13 Repos
Encryption and transport security standards for application data.
Distinguishing note: Focuses on data-at-rest and data-in-transit security.
Explore 13 awesome GitHub repositories matching security & cryptography · Application Data Security. Refine with filters or upvote what's useful.
Appsmith is a low-code platform designed for building internal business tools, such as operational dashboards and administrative panels. It enables developers to construct dynamic user interfaces by dragging and dropping modular widgets onto a canvas and binding them directly to backend data sources. The platform utilizes a reactive framework that automatically updates interface elements and triggers functions whenever underlying data or widget properties change, eliminating the need for manual event handling. The platform distinguishes itself through a server-side proxy architecture that exe
Protects sensitive data using AES-256 encryption and TLS-secured connections.
This project is a reactive, offline-first NoSQL database engine designed for JavaScript applications. It provides a robust framework for managing application state by synchronizing data across browsers, mobile devices, and server-side runtimes. By treating local storage as the primary source of truth, it enables applications to remain functional without network connectivity, automatically reconciling changes with remote backends once a connection is restored. The database distinguishes itself through a modular architecture that supports cross-environment synchronization and high-performance d
Encrypts sensitive information stored in the local database to protect user privacy at rest.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using encrypted connections for all data transfers without persisting any records to local disk storage.
This project is a modular e-commerce platform built on Ruby on Rails, designed to serve as a comprehensive engine for managing online retail operations. It provides the foundational infrastructure to handle complex product catalogs, customer order lifecycles, and global payment processing within a unified system. The platform distinguishes itself through a headless, API-first architecture that decouples backend commerce logic from custom frontend storefronts. It supports multi-tenant environments, allowing for the management of multiple independent retail storefronts or marketplaces from a si
Protects customer and transaction information using strong encryption at-rest and in-transit alongside automated security patching.
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
Encrypts captured interaction data using AES to ensure privacy and prevent unauthorized exposure.
This project is a software engineering style guide and a curated collection of architectural patterns and coding standards. It provides a multi-language coding standard to ensure maintainable software across Ruby, Python, JavaScript, and Swift. The project establishes a development workflow specification for version control, continuous integration, and peer review to maintain a linear project history. It also includes a web accessibility framework based on ARIA and WCAG standards, using design tokens and semantic HTML patterns to build inclusive interfaces. The guides cover a broad range of
Provides configurations to protect cookies from tampering and prevent accidental writes to production data.
CRMEB is a comprehensive e-commerce platform built on ThinkPHP 6, designed as a headless system that delivers standardized APIs to various frontend clients. It provides a unified backend to synchronize product catalogs, orders, and customer data across web browsers, mobile applications, and mini-programs. The platform supports diverse commerce models, including multi-vendor marketplaces where independent merchants manage their own stores, centralized chain store networks, and social commerce frameworks featuring affiliate distribution and community group buying. It also integrates specialized
Protects system data against CSRF, SQL injection, and shell attacks using encryption and filtering.
SQLCipher is an encrypted SQLite database engine and secure relational database that provides transparent AES-256 encryption for database files and stored data. It functions as a cryptographic storage engine that requires a passphrase or binary key to unlock and access content. The engine ensures data confidentiality through page-level encryption and protects data integrity using cryptographic hashes to detect unauthorized modifications. It includes capabilities for encryption key rotation to update passphrases and secure memory locking to prevent sensitive keys from being swapped from RAM to
Provides a secure way to store application settings and user data in encrypted files to prevent unauthorized access.
Dieses Projekt ist eine Sammlung von Referenzimplementierungen, Beispielcode und Starter-Kits zur Integration von Firebase-Backend-Diensten in Webanwendungen unter Verwendung des JavaScript-SDK. Es dient als praktischer Leitfaden für das Bootstrapping von Projekten mit Cloud-gehosteter Authentifizierung, Datenbanken und serverloser Logik. Das Repository bietet spezifische Beispiele für die Implementierung von Echtzeit-Datensynchronisation, Benutzeridentitätsverwaltung und ereignisgesteuerten Cloud-Funktionen. Es enthält zudem Referenzcode für die Verwendung lokaler Service-Emulatoren, um Cloud-Funktionalität auf einer lokalen Maschine vor der Produktionsbereitstellung zu testen. Die Codebasis deckt ein breites Spektrum an Funktionen ab, einschließlich NoSQL- und relationaler Datenspeicherung, statischem Asset-Hosting auf einem globalen CDN und der Durchsetzung deklarativer Sicherheitsregeln. Sie demonstriert zudem die Integration von Identitätsprüfung und die Ausführung serverseitiger Logik in verwalteten Umgebungen.
Implements security rules and protections to safeguard user information and application resources.
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Sets standards for encrypting network traffic using strong protocols and forward secrecy to prevent interception.
Dieses Projekt ist eine Reihe geführter Tutorials und Bildungsressourcen für die Android-App-Entwicklung. Es bietet instruktive Inhalte für den Aufbau mobiler Anwendungen und Spiele von Grund auf mit Android Studio und dem Android SDK. Der Lehrplan deckt mobiles UI-Design und die Erstellung responsiver Layouts ab, die sich an verschiedene Bildschirmdimensionen anpassen. Er enthält Anleitungen zur Hardware-Integration für den Zugriff auf Gerätesensoren und native Dienste über Berechtigungsmodelle sowie Lektionen zur Datensicherheit in Anwendungen. Das Material behandelt Datenmanagement durch lokale Datenbank-Speicherung und Remote-Datenbank-Synchronisation. Zudem wird die Integration von Webdiensten adressiert, einschließlich der Verwendung von Request-Response-Mustern zur Anbindung von Anwendungen an externe Datenquellen und Karten.
Provides lessons on coding practices and mechanisms to protect user information and prevent common security vulnerabilities.
Shiro ist ein Java-Sicherheitsframework, das einen Identitäts- und Zugriffsmanager für die Implementierung von Authentifizierung, Autorisierung, Kryptografie und Sitzungsmanagement bereitstellt. Es fungiert als Sicherheitsschicht zur Überprüfung von Benutzeridentitäten und zur Durchsetzung rollenbasierter Zugriffskontrolle für geschützte Systemressourcen. Das Projekt bietet eine steckbare Realm-Architektur, die Sicherheitslogik von Identitätsdaten entkoppelt, sowie ein eigenständiges Sitzungsmanagementsystem, das den Benutzerzustand unabhängig vom zugrunde liegenden Servlet-Container verfolgt. Es enthält einen Integrator für externe Identitätsanbieter unter Verwendung von Föderationsprotokollen wie OAuth 2.0 und SAML, um Single Sign-On zu ermöglichen. Das Framework deckt eine breite Funktionsfläche ab, einschließlich Request-Interception durch Filter-Chains, deklarative Sicherheitsdurchsetzung via Annotationen und den Schutz sensibler Daten unter Verwendung symmetrischer und asymmetrischer kryptografischer Wrapper. Es bietet zudem Utilities für das Caching von Sicherheitsabfragen und die Verwaltung verteilter Sitzungslebenszyklen über Unternehmensumgebungen hinweg.
Secures application data and passwords using symmetric/asymmetric encryption and salted hashing.
This project serves as a comprehensive educational roadmap and curriculum for mastering professional Android application development. It provides a structured learning path that guides developers through the essential system design principles, architectural patterns, and technical skills required to build, test, and deploy scalable mobile software. The resource distinguishes itself by organizing complex technical topics into a logical sequence, covering everything from foundational mobile development tooling to advanced software engineering practices. It emphasizes industry-standard patterns
Implements encryption, obfuscation, and permission controls to protect sensitive user information.