27 مستودعات
Practices and tools for securing stored data against unauthorized access.
Distinguishing note: Focuses on the application of security policies to backup data specifically.
Explore 27 awesome GitHub repositories matching security & cryptography · Data Security. Refine with filters or upvote what's useful.
This project is a command-line utility designed for secure, content-addressable data archiving. It functions as an encrypted backup tool that stores data as deduplicated chunks, ensuring that every piece of information is identified by a cryptographic hash to maintain integrity across all backups. By applying strong encryption and message authentication codes to both data and metadata, the software prevents unauthorized access and detects potential tampering. The tool distinguishes itself through a backend-agnostic storage abstraction that allows users to maintain repositories across diverse
Protects backup data against unauthorized access and tampering by applying strong encryption and message authentication codes.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using private networking and external secret stores during synchronization processes.
This project is a local-first task manager and time tracking tool designed to consolidate work items from multiple external project management platforms into a single, unified interface. By prioritizing local data sovereignty, it ensures that all task lists, time logs, and application states remain on the user's device, providing full functionality in offline environments while maintaining privacy. The application distinguishes itself through a focus on deep work and structured productivity rituals. It integrates distraction-free modes, configurable focus timers, and automated time tracking t
Stores all user information and activity logs on the device to prevent external tracking.
Kubescape is a Kubernetes security posture management platform designed to scan clusters, manifests, and images for misconfigurations, vulnerabilities, and compliance risks. It functions as a comprehensive security suite incorporating a compliance scanner, a container image vulnerability scanner, an admission controller for policy enforcement, and a runtime security monitor. The platform distinguishes itself through runtime-aware vulnerability filtering, which maps libraries loaded in memory to determine if vulnerabilities are actually reachable. It also integrates with AI assistants via a Mo
Synchronizes security frameworks and scan results between the local cluster and remote services.
This project provides a set of development guidelines and architectural recommendations for building iOS applications. It focuses on structuring Swift applications to decouple business logic from the user interface to improve testability and maintenance. The project covers specific implementation standards for security, such as using keychain storage for sensitive data and TLS certificate pinning for network traffic. It also defines patterns for code quality enforcement through static analysis and compiler configurations, as well as strategies for asset and localization management. The guide
Defines standards for storing passwords and authentication tokens in a secure system keychain.
OrbStack is a native macOS application that replaces Docker Desktop, providing an all-in-one environment for running Docker containers, full Linux virtual machines, and local Kubernetes clusters. It runs Linux VMs directly on the macOS hypervisor framework for near-native performance, uses VirtioFS for fast bidirectional file sharing between macOS and Linux, and leverages Rosetta for near-native x86 emulation on Apple Silicon. The system assigns predictable local domain names to containers and VMs with automatic HTTPS certificate generation, forwards ports via event-driven updates, and stores
Stores Docker registry credentials securely using the native macOS keychain for authentication.
Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst
Dumps and modifies sensitive items stored within a device's secure keystore.
MJExtension is a JSON serialization library and model mapping framework used to convert data between JSON strings and structured model objects. It functions as an object data mapper that handles the encoding and decoding of complex object hierarchies for network transmission and storage. The framework is a non-intrusive data mapper that uses reflection and runtime inspection to map raw data strings to application objects. This approach allows for data transformation without requiring base class inheritance, decorators, or extensions to the underlying model classes. The system supports recurs
Provides utilities to archive and retrieve model properties for reliable data storage.
KeychainAccess is a Swift library used for storing and retrieving encrypted data within the Apple system keychain across iOS and macOS. It provides a type-safe interface for managing sensitive information and user credentials on iOS, macOS, tvOS, and watchOS. The library includes a biometric authentication interface that requires FaceID or TouchID verification with custom prompts before accessing specific secure items. It also enables the synchronization of credentials across Apple devices via a cloud keychain and provides a manager for sharing login credentials between native applications an
Provides a Swift interface for storing and retrieving encrypted credentials in the Apple system keychain.
jrnl is a command-line journaling tool used for recording dated entries and managing personal journals directly from a terminal. It functions as an encrypted plain-text journal system that protects private entries through encryption and integration with native system keychains. The project includes a calendar-based activity tracker that visualizes entry frequency and patterns using a heatmap layout. It also serves as a data utility for exporting journal entries into formats such as Markdown, JSON, YAML, and XML. The system supports multi-journal management for different life areas and provid
Integrates with native system keychains to securely store and retrieve encryption passwords.
IceCubesApp is a native iOS social networking client built with SwiftUI. It serves as an ActivityPub and Mastodon client, providing a mobile interface for interacting with decentralized servers. The application functions as a multi-account manager, allowing users to authenticate and switch between several different social media profiles within a single interface. The software includes an AI-enhanced text editor used to refine, shorten, or generate descriptive text for posts. These artificial intelligence tools assist in writing and generating alt-text for uploaded images. The platform covers
Uses the native system keychain for secure storage of authentication tokens and credentials.
Keka is a file compression and archive extraction utility designed for macOS and iOS. It functions as a tool to shrink the size of files and folders to optimize storage and speed up data transfers. The application serves as an encrypted archive manager, allowing users to protect compressed files with passwords and encryption to ensure private data sharing and secure transmission. The software covers broad capabilities in file archiving, including the ability to compress data into archival formats and unpack various archive formats to restore original content to the local system.
