Showing 81 open source projects for "rules"

View related business solutions
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 1
    Alerta

    Alerta

    Alerta monitoring system

    Email was not designed to be used as an alert console. It is not a scalable solution when it comes to monitoring and alert visualization. A minimal installation of Alerta can be deployed quickly and easily as monitoring requirements and confidence grow. There are integrations available with Prometheus, Riemann, Nagios, Zabbix, netdata, Sensu, Pingdom and Cloudwatch. Integrating bespoke systems is easy using the API or command-line tool. Alerts are submitted in JSON format to an HTTP API....
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    go-mitmproxy

    go-mitmproxy

    mitmproxy implemented with golang

    go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 3
    Cerbos

    Cerbos

    Cerbos is the open core, language-agnostic authorization solution

    Cerbos is an authorization layer that evolves with your product. It enables you to define powerful, context-aware access control rules for your application resources in simple, intuitive YAML policies; managed and deployed via your Git-ops infrastructure. It provides highly available APIs to make simple requests to evaluate policies and make dynamic access decisions for your application. Decouple authorization management from your core code using the stateless Cerbos solution. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    shadowsocks-libev

    shadowsocks-libev

    Bug-fix-only libev port of shadowsocks

    ...You can configure your Linux-based box or router to proxy all TCP traffic transparently, which is handy if you use an OpenWRT-powered router. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend setting up your server's firewall rules to limit connections from each user. We strongly encourage you to install shadowsocks-libev from jessie-backports-sloppy.
    Downloads: 4 This Week
    Last Update:
    See Project
  • Cut Data Warehouse Costs by 54% Icon
    Cut Data Warehouse Costs by 54%

    Easily migrate from Snowflake, Redshift, or Databricks with free tools.

    BigQuery delivers 54% lower TCO with exabyte scale and flexible pricing. Free migration tools handle the SQL translation automatically.
    Try Free
  • 5
    IdentityServer

    IdentityServer

    The most flexible and standards-compliant OpenID Connect and OAuth 2

    ...IdentityServer gives you full control over your UI, UX, business logic, and data. In IdentityServer, customizing your workflows is not an afterthought. Our APIs and extensibility points allow adapting to your workflows and business rules without having to find complicated workarounds. You can choose whichever UI framework or technology suits you best to integrate with our token engine. We believe that C# is the best DSL, don't bother with trying to express your logic in YAML, XML, or other "languages". In short, if what you want to achieve is doable in .NET Core, it is doable with IdentityServer. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    Claude Code Security Reviewer

    Claude Code Security Reviewer

    An AI-powered security review GitHub Action using Claude

    ...It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). The tool is language-agnostic (it doesn’t need language-specific parsers), uses contextual understanding rather than simplistic rules, and aims to reduce noise with smarter filtering.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    kube-score

    kube-score

    Kubernetes object analysis with recommendations

    ...The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. Deployments and StatefulSets should have a PodDisruptionPolicy. Deployments and StatefulSets should have host PodAntiAffinity configured. For container probes, a readiness should be configured, and should not be identical to the liveness probe. Read more in README_PROBES.md. Container securityContext, run as a high number user/group, do not run as root or with privileged root fs. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    ClashX

    ClashX

    Rule-based proxy utility for macOS with intuitive menu bar interface

    ...KEY FEATURES: • HTTP/HTTPS and SOCKS5 proxy protocol support • VMess, Shadowsocks, Trojan, VLESS protocol support • Surge-compatible configuration format • GeoIP-based routing rules • TUN mode for system-wide proxying • URL Scheme support for quick config import • Universal binary — native support for both Intel and Apple Silicon Macs • Lightweight menu bar app with minimal resource usage • macOS 10.14 (Mojave) through macOS 15 (Sequoia) compatibility INSTALLATION: Download the latest .dmg from the Files section, or install via Homebrew: brew tap clashx-pro/clashx && brew install --cask clashx RESOURCES: • Official Website: https://clashx.tech • Documentation & Tutorial: https://clashx.tech/tutorial
    Leader badge
    Downloads: 38 This Week
    Last Update:
    See Project
  • 9
    GoldBug - Encrypted Communications

    GoldBug - Encrypted Communications

    Chat Messenger. E-Mail-Client. Websearch. Filetransfer.

    GoldBug is a decentralized & secure communication suite that offers an integrated e-mail client, an instant messenger & a file transfer. Also included is an URL-RSS-DB & a p2p web search. Current vers. w/ McEliece Algorithm. GoldBug has been 2013 - 2023 ten years just another Graphical User Interface of the Spot-On Encryption Suite. Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ●...
    Leader badge
    Downloads: 99 This Week
    Last Update:
    See Project
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • 10
    PoshC2

    PoshC2

    C2 framework used to aid red teamers with post-exploitation

    ...These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. Shellcode containing in-build AMSI bypass and ETW patching for a high success rate and stealth. Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good operational security. Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11

