86 dépôts
Solutions for managing digital certificates and encryption protocols to ensure secure, authenticated communication over the web.
Explore 86 awesome GitHub repositories matching security & cryptography · Security & HTTPS. Refine with filters or upvote what's useful.
Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework. What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. I
Generates TLS certificates on-the-fly during the initial handshake for arbitrary hostnames without requiring manual setup.
Traefik is a cloud-native load balancer and dynamic reverse proxy designed for microservices traffic routing. It automatically discovers services and generates network routes by listening to infrastructure changes in orchestrators and service registries. The project distinguishes itself through auto-configuring service routing, which eliminates manual configuration by updating routing rules in real time as infrastructure scales. It also provides automated SSL certificate management, utilizing ACME-based automation to request and renew certificates from remote authorities. Additional capabili
Automates the complete lifecycle of TLS certificates, including issuance and renewal, via the ACME protocol.
Vaultwarden is a self-hosted password management server designed to store and synchronize sensitive credentials, identities, and organizational data across multiple client devices. It functions as a database-backed web application that provides an API layer for secure client-server communication, enabling users to manage personal vaults and organizational data sharing with multi-factor authentication. The project distinguishes itself through a comprehensive administrative infrastructure that provides centralized control over server configuration, user accounts, and system diagnostics via a de
Manages encrypted communication by accepting custom digital certificates and private key paths for secure HTTPS traffic termination.
JavaFamily is a curated set of learning paths and reference guides for backend engineering, distributed systems, and virtual machine internals. It provides a structured curriculum covering the Java language, operating system concepts, and network protocols. The project features detailed study guides for the Java virtual machine architecture, including memory management and garbage collection. It also includes a comprehensive reference for distributed systems, covering microservices, remote procedure call frameworks, and scalable system design. The collection covers a broad range of technical
Analyzes HTTPS encryption processes to secure data transmission against man-in-the-middle attacks.
This project is a comprehensive reference collection of practical implementation examples and patterns for building applications with Spring Boot. It serves as a Java web application template and a showcase for developing functional web services featuring REST endpoints, template engines, and global exception handling. The repository distinguishes itself by providing detailed demonstrations of enterprise-grade features, including distributed locking, task scheduling, and asynchronous message exchange using brokers like RabbitMQ. It also includes reference implementations for automated API doc
Configures server certificates to enforce secure HTTPS connections and redirect insecure traffic.
nps is an intranet penetration proxy server that exposes internal network services to the public internet via secure TCP and UDP tunnels. It functions as a traffic forwarder and reverse proxy, enabling external access to local services, remote desktops, and internal APIs. The project is distinguished by a centralized web-based administration interface used to configure tunnels, manage user accounts, and monitor real-time bandwidth metrics. It supports domain-based request routing and provides a mechanism to secure public services using HTTPS encryption through digital certificates. The syste
Enables HTTPS encryption for public services using digital certificates to secure data in transit.
Trojan is a censorship circumvention tool and TLS proxy server designed to bypass network restrictions by imitating legitimate web services. It functions as a TLS traffic obfuscator that masks proxy activity by mimicking the handshake and data flow of standard HTTPS requests. The system disguises network traffic as common web browsing to avoid deep packet inspection. It achieves this by wrapping TCP and UDP data within TLS encryption and forwarding unauthenticated or unauthorized requests to a legitimate destination website to hide the proxy's purpose. The project provides a tunnel that conv
Imitates the HTTPS protocol to make encrypted proxy connections appear as legitimate web browsing.
V2Ray-agent is a shell-based orchestration tool designed to automate the deployment, configuration, and lifecycle management of network proxy services. It provides a structured framework for setting up encrypted tunnels and managing proxy processes as persistent background services through system initialization managers. The project distinguishes itself through a modular architecture that integrates automated security certificate management and multi-user access control into the deployment workflow. By utilizing template-driven configuration generation and reverse proxy traffic multiplexing,
Automates the lifecycle of TLS certificates for network proxies without manual intervention.
brpc is a high-performance C++ RPC framework and network programming library designed for building distributed systems. It functions as a multi-protocol RPC server capable of hosting and detecting multiple communication protocols, including gRPC, Thrift, HTTP, Redis, and Memcached, on a single TCP port. The project distinguishes itself through high-throughput data transport and memory efficiency, utilizing RDMA-based transport to bypass the kernel TCP stack and zero-copy memory management to eliminate data duplication. It also implements the Raft algorithm for consensus-based state replicatio
Automatically establishes secure encrypted connections when the request URI uses the HTTPS scheme.
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
Automates the lifecycle of TLS certificates to maintain secure encrypted connections without manual intervention.
