Search Results for "security"
Sort By:
Showing 136 open source projects for "security"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
-
Zendesk: The Complete Customer Service SolutionEquip your agents with powerful AI tools and workflows that boost efficiency and elevate customer experiences across every channel.
-
1
hydra
Cloud native, security-first, API security for your infrastructure
Secure access to your applications and APIs, and authenticate third party users. Ory / Hydra is Open Source and OpenID Connect Certified® technology that integrates with any login system. Get started in minutes, and provide secure access to your application and API endpoints. Ory / Hydra works with any login system and only a few lines of code are required. Ory / Hydra is written in Go and we provide SDKs for every language. We work with any login system and it is easy to customize the login... -
2
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
3
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
4
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. ... -
Network Management Software and Tools for Businesses and Organizations | Auvik NetworksReduce IT headaches and save time with a proven solution for automated network discovery, documentation, and performance monitoring. Choose Auvik because you'll see value in minutes, and stay with us to improve your IT for years to come.
-
5
KubeArmor
Runtime Security Enforcement System
KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. -
6
OWASP Amass
In-depth attack surface mapping and asset discovery
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security. ... -
7
nuclei
Fast and customizable vulnerability scanner based on simple YAML
...Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. Nuclei has built-in support for automatic template download/update as default since version v2.5.2. Nuclei-Templates project provides a community-contributed list of ready-to-use templates that is constantly updated. ... -
8
Tetragon
eBPF-based Security Observability and Runtime Enforcement
Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF, allowing for reduced observation overhead, tracking of any process, and real-time enforcement of policies. Observe the complete lifecycle of every process on your machine with Kubernetes context awareness. Translate high-level policies for file monitoring, network observability, container security, and more into low-overhead eBPF programs. ... -
9
Stacklok Minder
Software Supply Chain Security Platform
Minder by Stacklok is an open source platform that helps development teams and open source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain and attest their security practices to downstream consumers. Minder allows users to enroll repositories and define policies to ensure repositories and artifacts are configured consistently and securely. Policies can be set to alert only or autoremediate. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic... -
11
fleet
Open-source platform for IT, security, and infrastructure teams
Fleet exposes familiar concepts from traditional MDMs like custom attributes and dynamic grouping, but in a way that lets you work directly with data and events from each native operating system. A device management platform for managing and monitoring endpoints, specifically designed for IT security and compliance teams. -
12
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution... -
13
Tracee
Linux Runtime Security and Forensics using eBPF
Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
14
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it. -
15
Lantern
Tool to access videos, messaging, and other popular apps
...Lantern does not cooperate with any law enforcement in any country. Lantern encrypts all of your traffic to blocked sites and services to protect your data and privacy. Lantern passed multiple third party white box security audits to ensure security of our code. Lantern is easy to use, just download and install to start streaming, browsing and using apps, no configuration required. No installation, no registration, no registration, no configuration, just click and go! All you have to do is install it and hit the POWER button! Don't wait forever for your applications to load or the website to appear in your browser. ... -
16
Proxify
A versatile and portable proxy for capturing HTTP/HTTPS traffic
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into BurpSuite or any other proxy by simply setting the upstream proxy to proxify. -
17
gopass
The slightly more awesome standard unix password manager for teams
gopass is a simple but powerful password manager for your terminal. Manage your credentials with ease. In a globally distributed team, on multiple devices or fully offline on an air-gapped machine. By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can... -
18
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ... -
19
Authelia
The Single Sign-On Multi-Factor portal for web apps
Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies. With a compressed container size smaller than 20 megabytes and observed memory usage normally under 30 megabytes, it's one of the most lightweight solutions available. Written in Go and React, authorization policies and many other backend tasks are completed in mere milliseconds and login portal loading times of 100 milliseconds makes it one of the fastest solutions available. ... -
20
Vault
Tool for secrets management and encryption as a service
...Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. The shift from static, on-premise infrastructure to dynamic, multi-provider infrastructure changes the approach to security. Security in static infrastructure relies on dedicated servers, static IP addresses, and a clear network perimeter. Security in dynamic infrastructure is defined by ephemeral applications and servers, trusted sources of user and application identity, and software-based encryption. Datacenters with inherently high-trust networks with clear network perimeters. ... -
21
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. -
22
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. Find vulnerabilities for language-specific packages. You can also choose another destination directory and release version for the installation.... -
23
Portmaster
Block Mass Surveillance
Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block... -
24
BoringSSL
Mirror of BoringSSL
...The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. -
25
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you...