30 Repos
Mechanisms for verifying the authenticity and integrity of incoming webhook payloads through cryptographic signature validation.
Distinguishing note: Focuses specifically on the security verification of incoming webhooks rather than general API authentication or generic networking protocols.
Explore 30 awesome GitHub repositories matching security & cryptography · Webhook Security. Refine with filters or upvote what's useful.
Appwrite is a backend-as-a-service platform that provides a unified development environment for building full-stack applications. It integrates essential infrastructure components—including authentication, databases, storage, and serverless functions—into a single, centralized interface to simplify application development and resource management. The platform distinguishes itself through a container-based microservices architecture that ensures consistent execution across diverse infrastructure. It features a versatile connectivity layer that links frontend applications with third-party servi
Verifies incoming webhook integrity by checking cryptographic signatures against stored secret keys.
Marker is a comprehensive document processing platform designed to automate the conversion, extraction, and structuring of data from complex files. It functions as an orchestration engine that chains modular processing steps into versioned, reusable pipelines, allowing organizations to standardize document handling and automate repetitive business tasks at scale. The platform distinguishes itself through its support for secure, private infrastructure deployment, enabling users to run containerized services within their own environments to maintain strict data privacy. It features specialized
Validates incoming notifications using HTTPS and request signatures to ensure authenticity and prevent unauthorized event processing.
graphql-engine is an automated GraphQL API engine that transforms database tables and relationships into a queryable GraphQL schema. It functions as a federation gateway and mapper, instantly generating APIs with built-in filtering, pagination, and mutations from existing databases and remote schemas. The project distinguishes itself through a fine-grained access control layer that enforces row-level and field-level permissions. It further provides a real-time data subscription server that converts standard queries into live streams and a system for triggering event-driven webhooks and notifi
Automatically closes server connections authenticated via webhooks after a specified expiration time.
Surya is a document processing platform designed to transform unstructured files into structured, machine-readable data. It provides a comprehensive suite of tools for text recognition, layout analysis, and reading order detection, enabling the conversion of PDFs and images into formats such as JSON, HTML, or markdown. The platform is built to handle complex document workflows, offering capabilities for data extraction, document segmentation, and automated form completion. The platform distinguishes itself through a robust pipeline-based architecture that allows users to chain analysis tasks
Includes a configurable secret in event payloads to allow receiving servers to validate incoming notifications.
This project is a cross-platform chatbot framework designed to integrate generative artificial intelligence models into messaging services. It provides a unified architecture for building and deploying automated bots that maintain consistent conversation state, user identity, and interaction logic across multiple messaging platforms from a single codebase. The framework distinguishes itself through a modular adapter system that normalizes platform-specific webhooks and events into a standardized internal schema. It includes a comprehensive toolkit for constructing rich, interactive user inter
Validates incoming request signatures to ensure secure and reliable communication with messaging platforms.
The Gemini Cookbook is a comprehensive collection of implementation patterns, code samples, and development guides designed for building applications with Google Gemini models. It serves as a central resource for developers to integrate multimodal generative artificial intelligence into their software, providing the necessary frameworks to manage model interactions, stateful workflows, and structured data extraction. The repository distinguishes itself by offering specialized toolkits for autonomous agent orchestration, enabling the construction of agents that can execute code, browse the web
Verifies incoming event notifications using cryptographic signatures to ensure data integrity and authenticity.
CVAT is an open-source, web-based platform designed for annotating images, videos, and 3D point clouds to create high-quality training datasets for machine learning. It functions as a containerized server that orchestrates the entire lifecycle of computer vision data, from initial task creation and manual labeling to quality assurance and final dataset export. The platform distinguishes itself through deep integration with machine learning models, allowing users to deploy custom AI models as serverless functions for automated object detection, tracking, and skeleton annotation. It supports co
Validates the authenticity and integrity of outgoing webhook payloads using cryptographic signatures.
Unstructured is an enterprise-grade data orchestration engine designed to transform raw, unstructured files into structured, machine-readable formats. It functions as a comprehensive platform for document ingestion, partitioning, and enrichment, specifically engineered to prepare complex data for retrieval-augmented generation and agentic AI workflows. The platform distinguishes itself through its sophisticated document processing strategies, which combine rule-based extraction with vision-language models to handle diverse file layouts, tables, and images. It provides a modular architecture t
Validates incoming request signatures using HMAC-SHA256 to ensure that event notifications originated from the platform and remain untampered.
Pipecat is a framework and software development kit for building real-time multimodal AI agents and speech-to-speech systems. It utilizes a frame-based data pipeline to route audio, video, and text through a modular sequence of processors, enabling the orchestration of low-latency conversational AI. The project is distinguished by its ability to coordinate complex multimodal services, including speech-to-text, language models, and text-to-speech, within a single pipeline. It features semantic voice activity detection for natural turn-taking, state-machine conversation flows for dialogue manag
Ensures the authenticity of incoming service provider webhooks using cryptographic signature verification.
