13 dépôts
Encryption and transport security standards for application data.
Distinguishing note: Focuses on data-at-rest and data-in-transit security.
Explore 13 awesome GitHub repositories matching security & cryptography · Application Data Security. Refine with filters or upvote what's useful.
Appsmith is a low-code platform designed for building internal business tools, such as operational dashboards and administrative panels. It enables developers to construct dynamic user interfaces by dragging and dropping modular widgets onto a canvas and binding them directly to backend data sources. The platform utilizes a reactive framework that automatically updates interface elements and triggers functions whenever underlying data or widget properties change, eliminating the need for manual event handling. The platform distinguishes itself through a server-side proxy architecture that exe
Protects sensitive data using AES-256 encryption and TLS-secured connections.
This project is a reactive, offline-first NoSQL database engine designed for JavaScript applications. It provides a robust framework for managing application state by synchronizing data across browsers, mobile devices, and server-side runtimes. By treating local storage as the primary source of truth, it enables applications to remain functional without network connectivity, automatically reconciling changes with remote backends once a connection is restored. The database distinguishes itself through a modular architecture that supports cross-environment synchronization and high-performance d
Encrypts sensitive information stored in the local database to protect user privacy at rest.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using encrypted connections for all data transfers without persisting any records to local disk storage.
This project is a modular e-commerce platform built on Ruby on Rails, designed to serve as a comprehensive engine for managing online retail operations. It provides the foundational infrastructure to handle complex product catalogs, customer order lifecycles, and global payment processing within a unified system. The platform distinguishes itself through a headless, API-first architecture that decouples backend commerce logic from custom frontend storefronts. It supports multi-tenant environments, allowing for the management of multiple independent retail storefronts or marketplaces from a si
Protects customer and transaction information using strong encryption at-rest and in-transit alongside automated security patching.
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
Encrypts captured interaction data using AES to ensure privacy and prevent unauthorized exposure.
This project is a software engineering style guide and a curated collection of architectural patterns and coding standards. It provides a multi-language coding standard to ensure maintainable software across Ruby, Python, JavaScript, and Swift. The project establishes a development workflow specification for version control, continuous integration, and peer review to maintain a linear project history. It also includes a web accessibility framework based on ARIA and WCAG standards, using design tokens and semantic HTML patterns to build inclusive interfaces. The guides cover a broad range of
Provides configurations to protect cookies from tampering and prevent accidental writes to production data.
CRMEB is a comprehensive e-commerce platform built on ThinkPHP 6, designed as a headless system that delivers standardized APIs to various frontend clients. It provides a unified backend to synchronize product catalogs, orders, and customer data across web browsers, mobile applications, and mini-programs. The platform supports diverse commerce models, including multi-vendor marketplaces where independent merchants manage their own stores, centralized chain store networks, and social commerce frameworks featuring affiliate distribution and community group buying. It also integrates specialized
Protects system data against CSRF, SQL injection, and shell attacks using encryption and filtering.
SQLCipher is an encrypted SQLite database engine and secure relational database that provides transparent AES-256 encryption for database files and stored data. It functions as a cryptographic storage engine that requires a passphrase or binary key to unlock and access content. The engine ensures data confidentiality through page-level encryption and protects data integrity using cryptographic hashes to detect unauthorized modifications. It includes capabilities for encryption key rotation to update passphrases and secure memory locking to prevent sensitive keys from being swapped from RAM to
Provides a secure way to store application settings and user data in encrypted files to prevent unauthorized access.
Ce projet est une collection d'implémentations de référence, d'exemples de code et de kits de démarrage pour intégrer les services backend Firebase dans des applications web en utilisant le SDK JavaScript. Il sert de guide pratique pour amorcer des projets avec une authentification hébergée dans le cloud, des bases de données et une logique serverless. Le dépôt fournit des exemples spécifiques pour implémenter la synchronisation de données en temps réel, la gestion d'identité utilisateur et les fonctions cloud pilotées par événements. Il inclut également du code de référence pour utiliser des émulateurs de service locaux afin de tester la fonctionnalité cloud sur une machine locale avant le déploiement en production. La base de code couvre un large éventail de capacités, notamment le stockage de données no-sql et relationnel, l'hébergement d'assets statiques sur un CDN mondial et l'application de règles de sécurité déclaratives. Elle démontre également l'intégration de la vérification d'identité et l'exécution de logique côté serveur dans des environnements gérés.
Implements security rules and protections to safeguard user information and application resources.
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Sets standards for encrypting network traffic using strong protocols and forward secrecy to prevent interception.
This project is a series of guided tutorials and educational resources for Android application development. It provides instructional content for building mobile applications and games from scratch using Android Studio and the Android SDK. The curriculum covers mobile UI design and the creation of responsive layouts that adapt to various screen dimensions. It includes guides on hardware integration for accessing device sensors and native services through permission models, as well as lessons on application data security. The material covers data management through local database storage and
Provides lessons on coding practices and mechanisms to protect user information and prevent common security vulnerabilities.
Shiro est un framework de sécurité Java qui fournit un gestionnaire d'identité et d'accès pour implémenter l'authentification, l'autorisation, la cryptographie et la gestion de session. Il sert de couche de sécurité pour vérifier les identités des utilisateurs et appliquer un contrôle d'accès basé sur les rôles pour les ressources système protégées. Le projet dispose d'une architecture de realm enfichable qui découple la logique de sécurité des données d'identité et un système de gestion de session autonome qui suit l'état de l'utilisateur indépendamment du conteneur de servlet sous-jacent. Il inclut un intégrateur pour les fournisseurs d'identité externes utilisant des protocoles de fédération tels qu'OAuth 2.0 et SAML pour permettre l'authentification unique (SSO). Le framework couvre une large surface de capacités, y compris l'interception de requêtes via des chaînes de filtres, l'application de sécurité déclarative via des annotations, et la protection des données sensibles utilisant des wrappers cryptographiques symétriques et asymétriques. Il fournit également des utilitaires pour la mise en cache des recherches de sécurité et la gestion des cycles de vie de session distribués à travers les environnements d'entreprise.
Secures application data and passwords using symmetric/asymmetric encryption and salted hashing.
Ce projet sert de feuille de route éducative complète et de programme pour maîtriser le développement d'applications Android professionnelles. Il fournit un parcours d'apprentissage structuré qui guide les développeurs à travers les principes essentiels de conception système, les modèles architecturaux et les compétences techniques nécessaires pour construire, tester et déployer des logiciels mobiles évolutifs. La ressource se distingue en organisant des sujets techniques complexes dans une séquence logique, couvrant tout, des outils de développement mobile fondamentaux aux pratiques d'ingénierie logicielle avancées. Elle met l'accent sur les modèles standard de l'industrie pour structurer des bases de code maintenables, garantissant que les apprenants acquièrent une maîtrise des systèmes de build, de la gestion des dépendances et de l'intégration de services externes. Au-delà de l'architecture de base, le programme aborde des aspects critiques de l'écosystème mobile, y compris le traitement de flux réactifs, l'exécution asynchrone et la gestion des composants conscients du cycle de vie. Il intègre également des conseils sur la sécurisation des données d'application, la vérification de la qualité logicielle par les tests et l'implémentation d'interfaces utilisateur réactives. Le dépôt fonctionne comme un guide centralisé pour les développeurs cherchant à standardiser leur approche de l'ingénierie mobile et du déploiement de logiciels professionnels.
Implements encryption, obfuscation, and permission controls to protect sensitive user information.