16 dépôts
Secure storage of credentials and tokens using system-level secure enclaves.
Distinct from Data Security: Distinct from Data Security by focusing specifically on the system keychain rather than general backup or policy security.
Explore 16 awesome GitHub repositories matching security & cryptography · Keychain Storage. Refine with filters or upvote what's useful.
This project provides a set of development guidelines and architectural recommendations for building iOS applications. It focuses on structuring Swift applications to decouple business logic from the user interface to improve testability and maintenance. The project covers specific implementation standards for security, such as using keychain storage for sensitive data and TLS certificate pinning for network traffic. It also defines patterns for code quality enforcement through static analysis and compiler configurations, as well as strategies for asset and localization management. The guide
Defines standards for storing passwords and authentication tokens in a secure system keychain.
OrbStack is a native macOS application that replaces Docker Desktop, providing an all-in-one environment for running Docker containers, full Linux virtual machines, and local Kubernetes clusters. It runs Linux VMs directly on the macOS hypervisor framework for near-native performance, uses VirtioFS for fast bidirectional file sharing between macOS and Linux, and leverages Rosetta for near-native x86 emulation on Apple Silicon. The system assigns predictable local domain names to containers and VMs with automatic HTTPS certificate generation, forwards ports via event-driven updates, and stores
Stores Docker registry credentials securely using the native macOS keychain for authentication.
Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst
Dumps and modifies sensitive items stored within a device's secure keystore.
KeychainAccess is a Swift library used for storing and retrieving encrypted data within the Apple system keychain across iOS and macOS. It provides a type-safe interface for managing sensitive information and user credentials on iOS, macOS, tvOS, and watchOS. The library includes a biometric authentication interface that requires FaceID or TouchID verification with custom prompts before accessing specific secure items. It also enables the synchronization of credentials across Apple devices via a cloud keychain and provides a manager for sharing login credentials between native applications an
Provides a Swift interface for storing and retrieving encrypted credentials in the Apple system keychain.
jrnl is a command-line journaling tool used for recording dated entries and managing personal journals directly from a terminal. It functions as an encrypted plain-text journal system that protects private entries through encryption and integration with native system keychains. The project includes a calendar-based activity tracker that visualizes entry frequency and patterns using a heatmap layout. It also serves as a data utility for exporting journal entries into formats such as Markdown, JSON, YAML, and XML. The system supports multi-journal management for different life areas and provid
Integrates with native system keychains to securely store and retrieve encryption passwords.
IceCubesApp is a native iOS social networking client built with SwiftUI. It serves as an ActivityPub and Mastodon client, providing a mobile interface for interacting with decentralized servers. The application functions as a multi-account manager, allowing users to authenticate and switch between several different social media profiles within a single interface. The software includes an AI-enhanced text editor used to refine, shorten, or generate descriptive text for posts. These artificial intelligence tools assist in writing and generating alt-text for uploaded images. The platform covers
Uses the native system keychain for secure storage of authentication tokens and credentials.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Stores sensitive API tokens and credentials in the system keychain to keep them out of code.
Uses distinct bundle IDs per build configuration and consistent signing to avoid repeated Keychain access requests for license storage.
SAMKeychain est un gestionnaire de trousseau Objective-C fournissant une interface programmatique pour créer, lire et supprimer des identifiants sécurisés stockés dans le trousseau système macOS et iOS. Il sert de wrapper léger pour gérer les mots de passe et les données sensibles sur les plateformes Apple. Le projet fournit une API unifiée qui abstrait les différences d'implémentation entre macOS et iOS. Il enveloppe les API C de bas niveau dans des classes Objective-C pour fournir une interface orientée objet pour interagir avec le démon de sécurité système. La bibliothèque couvre le stockage sécurisé des identifiants et le contrôle d'accès, incluant la capacité de stocker, récupérer et supprimer des mots de passe de compte et des jetons d'authentification dans un stockage persistant chiffré.
Implements direct integration with the system security daemon for encrypted persistent storage of sensitive data.
Knuff est un outil de débogage de bureau conçu pour tester les charges utiles (payloads) du service Apple Push Notification. Il permet la livraison de charges utiles JSON personnalisées vers des appareils mobiles pour vérifier que les notifications sont reçues correctement. L'application s'intègre au trousseau système (keychain) pour gérer les certificats de sécurité et les clés privées pour la signature des requêtes. Elle inclut également un utilitaire pour exporter ces identités de sécurité depuis le trousseau vers des formats de fichiers portables pour une utilisation avec d'autres outils de développement. L'outil fournit des mécanismes pour la récupération automatique de jetons d'appareil et un gestionnaire de charges utiles pour enregistrer et réutiliser les jetons d'appareil et les configurations JSON. Cela permet la persistance de données de notification spécifiques pour garantir des scénarios de test reproductibles.
