19 Repos
Libraries and modules for implementing specific network and system authentication handshake protocols.
Distinguishing note: Focuses on specific legacy and enterprise authentication protocols like NTLM, distinct from generic identity management or OAuth flows.
Explore 19 awesome GitHub repositories matching security & cryptography · Authentication Protocols. Refine with filters or upvote what's useful.
This project is a cross-platform messaging client that implements a secure, real-time communication protocol. It provides a comprehensive development toolkit, including a database library and messaging SDK, which allows for the creation of custom messaging applications that maintain synchronized state across multiple devices. The core architecture relies on an asynchronous event-driven model to ensure responsive performance while managing persistent local database synchronization with server-side state. The client distinguishes itself through a robust end-to-end encryption layer that supports
Telegram delivers authorization codes through messaging instead of traditional SMS to lower costs and increase security.
PHPMailer is a comprehensive library for constructing and sending complex email messages within PHP applications. It provides an object-oriented framework for building MIME-compliant emails, managing attachments, and handling multi-format content such as HTML and plain-text alternatives. The library serves as a robust interface for email dispatch, supporting both individual messaging and high-performance bulk distribution through persistent connections. The project distinguishes itself through a deep focus on secure transmission and identity verification. It integrates advanced security proto
The library verifies user credentials against mail servers using legacy protocols to satisfy specific relay requirements before initiating the email transmission process.
This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven
Identifies and hardens legacy authentication protocols to improve system security.
This project serves as a comprehensive, community-driven directory for the .NET ecosystem. It functions as a curated index of high-quality libraries, frameworks, and tools designed to assist developers in identifying recommended solutions for a wide range of project requirements and software engineering tasks. The repository distinguishes itself by providing a categorized catalogue that simplifies the discovery of resources across the entire .NET development lifecycle. By maintaining a standardized collection of community-contributed utilities, it helps developers navigate the ecosystem to fi
Provides libraries and modules for implementing specific network and system authentication handshake protocols.
RabbitMQ is a multi-protocol messaging broker that functions as an AMQP message broker, a clustered message queue, and a distributed message stream. It provides a server for translating and bridging communication between diverse messaging standards to connect heterogeneous systems. The system distinguishes itself through distributed broker clustering and federation, using shoveling mechanisms to synchronize data across geographically separate sites. It supports high-throughput, append-only logs for persisting and reading large sequences of messages for real-time processing. The broker covers
Uses a pluggable authentication framework to validate identities via LDAP and OAuth2 providers.
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f
Provides an automated authentication attack module for PC-Anywhere remote administration services.
libgit2 is a portable, cross-platform C library that provides a programmatic interface for integrating Git version control directly into applications. It serves as a linkable implementation of Git internals, allowing developers to manage repositories and manipulate version control data without requiring a system installation of the Git command line tool. The library functions as an embedded API and object database manager capable of reading and writing commits, trees, blobs, and tags. It includes a network transport client to handle the transfer of repository data over protocols such as SSH a
Provides support for NTLM and Negotiate authentication protocols to secure access to remote servers.
This project is a Git credential helper that automates the storage and retrieval of authentication secrets for remote repository operations. It functions as an OAuth token manager and an operating system vault storage interface to ensure authentication secrets are encrypted at rest. The tool acts as a cross-platform authentication broker, enabling the sharing of secure credentials between a host operating system and a Linux subsystem. It also serves as an enterprise proxy gateway, routing authentication traffic through corporate proxy servers to reach restricted repository endpoints. The sys
Supports enterprise network authentication protocols to provide seamless access to Windows-based resources.
Gate One is an HTML5-powered terminal emulator and SSH client
Authenticates users through pluggable backends including Kerberos, PAM, Google Auth, and anonymous access.
FastAPI Users is a ready-to-use authentication library for FastAPI applications that handles user registration, login, password reset, email verification, and profile retrieval with minimal configuration. It provides a complete authentication system built around pluggable backends and transports, supporting JWT tokens, database sessions, and Redis-based token storage that can be combined in a single route. The library distinguishes itself through its modular architecture, offering router-based module composition that organizes authentication flows as independent FastAPI routers for registrati
Supports multiple authentication backends (JWT, database, Redis) and transports (header, cookie) in a single route.
