awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

20 repositorios

Awesome GitHub RepositoriesWebSocket Security

Security controls for persistent WebSocket connections including authentication and input validation.

Distinguishing note: Focuses on stateful connection security, distinct from stateless HTTP security.

Explore 20 awesome GitHub repositories matching security & cryptography · WebSocket Security. Refine with filters or upvote what's useful.

Awesome WebSocket Security GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • owasp/cheatsheetseriesAvatar de OWASP

    OWASP/CheatSheetSeries

    32,298Ver en GitHub↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Secures persistent connections through authentication and input validation to prevent data injection.

    Pythonapplication-securityappsecbest-practices
    Ver en GitHub↗32,298
  • nats-io/nats-serverAvatar de nats-io

    nats-io/nats-server

    20,076Ver en GitHub↗

    NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t

    Validates incoming WebSocket connections using various security methods including tokens, certificates, and identity-based credentials.

    Gocloudcloud-computingcloud-native
    Ver en GitHub↗20,076
  • elysiajs/elysiaAvatar de elysiajs

    elysiajs/elysia

    18,531Ver en GitHub↗

    Elysia is a high-performance TypeScript web framework designed for building type-safe backend services. It provides a modular, plugin-based architecture that allows developers to compose server logic, middleware, and validation schemas into scalable application instances. By leveraging native web standards, the framework ensures portability across diverse JavaScript runtimes, including Node.js, Deno, and various edge computing environments. The framework distinguishes itself through its focus on end-to-end type safety, automatically synchronizing request and response definitions between the s

    Enforces strict schema constraints on incoming WebSocket messages to ensure data integrity.

    TypeScriptbunframeworkhttp
    Ver en GitHub↗18,531
  • yhirose/cpp-httplibAvatar de yhirose

    yhirose/cpp-httplib

    16,597Ver en GitHub↗

    This is a header-only C++ library that provides implementations for HTTP clients, HTTP servers, and a WebSocket framework. It allows for the creation of network services and the consumption of remote APIs without requiring a separate compilation step or external binary linking. The project features backend-agnostic TLS integration for secure HTTPS and WSS communication and employs a thread-pool model to process concurrent requests. It distinguishes itself with a full-duplex WebSocket state-machine and a middleware-based request pipeline that supports regular-expression path routing. The libr

    Provides secure WebSocket communication using the wss scheme and certificate verification.

    C++
    Ver en GitHub↗16,597
  • tootallnate/java-websocketAvatar de TooTallNate

    TooTallNate/Java-WebSocket

    10,811Ver en GitHub↗

    Java-WebSocket is a collection of classes for implementing WebSocket clients and servers using pure Java. It provides a framework for hosting servers that manage connections via event-driven subclasses and tools for establishing client connections to remote servers. The library includes a secure communication tool for encrypting traffic using the WSS protocol and a compression library that uses per-message deflate extensions to reduce transmitted data size. It supports the configuration of cipher suites to limit encryption protocols and ensure compatible communication. The project enables bi

    Supports secure communication using the WSS protocol and certificate management to protect data streams.

    Java
    Ver en GitHub↗10,811
  • 99designs/gqlgenAvatar de 99designs

    99designs/gqlgen

    10,729Ver en GitHub↗

    gqlgen is a schema-first Go library designed to build type-safe GraphQL servers. It functions as a code generation engine that transforms declarative GraphQL schema definitions into strongly-typed Go source code, ensuring strict alignment between the API contract and the underlying implementation. The framework distinguishes itself through its deep integration with the Go type system and its highly extensible build pipeline. By using schema-first development, it automates the creation of server boilerplate and resolver stubs, allowing developers to map schema fields directly to Go structs and

    Validates initial connection payloads during the handshake process to verify user identity for subscriptions.

    Gocodegendataloadergogenerate
    Ver en GitHub↗10,729
  • facebookincubator/socketrocketAvatar de facebookincubator

    facebookincubator/SocketRocket

    9,616Ver en GitHub↗

    SocketRocket is an Objective-C WebSocket client library designed to establish bidirectional real-time communication channels between an application and a server. It provides a networking layer for real-time data streaming, utilizing a heartbeat monitor to maintain the stability of active network streams. The library is built to operate across restricted networks by routing traffic through HTTP proxies. It secures data transmission using TLS encryption and SSL certificate pinning to prevent unauthorized interception of network traffic. Its underlying capabilities include low-level TCP socket

    Encrypts data transfers using TLS and SSL certificate pinning to prevent unauthorized interception.

