4 مستودعات
Automated verification of access control logic and permission enforcement.
Distinguishing note: Focuses on testing automation for authorization, distinct from general access control.
Explore 4 awesome GitHub repositories matching security & cryptography · Authorization Testing. Refine with filters or upvote what's useful.
The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral
Provides automated verification of access control logic to ensure permissions remain correctly enforced.
Kratos is a centralized identity and access management server designed to handle user registration, authentication, and profile management. It functions as an identity flow orchestrator, managing the state and security of authentication processes across web, mobile, and command-line interfaces. The system provides a standards-compliant authorization server that issues tokens and manages delegated access for third-party applications and internal services, supporting multi-factor authentication and custom identity schemas to secure user accounts. The project distinguishes itself through a headl
Validates access control logic through manual API checks and automated test suites.
Pundit is a Ruby authorization framework that implements policy-based access control. It maps domain models to dedicated logic classes that determine whether a user is permitted to perform specific actions on data objects. The framework utilizes plain Ruby objects to decouple authorization logic from the model. It includes mechanisms for data query scoping to filter record collections based on user permissions, as well as attribute-level permission control to restrict which specific model fields a user can modify. The system provides tools for authorization coverage verification to ensure se
Provides a descriptive testing suite to verify that authorization policies correctly permit or forbid user actions.
OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t
Imports authorization models and relationship tuples from a single test configuration file.