Search Results for "top"
Sort By:
Showing 64 open source projects for "top"
View related business solutions-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
Secure File Transfer for Windows with Cerberus by RedwoodCerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
-
1
ntopng
Web-based Traffic and Security Network Traffic Monitoring
ntopng® is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and is now revamped in terms of performance, usability, and features. ntopng is a network traffic probe that provides 360° Network visibility, with its ability to gather traffic information from traffic mirrors, NetFlow exporters, SNMP devices, Firewall logs, and Intrusion Detection systems. ntopng has been written in a portable way in order to... -
2
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
...Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
3
sbctl
Secure Boot key manager
sbctl intends to be a user-friendly secure boot key manager capable of setting up secure boot, offering key management capabilities, and keeping track of files that need to be signed in the boot chain. It is written top-to-bottom in Golang using go-uefi for the API layer and doesn't rely on existing secure boot tooling. It also tries to sport some integration testing towards tianocore utilizing vmtest. -
4
Rundeck
Enable self-service operations, give specific users access
Rundeck is an open-source automation service with a web console, command line tools and a WebAPI. It lets you easily run automation tasks across a set of nodes. There are several top-level targets for a full Rundeck build, but there are also ways to only build the lower-level components during development or testing. Rundeck is the leading runbook automation platform. Delegate self-service automation to operate faster and eliminate toil. Rundeck is the open source core of Rundeck products. It's great for small teams and getting started with runbook automation. ... -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
6
uBlacklist
Blocks specific sites from appearing in Google search results
...If so, first click the puzzle piece icon. To see and edit blocked sites, open the options page. It can be accessed from the toolbar icon. Blocked sites are displayed on the top of the options page. After editing them, don't forget to press the "Save" button. -
7
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. ... -
8
privacy.sexy
Open-source tool to enforce privacy & security best-practices
Enforce privacy & security best practices on Windows, macOS, and Linux, because privacy is sexy. Regularly applying your configuration with privacy.sexy is recommended, especially after each new release and major operating system updates. Each version updates scripts to enhance stability, privacy, and security. -
9
Laravel Passport
Laravel Passport provides OAuth2 server support to Laravel
Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs to support OAuth2, then you should use Laravel Passport. However, if you are attempting to authenticate a single-page application, or mobile application, or issue API tokens, you should use Laravel Sanctum. ... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. ... -
11
GopenPGP V3
A high-level OpenPGP library
...This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when working directly with OpenPGP implementations. Built on top of a forked version of the Go crypto library, gopenpgp supports current OpenPGP RFC standards and includes examples for working with password-based encryption and PGP keys, as well as detached and inline signatures. Because it’s designed for broad use, the library also targets go-mobile compatibility, meaning it can support mobile app use cases alongside server and desktop tooling. -
12
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
...If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high-performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite. -
13
cert-manager
Automatic TLS certificate manager for Kubernetes
Automate certificate management in cloud native environments. Cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide 'certificates as a service' to developers working within your Kubernetes cluster. upport for popular CA types. Out of the box, cert-manager supports ACME (i.e. Let's Encrypt), HashiCorp Vault, Venafi, self signed and internal CA issuer types. cert-manager is Kubernetes native, and as such, it natively targets Kubernetes and OpenShift. ... -
14
Apiato
PHP Framework for building scalable API's on top of Laravel
The open-source flawless framework for building scalable and testable API-Centric Apps with PHP and Laravel. Authentication with OAuth2.0 for first/third-party clients (using Laravel Passport). Role-Based Access Control (RBAC), seeded with a Super Admin, Roles, and Permissions. Query Parameters support (orderBy, sorted, and filter) with full-text search. Useful Endpoints for managing users, roles/permissions, tokens, and more. API Documentations generator, to generate API docs from PHP... -
15
Ente
End-to-end encrypted cloud for photos, videos and 2FA secrets
...Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente Photos (an alternative to Apple and Google Photos) and Ente Auth (a 2FA alternative to the deprecated Authy). This monorepo contains all our source code - the client apps (iOS / Android / F-Droid / Web / Linux / macOS / Windows) for both the products (and more planned future ones!)... -
16
OAuthLib
A generic, spec-compliant, thorough implementation of the OAuth
...Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort. -
17
CTFd
CTFs as you need them
...Have users play on their own or form teams to play together. Scoreboard with automatic tie resolution. Hide Scores from the public. Freeze Scores at a specific time. Scoregraphs comparing the top 10 teams and team progress graphs. Markdown content management system. SMTP + Mailgun email support. Email confirmation support. Forgot password support. -
18
dex
OpenID Connect (OIDC) identity and OAuth 2.0 provider
Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex acts as a portal to other identity providers through “connectors.” This lets Dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to Dex, then Dex handles the protocols for a given backend. Dex acts as a portal to other identity providers through "connectors."... -
19
OWASP Juice Shop
Probably the most modern and sophisticated insecure web application
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! Juice Shop is written in Node.js, Express and Angular. It was the first application written entirely in JavaScript listed in the OWASP VWA Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. ... -
20
Pen Possible
scans a given textual string in 146 pen on paper possible combinations
Application scans a given textual string in 146 pen on paper possible combinations- horizontal, vertical, diagonal, reverse, join top, join bottom, groups(2/3/4..), edges & in quadrant dimensions of your choice -
21
Network Enumeration Tool
Network Enumeration Tool for Host Exploration and Recon
N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. N-ETHER functions as an intelligent, opinionated wrapper around the powerful nmap tool, bundling best-practice scanning... -
22
pH7 Social Dating CMS (pH7Builder)❤️
🚀 Professional Social Dating Web App Builder (formerly pH7CMS)
pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script... -
23
RufasSlider
Klotsky class block slider puzzles.
...And now these puzzle families come with AutoSolvers to help you. The Klotski family uses rectangles of 4 sizes: 1x1, 2x2, 1x2, 2x1. The objective in each game is stated near the window top, but usually involves moving a large block to a specified location within the window. The DirtyDozen family is similar except there are L-shaped puzzle pieces. The Traffic-Rush family uses data, with 2x1, 1x2, 3x1, 1x3 rectangles. Here, the long rectangles represent cars or trucks that can only move [roll] lengthwise...the goal being to move the red car toward the shaded "exit door". ... -
24
RandomPass
A random password generator that is highly customizable.
RandomPass by LuciaSoft is a random password generator that is highly customizable. You can generate passwords of fixed or random length, given a minimum and maximum length. You can control the types of characters and the propensity of each type of character. All crucial information that is used to generate passwords can be hidden from view. The newly generated passwords can be manually or automatically copied to the clipboard. -
25
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. ...