Formbricks is an open-source survey and feedback platform designed to help teams capture and analyze user insights through targeted, in-app, and website-based interactions. It functions as a comprehensive customer experience analytics system that allows organizations to maintain full control over their data, user attributes, and survey workflows. The platform distinguishes itself through its event-driven architecture, which enables precise behavioral targeting by triggering surveys based on specific user actions or application events. It supports deep integration with external ecosystems by a
Secures outgoing webhook notifications using cryptographic signatures to ensure authenticity for receiving systems.
Webhook is a lightweight automation server that executes local shell scripts and system commands in response to incoming HTTP requests. It functions as an integration engine, mapping external network events to server-side tasks by parsing request payloads and triggering predefined processes. The project distinguishes itself through a declarative configuration model that allows for dynamic argument injection. By extracting values from request headers, query parameters, or bodies, it populates command templates to facilitate flexible script execution. This enables the automation of infrastructu
Verifies incoming webhook requests using shared secrets to ensure only authorized sources trigger commands.
Botkit is a multi-platform chatbot framework designed to build conversational bots that operate across different messaging services using a unified interface. It provides a core system for multi-platform development, utilizing a platform adaptation layer to translate service-specific API payloads into a standardized internal format. The framework features a conversational dialog manager that coordinates multi-turn interactions through state-tracking, branching logic, and scripted flows. It employs a message processing middleware pipeline to intercept, normalize, and enrich incoming and outgoi
Implements cryptographic signature validation to verify the authenticity of incoming webhook payloads.
This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu
Maintains secure communication between the API server and service mesh components.
This project is a comprehensive Node.js software development kit designed for integrating large language models into applications. It serves as a foundational client for interacting with REST and WebSocket services, enabling developers to implement chat functionality, multimodal content generation, and autonomous agent orchestration. The library provides a structured framework for defining executable tools and enforcing JSON schemas, ensuring that model outputs remain programmatically compatible with downstream systems. The SDK distinguishes itself through its robust request orchestration and
Validates webhook authenticity using cryptographic signature verification to ensure secure communication.
mcp-use is a development framework designed for building, deploying, and managing servers, clients, and autonomous agents using the Model Context Protocol. It provides a comprehensive toolkit for creating servers that expose custom tools, data resources, and prompts to compatible AI agents. The project distinguishes itself by offering a complete lifecycle for protocol-based applications, including a dedicated hosting platform for production servers and a compliance validator to ensure servers meet marketplace publishing requirements. It also features an observability suite for tracing protoco
Secures incoming webhooks by validating cryptographic HMAC signatures against shared secrets.
Kubebuilder is a framework and set of scaffolding tools used to build Kubernetes APIs and controllers. It functions as an operator framework that provides generators for custom resource definitions, admission webhooks, and RBAC manifests to extend cluster functionality. The project distinguishes itself through marker-based code generation, which parses source code comments to automatically produce Kubernetes manifests and boilerplate logic. It employs a hub-and-spoke versioning model to translate data between multiple API versions and uses a three-way merge strategy to automate project migrat
Automates the creation and rotation of TLS certificates for admission webhooks to ensure secure communication.
Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new
Validates incoming webhook requests using HMAC signatures, ID tokens, or secret headers to ensure authenticity.
Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple. The platform includes a team-based permission system with role-based access control, allowing users to be organized into teams with granular permissions for membership manage
Validates cryptographic signatures on incoming webhook payloads to confirm origin and prevent replay attacks.
ZeroByte is a backup management platform built around the Restic backup engine, providing encrypted, deduplicated, and compressed snapshots across multiple storage backends. It offers a web interface for scheduling, monitoring, and managing backup operations, with support for cron-based job scheduling and configurable retention policies that automatically prune older snapshots. The platform distinguishes itself through comprehensive multi-protocol volume mounting, allowing backup ingestion from NFS, SMB, WebDAV, SFTP, and rclone-backed sources alongside local directories. It includes a snapsh
Lists HTTP origins allowed for backup webhooks and outbound HTTP notification destinations.
Webhook.site is a web-based tool that captures, inspects, and debugs incoming HTTP requests and emails sent to a unique URL, without requiring any server setup. It also functions as an API mocking and response modification tool, capable of generating mock APIs from OpenAPI specifications and altering HTTP responses, headers, and status codes for testing purposes. Beyond inspection, it serves as a platform for webhook automation and workflow orchestration, triggering multi-step automations—including database queries, SSH commands, and HTTP calls—when a webhook is received. The service distingu
Verifies incoming webhooks by comparing a hash of the payload and a secret against a header value.