26 repositorios
Practices and tools for securing stored data against unauthorized access.
Distinguishing note: Focuses on the application of security policies to backup data specifically.
Explore 26 awesome GitHub repositories matching security & cryptography · Data Security. Refine with filters or upvote what's useful.
This project is a command-line utility designed for secure, content-addressable data archiving. It functions as an encrypted backup tool that stores data as deduplicated chunks, ensuring that every piece of information is identified by a cryptographic hash to maintain integrity across all backups. By applying strong encryption and message authentication codes to both data and metadata, the software prevents unauthorized access and detects potential tampering. The tool distinguishes itself through a backend-agnostic storage abstraction that allows users to maintain repositories across diverse
Protects backup data against unauthorized access and tampering by applying strong encryption and message authentication codes.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using private networking and external secret stores during synchronization processes.
This project is a local-first task manager and time tracking tool designed to consolidate work items from multiple external project management platforms into a single, unified interface. By prioritizing local data sovereignty, it ensures that all task lists, time logs, and application states remain on the user's device, providing full functionality in offline environments while maintaining privacy. The application distinguishes itself through a focus on deep work and structured productivity rituals. It integrates distraction-free modes, configurable focus timers, and automated time tracking t
Stores all user information and activity logs on the device to prevent external tracking.
Kubescape is a Kubernetes security posture management platform designed to scan clusters, manifests, and images for misconfigurations, vulnerabilities, and compliance risks. It functions as a comprehensive security suite incorporating a compliance scanner, a container image vulnerability scanner, an admission controller for policy enforcement, and a runtime security monitor. The platform distinguishes itself through runtime-aware vulnerability filtering, which maps libraries loaded in memory to determine if vulnerabilities are actually reachable. It also integrates with AI assistants via a Mo
Synchronizes security frameworks and scan results between the local cluster and remote services.
This project provides a set of development guidelines and architectural recommendations for building iOS applications. It focuses on structuring Swift applications to decouple business logic from the user interface to improve testability and maintenance. The project covers specific implementation standards for security, such as using keychain storage for sensitive data and TLS certificate pinning for network traffic. It also defines patterns for code quality enforcement through static analysis and compiler configurations, as well as strategies for asset and localization management. The guide
Defines standards for storing passwords and authentication tokens in a secure system keychain.
OrbStack is a native macOS application that replaces Docker Desktop, providing an all-in-one environment for running Docker containers, full Linux virtual machines, and local Kubernetes clusters. It runs Linux VMs directly on the macOS hypervisor framework for near-native performance, uses VirtioFS for fast bidirectional file sharing between macOS and Linux, and leverages Rosetta for near-native x86 emulation on Apple Silicon. The system assigns predictable local domain names to containers and VMs with automatic HTTPS certificate generation, forwards ports via event-driven updates, and stores
Stores Docker registry credentials securely using the native macOS keychain for authentication.
Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst
Dumps and modifies sensitive items stored within a device's secure keystore.
MJExtension is a JSON serialization library and model mapping framework used to convert data between JSON strings and structured model objects. It functions as an object data mapper that handles the encoding and decoding of complex object hierarchies for network transmission and storage. The framework is a non-intrusive data mapper that uses reflection and runtime inspection to map raw data strings to application objects. This approach allows for data transformation without requiring base class inheritance, decorators, or extensions to the underlying model classes. The system supports recurs
Provides utilities to archive and retrieve model properties for reliable data storage.
KeychainAccess is a Swift library used for storing and retrieving encrypted data within the Apple system keychain across iOS and macOS. It provides a type-safe interface for managing sensitive information and user credentials on iOS, macOS, tvOS, and watchOS. The library includes a biometric authentication interface that requires FaceID or TouchID verification with custom prompts before accessing specific secure items. It also enables the synchronization of credentials across Apple devices via a cloud keychain and provides a manager for sharing login credentials between native applications an
Provides a Swift interface for storing and retrieving encrypted credentials in the Apple system keychain.
jrnl is a command-line journaling tool used for recording dated entries and managing personal journals directly from a terminal. It functions as an encrypted plain-text journal system that protects private entries through encryption and integration with native system keychains. The project includes a calendar-based activity tracker that visualizes entry frequency and patterns using a heatmap layout. It also serves as a data utility for exporting journal entries into formats such as Markdown, JSON, YAML, and XML. The system supports multi-journal management for different life areas and provid
Integrates with native system keychains to securely store and retrieve encryption passwords.
IceCubesApp is a native iOS social networking client built with SwiftUI. It serves as an ActivityPub and Mastodon client, providing a mobile interface for interacting with decentralized servers. The application functions as a multi-account manager, allowing users to authenticate and switch between several different social media profiles within a single interface. The software includes an AI-enhanced text editor used to refine, shorten, or generate descriptive text for posts. These artificial intelligence tools assist in writing and generating alt-text for uploaded images. The platform covers
Uses the native system keychain for secure storage of authentication tokens and credentials.
