Search Results for "xray-core"
Sort By:
Showing 80 open source projects for "xray-core"
View related business solutions-
Retool your internal operationsBuild internal software that meets enterprise security standards without waiting on engineering resources. Retool connects to your databases, APIs, and data sources while maintaining the permissions and controls you need. Create custom dashboards, admin tools, and workflows from natural language prompts—all deployed in your cloud with security baked in. Stop duct-taping operations together, start building in Retool.
-
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
1
XRAY
XRay for recon, mapping and OSINT gathering from public networks
...Rather than being a “one-size-fits-all” black box scanner, XRAY encourages interactive exploration and integrates with other tooling. -
2
Namecoin Core
Namecoin full node + wallet based on the current Bitcoin Core codebase
Namecoin Core is the reference implementation of Namecoin, a decentralized naming system based on the Bitcoin protocol. It allows users to register and manage domain names and identities on a blockchain, aiming to provide censorship-resistant and secure alternatives to traditional DNS systems. -
3
Bitwarden Server
The core infrastructure backend of Bitwarden
Bitwarden Server is an open source project that contains all of the core infrastructure backend of all Bitwarden client applications. This includes APIs, database, Docker and other infrastructure items. Bitwarden is an open source password management solution that stores sensitive information in an encrypted vault. This project is written in C# using .NET Core with ASP.NET Core, while the database is written in T-SQL/SQL Server. -
4
WPScan
WPScan WordPress security scanner
WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators. -
Outgrown Windows Task Scheduler?Windows Task Scheduler wasn't built for complex, cross-platform automation. Get a free diagnostic that shows exactly where things are failing and provides remediation recommendations. Interactive HTML report delivered in minutes.
-
5
Rundeck
Enable self-service operations, give specific users access
...There are several top-level targets for a full Rundeck build, but there are also ways to only build the lower-level components during development or testing. Rundeck is the leading runbook automation platform. Delegate self-service automation to operate faster and eliminate toil. Rundeck is the open source core of Rundeck products. It's great for small teams and getting started with runbook automation. Interact with fellow Community members, ask product questions, make feature requests, and get swag! -
6
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
7
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web... -
8
IdentityServer
The most flexible and standards-compliant OpenID Connect and OAuth 2
...We believe that C# is the best DSL, don't bother with trying to express your logic in YAML, XML, or other "languages". In short, if what you want to achieve is doable in .NET Core, it is doable with IdentityServer. You are not forced onto a specific hosting environment or other peoples' servers, you are not forced to use a specific database or geographical region. -
9
Open-Source auth provider
Open source alternative to Auth0 / Firebase Auth, etc.
...Frontend SDK: Manages session tokens and renders login UI widgets. Backend SDK: Provides APIs for sign-up, sign-in, signout, session refreshing etc. Your Frontend will talk to these APIs. SuperTokens Core: The HTTP service for the core auth logic and database operations. This service is used by the Backend SDK. -
Grafana: The open and composable observability platformGrafana is the open source analytics & monitoring solution for every database.
-
10
Cerbos
Cerbos is the open core, language-agnostic authorization solution
...It provides highly available APIs to make simple requests to evaluate policies and make dynamic access decisions for your application. Decouple authorization management from your core code using the stateless Cerbos solution. Focus on delivering exceptional products, not maintaining the authorization infrastructure. Context-aware role definitions and attribute-based access control. Implement adaptable, granular security policies that exceed standard role-based access control. -
11
CASL
CASL is an isomorphic authorization JavaScript library
CASL is an isomorphic authorization JavaScript library that restricts what resources a given user is allowed to access. It's designed to be incrementally adoptable and can easily scale between a simple claim-based and fully featured subject and attribute-based authorization. It makes it easy to manage and share permissions across UI components, API services, and database queries. -
12
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
...It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. The module exposes directives for enabling audit logging, anomaly scoring, request body buffering limits, and performance tuning to fit high-traffic deployments. Because it’s a native NGINX module, it benefits from NGINX’s event-driven architecture and can be compiled as a dynamic module for flexible packaging. ... -
13
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
...Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
14
aws-encryption-sdk
AWS Encryption SDK
...Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. -
15
AWS Encryption SDK for Java