    Objective-C
    Ver en GitHub↗9,616
  • daltoniam/starscreamAvatar de daltoniam

    daltoniam/Starscream

    8,639Ver en GitHub↗

    Starscream is a Swift WebSocket client library that provides a concrete implementation of the WebSocket protocol for iOS and macOS applications. It functions as an event-driven wrapper for establishing and managing bidirectional connections to send and receive text and binary frames over TCP. The library includes a secure WebSocket client capable of encrypting traffic and validating server identities. It manages the full connection lifecycle, from the initial handshake and header exchange to session termination with custom close codes. The project covers a broad range of networking capabilit

    Implements encrypted communication channels and security controls to protect data transmitted via WebSockets.

    Swift
    Ver en GitHub↗8,639
  • vi/websocatAvatar de vi

    vi/websocat

    8,571Ver en GitHub↗

    Websocat is a specialized set of command-line tools for WebSocket communication, acting as a client, server, and stream processor. It provides a terminal-based interface for connecting to WebSocket servers, hosting secure WebSocket servers, and bridging data between WebSockets and other network transports. The project distinguishes itself by functioning as a bidirectional network relay, allowing the routing of data between WebSocket streams, TCP sockets, UNIX sockets, and standard system input and output. It includes specialized implementations for SOCKS5 and HTTP proxying, as well as a strea

    Establishes secure, encrypted WebSocket connections using TLS or static symmetric keys.

    Rustclicommand-linecommand-line-tool
    Ver en GitHub↗8,571
  • javalin/javalinAvatar de javalin

    javalin/javalin

    8,290Ver en GitHub↗

    Javalin is a lightweight web framework for Java and Kotlin designed for building REST APIs and web applications. It functions as an embedded Jetty web server, allowing applications to run as standalone processes without the need for an external servlet container. The project provides specialized frameworks for diverse communication patterns, including a REST API framework with automatic OpenAPI schema generation, a GraphQL API framework with query and mutation resolvers, and a WebSocket server for bidirectional real-time communication. It also includes a dedicated framework for pushing real-t

    Provides handlers to perform authentication and validation during the WebSocket upgrade process.

    Kotlinhacktoberfestjavajavalin
    Ver en GitHub↗8,290
  • mrniko/netty-socketioAvatar de mrniko

    mrniko/netty-socketio

    7,021Ver en GitHub↗

    netty-socketio is a Java implementation of a Socket.IO server designed for real-time bidirectional communication between clients and servers. It functions as a real-time event engine and WebSocket communication server, utilizing the Netty network framework to manage high-performance socket connections. The project enables distributed socket server scaling by acting as a distributed message broker. It synchronizes client states and broadcasts messages across multiple server nodes through the use of an external data store. The system manages traffic via namespace-based connection routing and r

    Protects real-time data transfers using encryption and security certificates to secure stateful WebSocket connections.

    Javajavanettypolling
    Ver en GitHub↗7,021
  • proxymanapp/proxymanAvatar de ProxymanApp

    ProxymanApp/Proxyman

    6,858Ver en GitHub↗

    Proxyman is a cross-platform HTTP debugging proxy that captures, inspects, and modifies HTTP, HTTPS, and WebSocket traffic. It functions as a man-in-the-middle proxy, decrypting SSL/TLS traffic to allow real-time inspection and modification of encrypted requests and responses. The tool is designed for debugging web and mobile applications, with capabilities for API mocking and simulation, scriptable traffic modification, and team collaboration on network logs. What distinguishes Proxyman is its deep integration with mobile and cross-platform development workflows. It provides automated certif

    Captures WebSocket and Secure WebSocket messages from browsers, mobile devices, and local applications.

    debugging-tooliosmacos
    Ver en GitHub↗6,858
  • sta/websocket-sharpAvatar de sta

    sta/websocket-sharp

    6,067Ver en GitHub↗

    websocket-sharp es una implementación en C# de la librería del protocolo WebSocket utilizada para crear aplicaciones cliente y servidor bidireccionales. Permite el intercambio de datos en tiempo real entre endpoints mediante conexiones persistentes. La librería proporciona capacidades de red especializadas, incluyendo redes cifradas SSL para transporte seguro y validación de certificados. También cuenta con túneles proxy HTTP para enrutar tráfico a través de servidores intermediarios utilizando autenticación básica o digest. El proyecto cubre una amplia gama de capacidades, incluyendo la implementación de clientes y servidores WebSocket, enrutamiento de servicios basado en rutas y la capacidad de transmitir mensajes a múltiples clientes. Incluye soporte para gestionar metadatos de handshake y compresión de carga útil para reducir el tamaño de la transferencia de datos.