Restricts access to archived files using security settings to keep data confidential.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Stores sensitive API tokens and credentials in the system keychain to keep them out of code.
TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas
Copies properties between models using the spread operator for reuse without inheritance.
Uses distinct bundle IDs per build configuration and consistent signing to avoid repeated Keychain access requests for license storage.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Shares blocked and allowed IP lists among a group of servers to maintain consistent security policies.
SAMKeychain هو مدير سلسلة مفاتيح Objective-C يوفر واجهة برمجية لإنشاء وقراءة وحذف بيانات الاعتماد الآمنة المخزنة في سلسلة مفاتيح نظام macOS و iOS. يعمل كغلاف خفيف الوزن لإدارة كلمات المرور والبيانات الحساسة على منصات Apple. يوفر المشروع واجهة برمجة تطبيقات موحدة تجرد اختلافات التنفيذ بين macOS و iOS. يغلف واجهات برمجة تطبيقات C منخفضة المستوى في فئات Objective-C لتوفير واجهة موجهة للكائنات للتفاعل مع برنامج أمان النظام. تغطي المكتبة تخزين بيانات الاعتماد الآمنة والتحكم في الوصول، بما في ذلك القدرة على تخزين واسترجاع وحذف كلمات مرور الحساب ورموز المصادقة في تخزين دائم مشفر.
Implements direct integration with the system security daemon for encrypted persistent storage of sensitive data.
Knuff هي أداة تصحيح أخطاء سطح مكتب مصممة لاختبار حمولات خدمة إشعارات Apple Push. تتيح تسليم حمولات JSON مخصصة إلى الأجهزة المحمولة للتحقق من استلام الإشعارات بشكل صحيح. يتكامل التطبيق مع سلسلة مفاتيح النظام لإدارة شهادات الأمان والمفاتيح الخاصة لتوقيع الطلبات. كما يتضمن أداة لتصدير هويات الأمان هذه من سلسلة المفاتيح إلى تنسيقات ملفات محمولة لاستخدامها مع أدوات تطوير أخرى. توفر الأداة آليات لاسترجاع رمز الجهاز تلقائياً ومدير حمولة لحفظ وإعادة استخدام رموز الجهاز وتهيئات JSON. يسمح هذا باستمرارية بيانات إشعار محددة لضمان سيناريوهات اختبار قابلة للتكرار.
Exports security identities from the system keychain into files for use with external push tools.
Franz هو مجمع مراسلات متعدد الخدمات ومساحة عمل اتصالات موحدة. يجمع بين خدمات الدردشة والبريد الإلكتروني والتقويم المتعددة في واجهة سطح مكتب واحدة للقضاء على الحاجة إلى التبديل بين التطبيقات المتباينة. يتميز المشروع بغلاف متصفح يركز على الخصوصية يقوم بحظر أدوات التتبع التابعة لجهات خارجية والبصمات الرقمية مع استخدام تشفير النظام الأصلي لتخزين بيانات الاعتماد. يدمج المشروع ملخص محادثات يعمل بالذكاء الاصطناعي يمكن تنفيذه محلياً أو عبر الاستضافة السحابية لتلخيص الرسائل الفائتة وصياغة ردود مدركة للسياق. يوفر التطبيق إدارة واسعة للجلسات لحسابات متزامنة متعددة وينظم الأدوات في مساحات عمل موجهة نحو التركيز. يتضمن التطبيق إمكانيات لفرز الاتصالات، مثل تحويل الرسائل إلى مهام، وتجميع عروض التقويم، ومركزية الوصول إلى الملفات عبر الخدمات المتكاملة. يمكن للمستخدمين توسيع المنصة من خلال إضافات الخدمات المخصصة وإدارة التخطيطات باستخدام نوافذ خدمات قابلة للفصل أو جنباً إلى جنب.
Secures authentication tokens and passwords using the operating system's native encrypted keychain storage.
هذا المشروع عبارة عن مجموعة من أدوات سطر الأوامر والبرامج النصية المصممة للاستعلام عن سلاسل مفاتيح النظام واستعادة كلمات المرور بنص عادي لمعرفات شبكة لاسلكية محددة. يعمل كمستخرج بيانات اعتماد الشبكة اللاسلكية الذي يسترجع مفاتيح الأمان المحفوظة لمعرف مجموعة الخدمة الحالي أو المحدد. تتضمن الأداة بشكل خاص أداة وصول إلى سلسلة مفاتيح macOS ومسترجعاً قائماً على Bash لاستخراج مفاتيح الأمان من مخزن أمان النظام. يستخدم أوامر المحطة الطرفية الخاصة بالمنصة وتحليل التعبيرات النمطية لعزل كلمات المرور بنص عادي من بيانات تشخيص النظام المطولة. يغطي البرنامج استعادة بيانات اعتماد الشبكة وإدارة الشبكة المحلية، مما يوفر طريقة للعثور على مفاتيح الأمان للشبكات اللاسلكية المتصلة عبر تنفيذ الأوامر القائم على الغلاف.
Extracts plaintext passwords and security keys from the system-level secure enclave.