Search Results for "git:/git.code.sf.net/p/docfetcher/code" - Page 3
Sort By:
Showing 500 open source projects for "git:/git.code.sf.net/p/docfetcher/code"
View related business solutions-
Run applications fast and securely in a fully managed environmentRun frontend and backend services, batch jobs, deploy websites and applications, and queue processing workloads without the need to manage infrastructure.
-
Get full visibility and control over your tasks and projects with Wrike.Wrike offers world-class features that empower cross-functional, distributed, or growing teams take their projects from the initial request stage all the way to tracking work progress and reporting results.
-
1
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. ... -
2
Al-Khaser
Public malware techniques used in the wild: Virtual Machine, Emulation
al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these... -
3
apk-mitm
Application that automatically prepares Android APK files for HTTPS
Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious. -
4
privacy.sexy
Open-source tool to enforce privacy & security best-practices
Enforce privacy & security best practices on Windows, macOS, and Linux, because privacy is sexy. Regularly applying your configuration with privacy.sexy is recommended, especially after each new release and major operating system updates. Each version updates scripts to enhance stability, privacy, and security. -
Awardco Employee RecognitionEverything you love about Amazon is now available for rewards and recognition. Awardco has partnered with Amazon Business to bring millions of reward choices, lower vendor fees and dollar-for-dollar recognition spend to your organization. More choice, more capability, and less spend - all in one simple platform.
-
5
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for... -
6
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
7
Damn Vulnerable GraphQL Application
Vulnerable implementation of Facebook's GraphQL technology
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. A public Postman collection is also available to replay solutions to the challenges. DVGA supports Beginner and Expert level game modes, which will change the exploitation difficulty. -
8
Metabigor
Command-line OSINT and reconnaissance tool without API keys
Metabigor is a command-line intelligence and OSINT tool designed to perform reconnaissance and security research tasks without requiring API keys. It focuses on simplifying access to public intelligence sources so that researchers, penetration testers, and bug bounty hunters can gather information efficiently from a single interface. It enables users to discover IP ranges, domains, and infrastructure details related to organizations, domains, or autonomous systems. Metabigor integrates... -
9
Wemake Django Template
Bleeding edge django template focused on code quality and security
What this project is all about? The main idea of this project is to provide a fully configured template for django projects, where code quality, testing, documentation, security, and scalability are number one priorities. This template is a result of implementing our processes, it should not be considered as an independent part. When developing this template we had several goals in mind. Development environment should be bootstrapped easily, so we use docker-compose for that. -
Sage Intacct Cloud Accounting and Financial Management SoftwareDrive your organization forward with the right solution at the right price. AI-powered continuous accounting and ERP to support your growth now and into the future.
-
10
Laravel CSP
Set content security policy headers in a Laravel app
...Imagine one of your JavaScript dependencies sends all keystrokes, including passwords, to a third party website. It's very easy for someone to hide this malicious behaviour, making it nearly impossible for you to detect it (unless you manually read all the JavaScript code on your site). For a better idea of why you really need to set content security policy headers, read this excellent blog post by David Gilbertson. Setting Content Security Policy headers helps solve this problem. These headers dictate which sites your site is allowed to contact. This package makes it easy for you to set the right headers. -
11
novu
The open-source notification infrastructure
...A smart API to centralize all communication channels in a single place: E-mail, SMS, Direct, Push and many more. Manage content for all channels and in multiple languages without the need to redeploy your code. -
12
OpenPGP.js
OpenPGP implementation for JavaScript
This project aims to provide an Open Source OpenPGP library in JavaScript so it can be used on virtually every device. Instead of other implementations that are aimed at using native code, OpenPGP.js is meant to bypass this requirement (i.e. people will not have to install gpg on their machines in order to use the library). The idea is to implement all the needed OpenPGP functionality in a JavaScript library that can be reused in other projects that provide browser extensions or server applications. It should allow you to sign, encrypt, decrypt, and verify any kind of text, in particular e-mails, as well as managing keys. ... -