    Provides security controls for persistent connections, including SSL/TLS encryption and certificate validation.

    C#
    Ver en GitHub↗6,067
  • oisf/suricataAvatar de OISF

    OISF/suricata

    6,008Ver en GitHub↗

    Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in real-time to identify and alert on malicious activity. It operates as a rule-based threat detection system, matching traffic against user-defined signatures to detect known attack patterns and policy violations, and can be placed inline to actively block malicious packets before they reach their target. The engine inspects a wide range of application-layer protocols including HTTP, DNS, TLS, SMB, and MQTT, and supports high-performance packet capture through specialized hardware a

    Inspects WebSocket traffic for malicious patterns and enforces security policies on WebSocket communications.

    Ccybersecurityidsintrusion-detection-system
    Ver en GitHub↗6,008
  • nginx/unitAvatar de nginx

    nginx/unit

    5,560Ver en GitHub↗

    NGINX Unit is an open-source application server designed to natively execute code across multiple programming language runtimes and WebAssembly within a single process. It serves as a multi-language application server that can run applications written in Go, Java, Node.js, Perl, PHP, Python, Ruby, and WebAssembly side by side, without requiring separate runtime environments for each language. The server distinguishes itself through a RESTful JSON control API that enables dynamic, zero-downtime configuration changes without restarting the server. It combines event-driven asynchronous I/O with

    Validates WebSocket payload lengths in the Java language module to prevent infinite loops and excessive CPU consumption.

    C
    Ver en GitHub↗5,560
  • boostorg/beastAvatar de boostorg

    boostorg/beast

    4,801Ver en GitHub↗

    Beast es una librería de C++ para implementar clientes y servidores HTTP y WebSocket de bajo nivel. Funciona como un framework de red asíncrono diseñado para componer operaciones de E/S sin bloqueo y pilas de flujo en capas para gestionar el tráfico de red concurrente, utilizando específicamente el modelo asíncrono de Boost.Asio. La librería proporciona una implementación completa de los protocolos HTTP/1.1 y WebSocket. Para HTTP, incluye primitivas para analizar y serializar mensajes con soporte para codificación de transferencia fragmentada, lectura incremental del cuerpo y canalización de solicitudes. Su implementación de WebSocket cubre el ciclo de vida completo de la comunicación bidireccional, incluyendo apretones de manos, negociación de subprotocolos, fragmentación de mensajes y monitoreo de actividad mediante tramas de control. Beast incluye un conjunto especializado de herramientas para la gestión de buffers de red para optimizar la E/S de dispersión-recopilación a través de buffers de memoria dinámicos y basados en secuencias. También cubre la comunicación de red segura mediante la integración de capas SSL/TLS para flujos cifrados, autenticación de certificados y terminación segura de conexiones. El framework proporciona abstracciones multiplataforma para E/S de archivos y gestión de señales del sistema para apoyar el desarrollo de aplicaciones de red estables.

    Wraps WebSocket streams in an SSL/TLS layer to provide encrypted bidirectional communication.

    C++asioasync-programmingboost
    Ver en GitHub↗4,801
  • zlt2000/microservices-platformAvatar de zlt2000

    zlt2000/microservices-platform

    4,735Ver en GitHub↗

    Este proyecto es una arquitectura empresarial integral para construir sistemas distribuidos multi-inquilino, implementada como una plataforma de microservicios de Spring Cloud. Proporciona un framework completo para gestionar microservicios, centrándose en la arquitectura de datos multi-inquilino y la provisión centralizada de identidad. La plataforma se distingue por su enfoque integrado de identidad y seguridad, utilizando un proveedor de identidad OAuth2 para gestionar el inicio de sesión único, control de acceso basado en roles y emisión de tokens JWT a través de servicios distribuidos. Además, separa los límites organizacionales mediante el aislamiento de datos multi-inquilino, asegurando que los recursos y datos estén lógica o físicamente particionados entre diferentes inquilinos. El sistema cubre una amplia superficie de capacidades distribuidas, incluyendo la gobernanza de servicios mediante enrutamiento de API gateway y disyuntores, y la coordinación de datos mediante transacciones distribuidas y mecanismos de bloqueo. También incluye una pila de observabilidad distribuida para el trazado de solicitudes y registro centralizado, junto con la sincronización de motores de búsqueda en tiempo real y mensajería asíncrona basada en eventos. El flujo de trabajo de desarrollo es compatible con herramientas de automatización para la generación de código de aplicación y empaquetado de binarios específico de la plataforma.