Passbolt is an open-source, self-hosted password manager designed for teams. It provides a centralized, encrypted vault where organizations can store, share, and manage credentials securely. The server exposes a JSON REST API that authenticates requests using either GPGAuth or JWT tokens, and all secrets are protected with OpenPGP end-to-end encryption, ensuring the server never has access to plaintext passwords. The platform distinguishes itself through a comprehensive role-based access control system that governs resource sharing and administrative actions. Teams can organize users into gro
Authenticates API requests using the legacy GPGAuth protocol for backward compatibility.
Learn-Web-Hacking ist ein strukturierter Studienleitfaden für Web-Sicherheit und eine Wissensdatenbank für Penetration Testing. Es bietet eine Sammlung von Forschungsnotizen, die sich auf die Identifizierung und Ausnutzung von Schwachstellen in Webanwendungen und Netzwerkprotokollen konzentrieren. Das Projekt enthält spezialisierte Frameworks zur Bewertung von Sicherheitsrisiken in Large Language Models, um Prompt-Injection zu verhindern, sowie Leitfäden zur Härtung von Cloud-Native-Infrastrukturen, einschließlich Container-Standards und Orchestrierungstools. Es deckt zudem die Analyse von Identitätsstandards und Authentifizierungsprotokollen ab. Das Material umfasst ein breites Spektrum an Sicherheitsaspekten, darunter Netzwerkprotokollanalyse, Informationsbeschaffung für das Mapping der Angriffsfläche und internes Netzwerk-Penetration-Testing inklusive Lateral Movement und Persistenz. Zudem werden Verteidigungsstrategien wie Zero-Trust-Architekturen und Intrusion Detection detailliert beschrieben.
Studies the implementation and security weaknesses of identity standards including OAuth, JWT, and SAML.
Supersonic ist eine LLM-basierte Datenanalyseplattform und eine Engine für semantische Layer, die natürlichsprachliche Fragen in ausführbare SQL-Abfragen übersetzt. Sie fungiert als Business-Intelligence-Dashboard und Text-zu-SQL-Schnittstelle, die es Benutzern ermöglicht, Geschäftskennzahlen und Erkenntnisse über eine Konversationsschnittstelle abzurufen. Das System entkoppelt Geschäftsdefinitionen von physischen Datenbankschemata, indem es einen verwalteten logischen Layer verwendet, um einheitliche Metriken und Dimensionen zu definieren. Diese semantische Modellierung ermöglicht es der Plattform, menschliche Sprachmuster auf kuratierte Modelle abzubilden und abstrakte semantische Aussagen in physisches SQL zu übersetzen, das auf spezifische Datenbank-Engines zugeschnitten ist. Die Plattform bietet ein Enterprise-Data-Gateway mit rollenbasierter und granularer Zugriffskontrolle auf Datensatz-, Spalten- und Zeilenebene. Zu ihren Fähigkeiten gehören Multi-Turn-Dialogmanagement, Multi-Datenbank-Konnektivität und eine Plugin-Architektur für die Integration von Drittanbieter-Tools. Das Projekt stellt seine Funktionalität über eine Headless-Programmatic-API und eine Semantic-Layer-API für den externen Datenkonsum bereit.
Provides a pluggable service provider interface for managing user authentication and authorization.
Calibre-Web-Automated is a self-hosted ebook library server that watches file system folders for new ebook files, automatically converts them to a target format, enriches their metadata from online sources, and inserts them into a Calibre-managed library. It provides a web interface for browsing, reading in-browser, searching full text, and managing collections, while also supporting user authentication through multiple protocols including OAuth 2.0, OpenID Connect, LDAP, magic links, and reverse proxy headers. The server integrates directly with Kobo e-reader devices, synchronizing books, co
Supports OAuth 2.0, OpenID Connect, LDAP, magic link, reverse proxy, and password authentication with role mapping and audit logging.
