35 مستودعات
Managed platforms for handling user identity, sessions, and login flows.
Distinguishing note: Focuses on managed identity services rather than implementing custom authentication logic.
Explore 35 awesome GitHub repositories matching security & cryptography · Authentication Services. Refine with filters or upvote what's useful.
Rocket.Chat is a self-hosted communication platform designed for organizations to maintain full control over their messaging infrastructure and data. It functions as a scalable collaboration suite that supports growing teams by managing consistent configuration cycles across diverse deployment environments. The platform distinguishes itself through a modular architecture that allows for deep customization of enterprise collaboration workflows. It features a sandboxed application engine that enables developers to build and integrate custom tools and plugins within an isolated environment, ensu
Controls access to communication channels through centralized authentication and permissions.
This project is an enterprise application framework designed to accelerate the construction of complex business software. It functions as a full-stack code generator that automatically produces backend logic, database operations, and frontend interface components from defined data schemas. By providing a standardized foundation for security, authentication, and administrative management, it enables developers to rapidly deploy functional, production-ready software environments. The platform distinguishes itself through its native support for multi-tenant architectures, allowing for secure dat
Verifies user identities and manages session tokens to secure access across application environments.
This project is an agentic framework designed to enable autonomous web navigation and browser automation. It functions as a controller that translates natural language instructions into deterministic browser actions, allowing agents to interact with websites, perform data extraction, and manage complex authentication flows. By leveraging accessibility trees and semantic element resolution, the framework mimics human-like navigation, moving beyond brittle DOM selectors to interact reliably with modern web interfaces. The framework distinguishes itself through its focus on secure, scalable exec
Executes login sequences by targeting specific input fields to reliably authenticate on complex applications.
Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It sup
Implements a comprehensive authentication and identity management service.
This project is a railway booking automation tool designed to monitor ticket inventory and execute purchases on the 12306 platform. Its primary purpose is to secure high-demand train tickets by automating the login, booking, and checkout processes. The system utilizes automated captcha solving and headless session management to bypass security barriers and maintain user authentication. It employs a concurrent request queue and polling-based inventory monitoring to track seat availability and execute purchases immediately as they open. The automation surface includes waitlist management for r
Automates credential entry and captcha resolution to gain access to protected railway accounts.
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Allows bypassing authentication for specific URL patterns or API endpoints to support public or service-to-service communication.
NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t
Offloads client identity verification and permission checks to an external application-defined service, allowing integration with existing identity providers.
This is a collection of Python scripts designed for extracting data from popular Chinese websites and mobile applications. It functions as a multi-platform data extraction toolkit, capable of automating tasks such as downloading videos from platforms like Bilibili and Douyin, scraping product reviews and images from e-commerce sites like Taobao and JD.com, and booking train tickets on the 12306 railway system. The project distinguishes itself through its focus on automating specific, high-value tasks within the Chinese internet ecosystem. It includes capabilities for solving Chinese CAPTCHA c
Automates the login process on Taobao to enable authenticated scraping of user-specific data.
This project is a Python-based automation toolkit designed to manage programmatic authentication and session persistence across web services. It provides a framework for executing automated login sequences, including the handling of interactive security challenges such as QR code verification and captcha resolution. The toolkit distinguishes itself by simulating native mobile application environments, allowing for the execution of scripts that require specific device-level headers and behaviors. It also incorporates hook-based interception to monitor workflow states and manage exceptions duri
Automates complex login sequences, including QR code and captcha resolution, to maintain persistent sessions for web services.
SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio
Runs the authentication backend as a containerized service within your own infrastructure.
Playwright for Python is a browser automation framework designed for end-to-end testing, web scraping, and user interaction simulation. It functions as a headless browser controller that enables programmatic navigation, data extraction, and the execution of complex workflows across multiple rendering engines. The framework distinguishes itself through an actionability-aware interaction engine that automatically verifies element readiness before performing actions, significantly reducing test flakiness. It utilizes isolated browser contexts to maintain separate storage and cookies for parallel
Performs login sequences through browser interactions to establish authenticated session states for automated testing.