CapRover is a self-hosted platform-as-a-service that provides a centralized dashboard for managing containerized applications and databases. It functions as a container orchestration platform, simplifying the deployment, scaling, and networking of services across server environments. By leveraging a reverse-proxy-based architecture, the platform handles domain mapping, traffic routing, and automated SSL certificate lifecycle management to ensure secure, encrypted access for hosted web services. The platform distinguishes itself through its integrated automation capabilities, which include aut
Automates the issuance, renewal, and installation of TLS certificates for hosted web applications.
OneDev is a self-hosted, unified development platform that integrates Git repository hosting, issue tracking, and continuous integration and deployment (CI/CD) into a single system. It provides a comprehensive environment for managing the entire software lifecycle, allowing teams to coordinate code reviews, track development tasks, and automate build pipelines through a centralized interface. The platform distinguishes itself by offering browser-based, containerized development environments that allow developers to access and edit project files directly on the server. Its build system utilize
Encrypts client-server communication through configurable security certificates and automated HTTPS management.
Cargo is the official build system and package manager for the Rust programming language. It provides a unified command-line interface that orchestrates the entire development lifecycle, including compiling source code, managing complex dependency graphs, running tests, and distributing packages through a centralized registry. By utilizing declarative manifest files, it ensures that builds remain reproducible and consistent across different environments. The tool distinguishes itself through its deep integration with the Rust compiler and its sophisticated approach to project management. It f
Integrates with system credential helpers to securely access private repositories over HTTPS without manual password entry.
Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte
Handles the automatic generation and renewal of encryption certificates to maintain secure connections for proxied domains without manual intervention.
Duplicati is a self-hosted backup server designed to perform encrypted, incremental, and compressed backups to a wide range of local, network, and cloud-based storage providers. It functions as a background service that automates recurring data protection tasks, ensuring that only changed data blocks are stored to maximize efficiency and minimize bandwidth usage. The project distinguishes itself through a centralized management console that allows for the orchestration of multiple distributed backup agents from a single web-based dashboard. It supports multi-tenant management, enabling the or
Automates the lifecycle of TLS certificates to secure access to the web-based management interface.
Drogon is a high-performance C++ HTTP web framework and asynchronous web server designed for building web applications and REST APIs. It utilizes an event-driven, non-blocking architecture to handle concurrent HTTP and WebSocket connections, and it implements a model-view-controller structure to separate business logic from presentation. The framework includes an integrated C++ object-relational mapping system and database client for performing asynchronous operations with relational databases and Redis key-value stores. It supports real-time, full-duplex communication via WebSockets and prov
Supports HTTPS encryption to ensure secure, authenticated communication between the client and server.
Cookiecutter Django is a command-line utility designed to generate production-ready web application structures based on the Django framework. It functions as a standardized boilerplate generator that automates the initial setup of a project, providing a consistent foundation that includes pre-configured settings, security defaults, and integrated infrastructure services. The project distinguishes itself by providing a fully containerized development and deployment environment. It orchestrates multi-container stacks that manage databases, background workers, and web servers, ensuring that the
Automates the provisioning and maintenance of encrypted HTTPS certificates via reverse proxies for secure communication.
Stalwart is a self-hosted email and collaboration infrastructure that provides an integrated mail server supporting SMTP, IMAP, POP3, and JMAP protocols. It functions as a comprehensive communication hub, combining email hosting with a collaboration server for shared calendars, contacts, and files. The system distinguishes itself through a distributed architecture that uses peer-to-peer cluster coordination to ensure high availability and fault tolerance. It features a built-in security suite that implements an S/MIME and OpenPGP email gateway alongside automated TLS certificate provisioning
Implements automated lifecycle management for TLS certificates using the ACME protocol.
Mailcow-dockerized is an open-source email hosting platform that provides a complete, self-hosted infrastructure suite. It bundles message transfer, storage, and security protocols into a modular, containerized environment designed for deployment on private infrastructure. The platform distinguishes itself by integrating a centralized management interface for configuring mail domains and user accounts alongside collaborative tools like shared calendars and contact lists. It includes automated security features such as integrated spam and malware filtering gateways, as well as automated certif
Provides automated lifecycle management for TLS certificates across multiple hosted mail domains.
This project is a web-based management interface designed for the administration, monitoring, and configuration of Nginx server instances. It functions as a centralized platform for managing reverse proxy settings, traffic routing, and server lifecycles, providing a visual dashboard to replace manual configuration file editing. The platform distinguishes itself through integrated infrastructure automation and observability tools. It supports distributed environments by synchronizing configuration states across multiple nodes and containerized services, while offering artificial intelligence a
Automates the deployment and renewal of security certificates for encrypted traffic.