Exports security identities from the system keychain into files for use with external push tools.
Franz est un agrégateur de messagerie multi-services et un espace de travail de communication unifié. Il combine plusieurs services de chat, d'e-mail et de calendrier dans une interface de bureau unique pour éliminer le besoin de basculer entre des applications disparates. Le projet se distingue par un wrapper de navigateur axé sur la confidentialité qui bloque les trackers tiers et le fingerprinting tout en utilisant le chiffrement système natif pour le stockage des identifiants. Il intègre un résumé de conversation par IA qui peut s'exécuter localement ou via un hébergement cloud pour condenser les messages manqués et rédiger des réponses contextuelles. L'application offre une gestion de session étendue pour plusieurs comptes simultanés et organise les outils dans des espaces de travail axés sur la concentration. Elle inclut des capacités de tri des communications, telles que la transformation de messages en tâches, l'agrégation de vues de calendrier et la centralisation de l'accès aux fichiers sur les services intégrés. Les utilisateurs peuvent étendre la plateforme via des plugins de service personnalisés et gérer les mises en page avec des fenêtres de service détachables ou côte à côte.
Secures authentication tokens and passwords using the operating system's native encrypted keychain storage.
This project is a collection of command-line tools and scripts designed to query system keychains and recover plaintext passwords for specific wireless network identifiers. It functions as a wireless network credential extractor that retrieves saved security keys for the current or specified service set identifier. The utility specifically includes a macOS keychain access tool and a Bash-based retriever to extract security keys from the system security store. It uses platform-specific terminal commands and regular expression parsing to isolate plaintext passwords from verbose system diagnosti
Extracts plaintext passwords and security keys from the system-level secure enclave.
Valet est une bibliothèque Swift pour gérer le stockage sécurisé de données dans le trousseau (keychain) du système Apple sur iOS et macOS. Elle fournit un wrapper de haut niveau pour stocker et récupérer des chaînes sensibles et des objets de données en utilisant des enclaves sécurisées basées sur le matériel. Le projet permet la synchronisation des données de trousseau stockées sur plusieurs appareils via des services de trousseau basés sur le cloud. Il inclut également des mécanismes pour échanger des identifiants sécurisés entre plusieurs applications du même développeur en utilisant l'accès au trousseau partagé et les droits de groupe d'applications. La bibliothèque couvre l'authentification biométrique pour protéger la récupération des données et gère la migration et le remappage des entrées de trousseau existantes.
Provides secure storage of credentials and tokens using the native Apple system keychain and secure enclaves.
This project is a git-based documentation site and markdown knowledge base designed as a searchable archive of technical cheat sheets and guides. It functions as a repository for short technical tips and code examples to facilitate team knowledge sharing and developer onboarding. The system employs a version control workflow to manage the submission, review, and publishing of technical learnings. It includes utilities for commit management and history consolidation, as well as the ability to retrieve specific files across different branches. Security is handled through the use of system-leve
Uses system-level secure enclaves for the encrypted storage of authentication credentials.
This is a PHP native application framework used to build standalone desktop and mobile applications. It functions as a cross-platform app wrapper and binary application bundler, encapsulating PHP codebases into native binaries and installers for macOS, Windows, Linux, iOS, and Android. The project provides a native device API bridge and OS integration layer, allowing PHP application logic to connect directly to host operating system services. This enables the execution of applications as local binaries without the requirement of a remote web server. The framework covers several high-level ca
Stores sensitive credentials and tokens using platform-native secure enclaves like Keychain and Keystore.
Quotio is a local LLM API proxy gateway and credential manager that intercepts and routes requests from command-line tools and integrated development environments to various AI model providers. It serves as a centralized authentication hub, managing API keys and service accounts to provide a unified interface for external AI agents. The project distinguishes itself through a routing engine that implements priority-chain and round-robin load balancing to distribute workloads across multiple accounts. It features automated API key failover, which redirects requests to backup authentication keys
Secures sensitive API keys and OAuth tokens using the system-level encrypted keychain.