Bytebot is an LLM desktop automation framework and virtual Linux desktop environment. It enables AI agents to plan and execute mouse and keyboard actions on a virtual computer using natural language, allowing for autonomous desktop automation and the integration of legacy systems that lack native APIs. The system operates as an LLM API gateway and a Model Context Protocol server, routing requests across multiple language model providers with integrated load balancing and rate limiting. It provides isolated, containerized environments where agents use visual reasoning to interpret screenshots
Automates multi-step login flows, including passwords and 2FA, using browser extensions within the virtual environment.
Easytrader is a quantitative trading automation framework and brokerage API wrapper designed to programmatically execute buy and sell orders across trading terminals. It functions as a system for linking quantitative strategy logic to brokerage clients, providing the necessary infrastructure to automate stock trading and execute strategy-driven signals. The system distinguishes itself by offering a remote trading execution server that decouples strategy logic from trade execution, allowing orders to be triggered on distant machines via a web server or command-line interface. It includes speci
Automates the client login process and solves captchas using optical character recognition.
LearnPython is a programming tutorial consisting of a collection of practical code examples used to demonstrate Python language features and programming patterns. It serves as a comprehensive learning resource that implements core language concepts through functional code. The project provides specialized guides and samples covering several key domains. These include asynchronous network programming with event loops and coroutines, data visualization using numerical datasets for 2D and 3D plots, and web scraping for fetching content and automating login flows. It also features instructions on
Automates social media login flows and session management for web scraping purposes.
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
Allows the deployment of authentication and vault services as containerized backends in private cloud environments.
Pocket ID is a self-hosted OpenID Connect (OIDC) identity provider that replaces traditional passwords with passkey-based authentication using WebAuthn public-key cryptography. It runs as a standalone service on user-managed infrastructure, eliminating shared secrets entirely by authenticating users through passkeys instead of passwords. The project distinguishes itself through security-hardened deployment patterns, including distroless container images, non-root user execution, and read-only root filesystems to reduce the attack surface. It supports configurable token signing algorithms (RSA
Runs as a standalone, self-hosted service that manages user authentication without external dependencies.
PythonSpiderNotes is a comprehensive instructional resource and framework for building web crawlers and extracting data using the Python programming language. It provides a set of methods for parsing unstructured HTML and JSON data into structured formats for persistent storage. The project includes detailed guides and tutorials on browser automation for retrieving dynamic content, as well as a framework for data extraction. It specifically covers anti-bot bypass techniques, such as rotating proxies and spoofing headers, to avoid IP blocks and detection systems. The capability surface extend
Bypasses verification gates using optical character recognition to resolve CAPTCHAs during automated logins.
Anti-Anti-Spider is an automated web scraping toolkit and CAPTCHA bypass framework. It uses convolutional neural networks to recognize characters and digits in image-based security challenges, enabling programmatic access to protected web content. The project functions as an image recognition model trainer, providing a workflow to preprocess labeled image datasets and train custom neural networks. Users can configure model architectures and hyperparameters to align the recognition system with the visual style of specific target websites. The toolkit covers capabilities for image data preproc
Automates the resolution of image-based CAPTCHAs using optical character recognition to bypass security barriers.
Webhook.site is a web-based tool that captures, inspects, and debugs incoming HTTP requests and emails sent to a unique URL, without requiring any server setup. It also functions as an API mocking and response modification tool, capable of generating mock APIs from OpenAPI specifications and altering HTTP responses, headers, and status codes for testing purposes. Beyond inspection, it serves as a platform for webhook automation and workflow orchestration, triggering multi-step automations—including database queries, SSH commands, and HTTP calls—when a webhook is received. The service distingu
Webhook.site provides a public URL that captures incoming HTTP requests and emails, making them inspectable without owning a server.
MISP is an open-source threat intelligence sharing platform designed for collecting, storing, and distributing structured threat indicators and intelligence. At its core, it provides a distributed synchronization protocol for transferring events between instances, an attribute-based correlation engine that links matching indicators across events, and a REST API with an OpenAPI specification for programmatic access to threat data. The platform uses formal data formats for JSON, taxonomy, galaxy, and object templates to enable compatibility across tools and communities. The platform distinguish
Applies codebase-wide security hardening measures to protect the threat intelligence platform.