Keka is a file compression and archive extraction utility designed for macOS and iOS. It functions as a tool to shrink the size of files and folders to optimize storage and speed up data transfers. The application serves as an encrypted archive manager, allowing users to protect compressed files with passwords and encryption to ensure private data sharing and secure transmission. The software covers broad capabilities in file archiving, including the ability to compress data into archival formats and unpack various archive formats to restore original content to the local system.
Restricts access to archived files using security settings to keep data confidential.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Stores sensitive API tokens and credentials in the system keychain to keep them out of code.
TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas
Copies properties between models using the spread operator for reuse without inheritance.
Uses distinct bundle IDs per build configuration and consistent signing to avoid repeated Keychain access requests for license storage.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Shares blocked and allowed IP lists among a group of servers to maintain consistent security policies.
SAMKeychain es un gestor de llaveros (keychain) de Objective-C que proporciona una interfaz programática para crear, leer y eliminar credenciales seguras almacenadas en el llavero del sistema de macOS e iOS. Sirve como un wrapper ligero para gestionar contraseñas y datos confidenciales en plataformas Apple. El proyecto proporciona una API unificada que abstrae las diferencias de implementación entre macOS e iOS. Envuelve APIs de C de bajo nivel en clases de Objective-C para proporcionar una interfaz orientada a objetos para interactuar con el demonio de seguridad del sistema. La biblioteca cubre el almacenamiento seguro de credenciales y el control de acceso, incluyendo la capacidad de almacenar, recuperar y eliminar contraseñas de cuentas y tokens de autenticación en almacenamiento persistente cifrado.
Implements direct integration with the system security daemon for encrypted persistent storage of sensitive data.
Knuff es una herramienta de depuración de escritorio diseñada para probar cargas útiles (payloads) del servicio de notificaciones push de Apple. Permite la entrega de cargas útiles JSON personalizadas a dispositivos móviles para verificar que las notificaciones se reciban correctamente. La aplicación se integra con el llavero (keychain) del sistema para gestionar certificados de seguridad y claves privadas para la firma de solicitudes. También incluye una utilidad para exportar estas identidades de seguridad desde el llavero a formatos de archivo portátiles para su uso con otras herramientas de desarrollo. La herramienta proporciona mecanismos para la recuperación automática de tokens de dispositivo y un gestor de cargas útiles para guardar y reutilizar tokens de dispositivo y configuraciones JSON. Esto permite la persistencia de datos de notificación específicos para asegurar escenarios de prueba repetibles.
Exports security identities from the system keychain into files for use with external push tools.
Franz es un agregador de mensajería multiservicio y espacio de trabajo de comunicación unificada. Combina múltiples servicios de chat, correo electrónico y calendario en una única interfaz de escritorio para eliminar la necesidad de cambiar entre aplicaciones dispares. El proyecto se distingue por un envoltorio de navegador centrado en la privacidad que bloquea rastreadores de terceros y la toma de huellas digitales (fingerprinting), mientras utiliza cifrado nativo del sistema para el almacenamiento de credenciales. Incorpora un resumidor de conversaciones por IA que puede ejecutarse localmente o mediante alojamiento en la nube para condensar mensajes perdidos y redactar respuestas conscientes del contexto. La aplicación proporciona una gestión de sesiones extensa para múltiples cuentas concurrentes y organiza las herramientas en espacios de trabajo enfocados. Incluye capacidades para la clasificación de comunicaciones, como transformar mensajes en tareas, agregar vistas de calendario y centralizar el acceso a archivos en todos los servicios integrados. Los usuarios pueden extender la plataforma mediante plugins de servicio personalizados y gestionar diseños con ventanas de servicio separables o lado a lado.
Secures authentication tokens and passwords using the operating system's native encrypted keychain storage.
Este proyecto es una colección de herramientas de línea de comandos y scripts diseñados para consultar llaveros (keychains) del sistema y recuperar contraseñas en texto plano para identificadores de red inalámbrica específicos. Funciona como un extractor de credenciales de red inalámbrica que recupera claves de seguridad guardadas para el identificador de conjunto de servicios (SSID) actual o especificado. La utilidad incluye específicamente una herramienta de acceso al llavero de macOS y un extractor basado en Bash para obtener claves de seguridad del almacén de seguridad del sistema. Utiliza comandos de terminal específicos de la plataforma y análisis de expresiones regulares para aislar contraseñas en texto plano a partir de datos de diagnóstico del sistema detallados. El software cubre la recuperación de credenciales de red y la administración de redes locales, proporcionando un método para encontrar claves de seguridad para redes inalámbricas conectadas mediante la ejecución de comandos en shell.
Extracts plaintext passwords and security keys from the system-level secure enclave.