KafkaJS ist ein reiner JavaScript-Client für Apache Kafka, der die notwendigen Tools bereitstellt, um Nachrichten aus einem Kafka-Cluster zu produzieren und zu konsumieren, ohne native Abhängigkeiten oder externe Addons zu erfordern. Er fungiert als umfassende Integrationsbibliothek für Node.js-Anwendungen, um an verteilter Nachrichtenverarbeitung und Echtzeit-Event-Streaming teilzunehmen. Das Projekt zeichnet sich durch seine native Implementierung des Kafka-Wire-Protokolls aus, wodurch C++-Abhängigkeiten vermieden werden. Es verfügt über einen Security-Client, der SSL-, TLS- und SASL-Authentifizierung unterstützt, sowie über transaktionale Funktionen, die atomares Nachrichten-Senden und verknüpfte Offset-Commitments ermöglichen, um Exactly-Once-Processing sicherzustellen. Die Bibliothek deckt ein breites Spektrum an operativen Bereichen ab, einschließlich vollständiger Cluster-Administration zur Verwaltung von Topics und Consumer-Groups, fortgeschrittenem Partition-Routing und Zuweisungsstrategien sowie umfassender Telemetrie durch event-gesteuertes Monitoring. Sie implementiert zudem Netzwerk-Zuverlässigkeitsmuster wie Exponential-Backoff-Retries und Rack-Aware-Data-Fetching, um die Latenz zu optimieren.
Provides a modular system for integrating identity verification methods including SASL, SCRAM, and OAuth.
This project is a portable implementation of the secure shell toolset designed for deployment across diverse operating systems and platforms. It provides a suite of tools for secure remote login and command execution based on the secure shell protocol. The implementation includes a sandboxed server that isolates processes to limit the impact of potential vulnerabilities on the host operating system. It also functions as a cryptographic key manager for generating and storing security keys to replace or supplement password-based authentication. The project covers encrypted file transfer for mo
Integrates with pluggable authentication backends like PAM to handle diverse identity verification methods.
AKHQ is a web-based management interface for Apache Kafka, providing a centralized platform for administering clusters, topics, and consumer groups. It serves as a comprehensive monitoring and administration tool that includes a Kafka Connect manager and a ksqlDB administration interface. The platform distinguishes itself through extensive schema registry integration, allowing users to browse and decode Avro, Protobuf, and JSON messages using Confluent, Tibco, or AWS Glue registries. It also features a granular security model with role-based access control, sensitive data masking, and support
Implements a pluggable authentication framework supporting interchangeable backends like LDAP, OIDC, and JWT.
TermSCP is a multi-protocol terminal user interface file manager used for browsing and transferring files across SCP, SFTP, FTP, S3, and WebDAV. It functions as a secure remote connection manager and an SSH file transfer client, providing a keyboard-driven environment for remote server administration. The project features a dual-pane filesystem explorer with synchronized navigation to keep local and remote views in lockstep. It integrates an embedded terminal shell for executing local and remote commands without leaving the interface and employs a remote-file edit proxy to allow modifications
Supports protocol-specific authentication methods for SCP, SFTP, FTP, S3, and WebDAV.
Dieses Projekt ist ein Pluggable Authentication Module (PAM) für Linux-Systeme, das eine Multi-Faktor-Identitätsprüfung erzwingt. Es integriert sich direkt in den System-Authentifizierungs-Stack, um zeitbasierte Einmalpasswörter (TOTP) zusätzlich zu Standard-Benutzeranmeldedaten zu verlangen, und bietet so einen Mechanismus zur Absicherung lokaler und Remote-Shell-Zugriffe. Das Modul zeichnet sich durch seine Implementierung des TOTP-Algorithmus aus, der eine integrierte Unterstützung für Clock-Skew-Kompensation enthält, um Zeitdiskrepanzen zwischen Servern und Benutzergeräten auszugleichen. Es verwaltet individuelle geheime Benutzerschlüssel über einen lokalen dateibasierten Persistenzmechanismus und unterstützt modulares Stacking, was es Administratoren ermöglicht, Anmeldedaten innerhalb eines einzigen Login-Flows zwischen mehreren Authentifizierungsmodulen weiterzureichen. Über die Kernverifizierung hinaus bietet das Tool konfigurierbare Richtlinieneinstellungen, mit denen Administratoren Kulanzfristen definieren und Speicherorte für geheime Dateien verwalten können. Es erleichtert die Synchronisierung eindeutiger Authentifizierungsgeheimnisse mit mobilen Anwendungen und stellt sicher, dass die Multi-Faktor-Erzwingung funktionsfähig bleibt, während systemweite Sicherheitsstandards gewahrt werden.
Implements a modular authentication framework that integrates custom security logic into the standard system login pipeline.