Guardian is a token based authentication library for use with Elixir applications. Guardian remains a functional system. It integrates with Plug but can be used outside of it. If you're implementing a TCP/UDP protocol directly or want to utilize your authentication via channels in Phoenix, Guardian can work for you. The core currency of authentication in Guardian is the token. By default JSON Web Tokens are supported out of the box but you can use any token that Has the concept of a... -
18
Apisauce
Axios + standardized errors + request/response transforms
...Responses have a problem property to help guide exception flow, attach functions that get called each request, attach functions that change all request or response data. Detects connection issues (on React Native). The only required property is baseURL and it should be the starting point for your API. It can contain a sub-path and a port as well. The responses are promise-based, so you'll need to handle things in a .then() function. The promise is always resolved with a response object. Even if there was a problem with the request! This is one of the goals of this library. It ensures sane calling code without having to handle .catch and has 2 separate flows. -
19
GRR
GRR Rapid Response, remote live forensics for incident response
...“Work” means running a specific action, downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers, fleetspeak) and provides a web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data. -
20
Respect\Validation
The most awesome validation engine ever created for PHP
For certain types you can't make comparisons out of the box in PHP but Validation brings support to a few of them. You can also create and use your own rules. To do this, you will need to create a rule and an exception to go with the rule. Each rule must have an Exception to go with it. Exceptions should be named with the name of the rule followed by the word Exception. The process of creating an Exception is similar to creating a rule but there are no methods in the Exception class. On... -
21
uncover
Discover exposed internet hosts using multiple search engine APIs
Uncover is an open source reconnaissance tool designed to quickly discover exposed hosts on the internet by querying multiple search engine APIs through a unified interface. It acts as a Go-based wrapper around well-known internet intelligence platforms, allowing users to gather information about publicly accessible systems from a single command-line tool. By integrating with services such as Shodan, Censys, FOFA, ZoomEye, and others, the tool enables security professionals to efficiently... -
22
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
Kubernetes Network Policy Recipes is a practical, example-driven repository offering ready-to-use Kubernetes NetworkPolicy manifests and patterns for real application networking scenarios. Rather than just listing theoretical API specs, it groups recipes that implement common intent-based policies — such as isolating namespaces, restricting cross-pod traffic, enabling ingress from specific services, and locking down egress to only necessary endpoints — so users can pick and apply what they need. These recipes help secure Kubernetes clusters by ensuring that pods communicate only with allowed peers, reduce attack surfaces, and enforce least-privilege connectivity at the network layer. ... -
23
MemGuard
Secure software enclave for storage of sensitive information in memory
This package attempts to reduce the likelihood of sensitive data being exposed when in memory. It aims to support all major operating systems and is written in pure Go. Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store... -
24
node-rate-limiter-flexible
Count and limit requests by key with atomic increments
...Combine limiters, block key for some duration, delay actions, manage failover with insurance options, configure smart key blocking in memory and many others. Average request takes 0.7ms in Cluster and 2.5ms in a Distributed application. See benchmarks. It provides a unified API for all limiters. Whenever your application grows, it is ready. Prepare your limiters in minutes. No matter which node package you prefer: redis or ioredis, sequelize/typeorm or knex, memcached, native driver or mongoose. It works with all of them. -
25
gorush
A push notification server written in Go (Golang)
A push notification micro server using Gin framework written in Go (Golang) and see the demo app. Support graceful shutdown that workers and queue have been sent to APNs/FCM before shutdown service. Support different Queue as backend like NSQ or NATS, defaut engine is local Channel. You can deploy gorush to alternative solution like netlify functions. Netlify lets you deploy serverless Lambda functions without an AWS account, and with function management handled directly within Netlify....
