7 रिपॉजिटरी
Security features and tools designed for local development environments.
Distinguishing note: Focuses on developer-centric security workflows.
Explore 7 awesome GitHub repositories matching security & cryptography · Developer Security. Refine with filters or upvote what's useful.
Docker Compose is a tool for defining and running multi-container applications through declarative configuration files. It functions as an application lifecycle manager, coordinating the startup, shutdown, and scaling of interconnected services within isolated environments. By using a standardized configuration format, it enables infrastructure as code, allowing developers to manage complex application stacks and their dependencies in a single, repeatable file. The project distinguishes itself by integrating directly with the broader Docker platform, leveraging a client-server architecture wh
Provides developer-level security tools for local environment protection.
This tool is a command-line utility designed to manage sensitive data by encrypting specific values within structured files such as YAML or JSON. By protecting only the sensitive portions of a file while leaving the structure intact, it ensures that configuration files remain readable for version control systems and automated workflows. The utility provides a secure development workflow by transparently decrypting files into memory for editing and automatically re-encrypting them upon saving, which prevents plaintext secrets from being written to the local disk. It supports a variety of encry
Provides a secure development workflow by transparently handling encrypted configuration files.
MailHog is an email testing tool that functions as a local SMTP server to capture outgoing messages during the development process. By intercepting SMTP traffic, it allows developers to verify email content, headers, and attachments without transmitting messages to actual external recipients. Captured data is stored in an in-memory buffer, ensuring that sensitive information remains accessible for inspection through a dedicated web-based dashboard. The platform distinguishes itself by incorporating network simulation capabilities, which allow for the injection of artificial delays or connecti
Restricting access to sensitive email testing interfaces by requiring authentication to protect private data during the software development lifecycle.
Cookiecutter Django is a command-line utility designed to generate production-ready web application structures based on the Django framework. It functions as a standardized boilerplate generator that automates the initial setup of a project, providing a consistent foundation that includes pre-configured settings, security defaults, and integrated infrastructure services. The project distinguishes itself by providing a fully containerized development and deployment environment. It orchestrates multi-container stacks that manage databases, background workers, and web servers, ensuring that the
Configures local reverse proxies and TLS certificates to enable secure HTTPS testing environments.
Promptfoo is an evaluation framework designed for testing, benchmarking, and red-teaming language models and agentic workflows. It provides a unified environment to run prompts against multiple providers, allowing developers to systematically validate model outputs against objective assertions, semantic similarity metrics, and custom grading rubrics. The platform distinguishes itself through a provider-agnostic execution layer and a stateful orchestrator capable of simulating multi-turn conversations and complex tool-use trajectories. It includes a dedicated adversarial mutation pipeline that
Offers inline security diagnostics and remediation suggestions to identify and fix vulnerabilities during the development process.
Integrates into a development CLI to help identify and fix security issues in Circom circuits.
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Recommends the integration of static analysis and secret scanning tools into the developer workflow.