AWS Encryption SDK
...Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. By default, the AWS Encryption SDK generates a unique data key for each data object that it encrypts. -
16
InterceptSuite
A TLS MITM proxy for Non-HTTP traffic, with support for TLS upgrades
InterceptSuite is a cross‑platform, SOCKS5‑based MITM proxy specially designed to intercept, inspect, analyze, and manipulate encrypted network traffic at the TCP/TLS layer. It goes beyond HTTP‑focused tools like Burp Suite and ZAP by providing universal TLS interception—including STARTTLS and non‑HTTP protocols—offering deep visibility and control for security testing and debugging. InterceptSuite bridges this gap by providing a universal TLS interception engine that works with any... -
17
ngx_waf
Handy, High performance, ModSecurity compatible Nginx firewall module
...The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them automatically to avoid false positives. Supports three kinds of captchas: hCaptcha, reCAPTCHAv2 and reCAPTCHAv3. -
18
Awesome Privacy
A curated list of privacy & security-focused software and services
Awesome Privacy is a curated directory of privacy-respecting alternatives to mainstream apps and services, organized across many categories like browsers, search, email, messaging, cloud storage, and operating systems. It aims to help you choose tools that reduce tracking, fingerprinting, and data collection without sacrificing usability. Each entry highlights the project’s core properties—such as open source status, end-to-end encryption, and platform availability—so you can evaluate trade-offs quickly. Because product landscapes change fast, the list emphasizes ongoing maintenance and community discussion around quality and trust. It’s useful for privacy newcomers planning a gradual migration as well as experts building a hardened toolchain. ... -
19
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
...This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and hybrid. OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high-performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite. -
20
Guardian
Elixir Authentication
...It integrates with Plug but can be used outside of it. If you're implementing a TCP/UDP protocol directly or want to utilize your authentication via channels in Phoenix, Guardian can work for you. The core currency of authentication in Guardian is the token. By default JSON Web Tokens are supported out of the box but you can use any token that Has the concept of a key-value payload, is tamper-proof, can serialize to a String, or that has a supporting module that implements the Guardian.Token behavior. You can use Guardian tokens to authenticate web endpoints (Plug/Phoenix/X), channels/Sockets (Phoenix - optional), and any other system you can imagine. ... -
21
AWS Secrets Manager Python caching
Enables in-process caching of secrets for Python applications
...Follow the instructions to create an AWS account. To create a secret in AWS Secrets Manager, go to Creating Secrets and follow the instructions on that page. This library makes use of botocore, the low-level core functionality of the boto3 SDK. For more information on boto3 and botocore, please review the AWS SDK for Python and Botocore documentation. -
22
kcptun
A stable and secure tunnel based on KCP with N:M multiplexing and FEC
...Available for ARM, MIPS, 386 and AMD64. kcptun is shipped with builtin packet encryption powered by various block encryption algorithms and works in Cipher Feedback Mode, for each packet to be sent, the encryption process will start from encrypting a nonce from the system entropy, so encryption to same plaintexts never leads to a same ciphertexts thereafter. kcptun made use of ReedSolomon-Codes to recover lost packets, which requires massive amount of computation, a low-end ARM device cannot satisfy kcptun well. To unleash the full potential of kcptun, a multi-core x86 homeserver CPU like AMD Opteron is recommended. If you insist on running under some ARM routers, you'd better turn off FEC and use salsa20 as the encryption method. -
23
MemGuard
Secure software enclave for storage of sensitive information in memory
...Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. The effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps. Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation. -
24
Qtum
Qtum Core Wallet
Qtum is a decentralized blockchain project built on Bitcoin's UTXO model, with support for Ethereum Virtual Machine-based smart contracts, and secured by a proof of stake consensus model. It achieves this through the revolutionary Account Abstraction Layer which allows the EVM to communicate with Qtum's Bitcoin-like UTXO blockchain. Welcome to the Qtum Ignition Main Network. This is the main network where the tokens hold value and should be guarded very carefully. If you are testing the... -
25
Keybase client
Keybase Go library, client, service, OS X, iOS, Android, Electron
Keybase is secure messaging and file-sharing. We use public key cryptography to ensure your messages stay private. Even we can’t read your chats. Keybase works for families, roommates, clubs, and groups of friends, too. Keybase connects to public identities, too. You can connect with communities from Twitter, Reddit, and elsewhere. Don’t live dangerously when it comes to documents. Keybase can store your group’s photos, videos, and documents with end-to-end encryption. You can set a timer on...