13
Casdoor
An open-source Identity and Access Management (IAM)
...Access to Casdoor is very convenient, please visit How to Connect to Casdoor for details. Casdoor also support sign up directly. By filling your Username, Display name, Password and Email, after your receive your Email code, you can sign up in Casdoor. -
14
Rack::Attack
Rack middleware for blocking & throttling
...Tackling each curious anomaly that threatens your site’s reliability saps developer productivity and happiness. Rack::Attack lets you throttle abusive requests with just a few lines of code. For the security of our users, we have a stricter throttle for login attempts. This makes it very time consuming for attackers to guess users’ passwords. We also use the IPCat ruby library to detect requests from well-known datacenters. Rack::Attack can also track requests without blocking them. We rely on Rack::Attack to let developers quickly track and throttle requests. ... -
15
BoringSSL
Mirror of BoringSSL
...Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL. -
16
coroot
Open-source observability for microservices
...Analyze any unexpected spike in CPU or memory usage down to the precise line of code. Don't make assumptions, know exactly what the resources were spent on. Easily investigate any anomaly by comparing it to the system's baseline behavior. -
17
Apisauce
Axios + standardized errors + request/response transforms
...The promise is always resolved with a response object. Even if there was a problem with the request! This is one of the goals of this library. It ensures sane calling code without having to handle .catch and has 2 separate flows. -
18
Nano ID
A secure, URL-friendly, unique string ID generator for JavaScript
Nano ID is a library for generating random IDs. Likewise UUID, there is a probability of duplicate IDs. However, this probability is extremely small. Meanwhile, a lot of projects generate IDs in small numbers. For those projects, the ID length could be reduced without risk. This calculator aims to help you realize the extent to which the ID length can be reduced. Instead of using the unsafe Math.random(), Nano ID uses the crypto module in Node.js and the Web Crypto API in browsers. These... -
19
Laravel Passport
Laravel Passport provides OAuth2 server support to Laravel
Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs... -
20
PHP OAuth 2.0 Server
A spec compliant, secure by default
league/oauth2-server is a standards compliant implementation of an OAuth 2.0 authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them. The latest version of this package supports PHP 7.2, PHP 7.3, PHP 7.4, PHP 8.0. The openssl and json extensions are also required. All HTTP messages passed to the server should be PSR-7... -
21
fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go
...This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, and hybrid. OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high-performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite. -
22
testssl.sh
Testing TLS/SSL encryption anywhere on any port
...Several command line options help you to run your test and configure your output. If a particular check cannot be performed because of a missing capability on your client side, you'll get a warning. You can look at the code, see what's going on and you can change it. -
23
shadowsocks-libev
Bug-fix-only libev port of shadowsocks
Shadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. Shadowsocks-libev is written in pure C and depends on libev. It's designed to be a lightweight implementation of shadowsocks protocol, in order to keep the resource usage as low as possible. Snap is the recommended way to install the latest binaries. You can build shadowsocks-libev and all its dependencies by script. The latest shadowsocks-libev has provided a redir mode. You can configure your... -
24
Keybase client
Keybase Go library, client, service, OS X, iOS, Android, Electron
Keybase is secure messaging and file-sharing. We use public key cryptography to ensure your messages stay private. Even we can’t read your chats. Keybase works for families, roommates, clubs, and groups of friends, too. Keybase connects to public identities, too. You can connect with communities from Twitter, Reddit, and elsewhere. Don’t live dangerously when it comes to documents. Keybase can store your group’s photos, videos, and documents with end-to-end encryption. You can set a timer on... -
25
AmazonMSK AWS Identity Access Management
Use AWS Identity and (IAM) to connect to Amazon Managed Streaming
...This library provides a new Simple Authentication and Security Layer (SASL) mechanism called AWS_MSK_IAM. This new SASL mechanism can be used by Kafka clients to authenticate against Amazon MSK clusters using AWS IAM. After you've downloaded the code from GitHub, you can build it using Gradle. An uber jar containing the library and all its relocated dependencies except the kafka client and slf4j-api can also be built. At runtime, the uber jar expects to find the kafka client library and the sl4j-api library on the classpath.