    Secures real-time communication by authenticating WebSocket handshakes before establishing connections.

    Javaelkgpejava
    Ver en GitHub↗4,735
  • httprunner/httprunnerAvatar de httprunner

    httprunner/httprunner

    4,279Ver en GitHub↗

    HttpRunner es un framework de pruebas de red multiprotocolo diseñado para automatizar pruebas funcionales y de regresión de interfaces HTTP. Funciona como un probador de red multiprotocolo que admite HTTP/1.1, HTTP/2, WebSocket, TCP y RPC para validar diversos patrones de comunicación. El proyecto incluye motores especializados para pruebas de rendimiento de API, pruebas basadas en datos y un generador de casos de prueba que convierte archivos HAR, comandos curl y definiciones de Swagger en scripts ejecutables. El framework se distingue por su capacidad para separar la lógica de prueba de los datos de negocio a través de un motor de ejecución basado en datos y su soporte para pruebas de carga de alta concurrencia a través de orquestación de carga distribuida. Cuenta con un sistema de plugins en múltiples lenguajes que permite a los usuarios extender el motor central con lógica de validación y procesamiento personalizada escrita en Go, Python o Java. El proyecto cubre una amplia gama de capacidades, incluyendo modelado de escenarios complejos para simulación de flujo de trabajo de usuario, validación de respuestas y análisis detallado de rendimiento de red. Proporciona herramientas para la generación de carga distribuida, sondeo de red geográfico y la integración de suites de pruebas automatizadas en pipelines de CI. El motor de pruebas central se puede ejecutar a través de una interfaz de línea de comandos o envolverse dentro del ecosistema de pruebas de Python utilizando un runner dedicado.

    The project extracts parameters from responses and performs assertions on returned data to verify communication correctness.

    Goadbagent-tarsmcp-server
    Ver en GitHub↗4,279
  • theturtle32/websocket-nodeAvatar de theturtle32

    theturtle32/WebSocket-Node

    3,784Ver en GitHub↗

    WebSocket-Node is a server-side implementation of the WebSocket protocol for Node.js environments. It serves as a framework for establishing persistent, bidirectional communication channels and low-latency data exchange between clients and servers. The project provides a secure socket implementation using transport layer security and includes an integrated client for establishing outbound encrypted connections. It utilizes a formal protocol-state machine and an event-driven connection framework to manage high-concurrency network streams. The framework covers server-side infrastructure includ

    Implements security controls for persistent WebSocket connections, including transport layer encryption.

    JavaScript
    Ver en GitHub↗3,784
  • websocket-client/websocket-clientAvatar de websocket-client

    websocket-client/websocket-client

    3,706Ver en GitHub↗

    This is a Python WebSocket client library designed to establish full-duplex, persistent network connections for real-time exchange of text and binary data. It functions as an asynchronous network client and a TCP socket wrapper, managing the complete lifecycle of a connection from the initial handshake to graceful closure. The implementation includes a secure WebSocket client that handles SSL/TLS encryption, certificate verification, and secure handshake protocols. It further distinguishes itself by supporting advanced connectivity options, including proxy routing via HTTP or SOCKS proxies an

    Implements security controls for persistent WebSocket connections including SSL/TLS encryption and certificate verification.

    Pythonpythonrfc-6455websocket
    Ver en GitHub↗3,706
  1. Home
  2. Security & Cryptography
  3. WebSocket Security

Explorar subetiquetas

  • WebSocket Payload Validations1 sub-etiquetaValidation of WebSocket payload lengths to prevent infinite loops and excessive CPU consumption. **Distinct from WebSocket Security:** Distinct from WebSocket Security: focuses specifically on payload length validation to prevent resource exhaustion, not general authentication or input validation.
  • WebSocket Traffic Inspections2 sub-etiquetasInspects WebSocket traffic for malicious patterns and enforces security policies on WebSocket communications. **Distinct from WebSocket Security:** Distinct from WebSocket Security: focuses on real-time traffic inspection and pattern matching rather than authentication or input validation.