    Secure Protocol Format

    Generic binary protocol library that prevents injection attacks

    ...Guaranteeing equivalence in data interpretation, known as operational congruity, is achieved by separating fields of data on the basis of their length. When the length of the data is known, there is no risk of misinterpreting it on the basis of spaces or text delimiters. The Distinguished Encoding Rules, or DER, of the ASN.1 standard follows this approach but includes numerous constraints and, more importantly, demands that data fields to be described using binary metadata rather than text. The Secure Protocol Format, or SPF, was created as a simplified version of DER. In addition to delimiting data by length, it also affords programmers the ability to use text for describing data, just like tags are used in HTML and XML. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 12
    teler

    teler

    Real-time HTTP Intrusion Detection

    teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. teler provides alerting when a threat is detected, push notifications...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    Cherrybomb

    Cherrybomb

    Cherrybomb is a CLI tool that helps you avoid undefined user behaviour

    ...Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities. If any problems are found, Cherrybomb gives you a detailed report with the exact location of the problem so you can fix it easily. With a configuration file, you can easily edit, view, Cherrybomb's options. The config file allows you to set the running profile, location of the oas file, the verbosity and ignore the TLS error. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    KubiScan

    KubiScan

    A tool to scan Kubernetes cluster for risky permissions

    A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods,...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    Good Man in the Middle

    Good Man in the Middle

    Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP

    Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    CanCanCan

    CanCanCan

    The authorization Gem for Ruby on Rails

    ...All permissions can be defined in one or multiple ability files and not duplicated across controllers, views, and database queries, keeping your permissions logic in one place for easy maintenance and testing. Authorizations library that allows you to define the rules to access different objects, and provides helpers to check for those permissions. Rails helpers to simplify the code in Rails Controllers by performing the loading and checking of permissions of models automatically and reduce duplicated code. The current user's permissions can then be checked using the can? and cannot? methods in views and controllers. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17
    Adldap2

    Adldap2

    LDAP Authentication & Management for Laravel

    Adldap2-Laravel is an extension to the core Adldap2 package. Using the built-in authentication driver, easily allow LDAP users to log into your application and control which users can login via Scopes and Rules. Users can be imported into your database upon first login, or you can import your entire directory via a simple command: php artisan adldap:import. Search for LDAP records with a fluent and easy-to-use interface you're used to. You'll feel right at home. LDAP records are returned as individual models. Easily create and update models then persist them to your LDAP server with a simple save().
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    Shield GraphQL

    Shield GraphQL

    A GraphQL tool to ease the creation of permission layer

    ...This way you can make sure your application will remain quick, and no internal data will be exposed. Implement your server permissions in a clear and deterministic way and let it guard access to your schema. Shield lets you create a handful of rules and compose them into meaningful structures using logical operators. To prevent recalculation of rules, every rule caches its result based on selected caching mechanism and speeds up query execution. Shield generates a type-map from your schema to make sure you have assigned your rules to the right places.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    HiddenWall

    HiddenWall

    hidden firewall, custom firewall in kernel

    HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall).
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    Drive Badger

    Drive Badger

    Open source platform for covert data exfiltration operations.

    Drive Badger is a software tool for data exfiltration – which means, for copying data from the computer to external USB drive. Unlike many other tools from IT security area, it's not a Proof-of-Concept kind of tool, bringing some groundbreaking techniques. Everything, what Drive Badger does, can be as well run manually, step by step. Instead, what Drive Badger really does, is doing it all better, by putting the maximum focus on:
    Downloads: 2 This Week
    Last Update:
    See Project
  • 21
    OpenWAF

    OpenWAF

    Web security protection system based on openresty

    ...The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information. Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    Hush

    Hush

    Noiseless browsing, content blocker for Safari

    ...Forever. No in-app purchases, no-nonsense. However, any help towards covering the yearly Apple Developer fee is greatly appreciated. The app is primarily a host of rules that integrates with Safari in a native, lightweight way, making the blocking efficient and fast. It's as easy as downloading the app and enabling it in Safari settings ⭢ Content Blockers. No configuration or maintenance needed. The source code is available on GitHub under the permissive MIT license. Hush is written in Apple's latest programming paradigm Swift UI and has native support for M1 processors. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 23
    Naxsi

    Naxsi

    Open-source, high performance, low rules maintenance WAF for NGINX

    ...In short, Naxsi behaves like a DROP-by-default firewall, the only task is to add required ACCEPT rules for the target website to work properly.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    Phishing Catcher

    Phishing Catcher

    Real-time phishing domain detection via Certificate Transparency logs

    phishing_catcher is a security monitoring tool designed to detect potential phishing domains in near real time by analyzing TLS certificate issuance events. It listens to Certificate Transparency (CT) logs through the CertStream API and evaluates newly issued certificates as they appear. Each certificate often contains one or more domain names, which the tool analyzes to determine whether they resemble suspicious or phishing-related domains. phishing_catcher applies a configurable scoring...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 25
    sWAF

    sWAF

    A simple Web Application Firewall docker image

    sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. Too much time security is left on the background, or only by using some basic - but not sufficient - options and applications are front-faced to the big bad Internet.
    Downloads: 0 This Week
    Last Update:
    See Project
Auth0 Logo