26 repository-uri
Practices and tools for securing stored data against unauthorized access.
Distinguishing note: Focuses on the application of security policies to backup data specifically.
Explore 26 awesome GitHub repositories matching security & cryptography · Data Security. Refine with filters or upvote what's useful.
This project is a command-line utility designed for secure, content-addressable data archiving. It functions as an encrypted backup tool that stores data as deduplicated chunks, ensuring that every piece of information is identified by a cryptographic hash to maintain integrity across all backups. By applying strong encryption and message authentication codes to both data and metadata, the software prevents unauthorized access and detects potential tampering. The tool distinguishes itself through a backend-agnostic storage abstraction that allows users to maintain repositories across diverse
Protects backup data against unauthorized access and tampering by applying strong encryption and message authentication codes.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using private networking and external secret stores during synchronization processes.
This project is a local-first task manager and time tracking tool designed to consolidate work items from multiple external project management platforms into a single, unified interface. By prioritizing local data sovereignty, it ensures that all task lists, time logs, and application states remain on the user's device, providing full functionality in offline environments while maintaining privacy. The application distinguishes itself through a focus on deep work and structured productivity rituals. It integrates distraction-free modes, configurable focus timers, and automated time tracking t
Stores all user information and activity logs on the device to prevent external tracking.
Kubescape is a Kubernetes security posture management platform designed to scan clusters, manifests, and images for misconfigurations, vulnerabilities, and compliance risks. It functions as a comprehensive security suite incorporating a compliance scanner, a container image vulnerability scanner, an admission controller for policy enforcement, and a runtime security monitor. The platform distinguishes itself through runtime-aware vulnerability filtering, which maps libraries loaded in memory to determine if vulnerabilities are actually reachable. It also integrates with AI assistants via a Mo
Synchronizes security frameworks and scan results between the local cluster and remote services.
This project provides a set of development guidelines and architectural recommendations for building iOS applications. It focuses on structuring Swift applications to decouple business logic from the user interface to improve testability and maintenance. The project covers specific implementation standards for security, such as using keychain storage for sensitive data and TLS certificate pinning for network traffic. It also defines patterns for code quality enforcement through static analysis and compiler configurations, as well as strategies for asset and localization management. The guide
Defines standards for storing passwords and authentication tokens in a secure system keychain.
OrbStack is a native macOS application that replaces Docker Desktop, providing an all-in-one environment for running Docker containers, full Linux virtual machines, and local Kubernetes clusters. It runs Linux VMs directly on the macOS hypervisor framework for near-native performance, uses VirtioFS for fast bidirectional file sharing between macOS and Linux, and leverages Rosetta for near-native x86 emulation on Apple Silicon. The system assigns predictable local domain names to containers and VMs with automatic HTTPS certificate generation, forwards ports via event-driven updates, and stores
Stores Docker registry credentials securely using the native macOS keychain for authentication.
Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst
Dumps and modifies sensitive items stored within a device's secure keystore.
MJExtension is a JSON serialization library and model mapping framework used to convert data between JSON strings and structured model objects. It functions as an object data mapper that handles the encoding and decoding of complex object hierarchies for network transmission and storage. The framework is a non-intrusive data mapper that uses reflection and runtime inspection to map raw data strings to application objects. This approach allows for data transformation without requiring base class inheritance, decorators, or extensions to the underlying model classes. The system supports recurs
Provides utilities to archive and retrieve model properties for reliable data storage.
KeychainAccess is a Swift library used for storing and retrieving encrypted data within the Apple system keychain across iOS and macOS. It provides a type-safe interface for managing sensitive information and user credentials on iOS, macOS, tvOS, and watchOS. The library includes a biometric authentication interface that requires FaceID or TouchID verification with custom prompts before accessing specific secure items. It also enables the synchronization of credentials across Apple devices via a cloud keychain and provides a manager for sharing login credentials between native applications an
Provides a Swift interface for storing and retrieving encrypted credentials in the Apple system keychain.
jrnl is a command-line journaling tool used for recording dated entries and managing personal journals directly from a terminal. It functions as an encrypted plain-text journal system that protects private entries through encryption and integration with native system keychains. The project includes a calendar-based activity tracker that visualizes entry frequency and patterns using a heatmap layout. It also serves as a data utility for exporting journal entries into formats such as Markdown, JSON, YAML, and XML. The system supports multi-journal management for different life areas and provid
Integrates with native system keychains to securely store and retrieve encryption passwords.
IceCubesApp is a native iOS social networking client built with SwiftUI. It serves as an ActivityPub and Mastodon client, providing a mobile interface for interacting with decentralized servers. The application functions as a multi-account manager, allowing users to authenticate and switch between several different social media profiles within a single interface. The software includes an AI-enhanced text editor used to refine, shorten, or generate descriptive text for posts. These artificial intelligence tools assist in writing and generating alt-text for uploaded images. The platform covers
Uses the native system keychain for secure storage of authentication tokens and credentials.
Keka is a file compression and archive extraction utility designed for macOS and iOS. It functions as a tool to shrink the size of files and folders to optimize storage and speed up data transfers. The application serves as an encrypted archive manager, allowing users to protect compressed files with passwords and encryption to ensure private data sharing and secure transmission. The software covers broad capabilities in file archiving, including the ability to compress data into archival formats and unpack various archive formats to restore original content to the local system.
Restricts access to archived files using security settings to keep data confidential.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Stores sensitive API tokens and credentials in the system keychain to keep them out of code.
TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas
Copies properties between models using the spread operator for reuse without inheritance.
Uses distinct bundle IDs per build configuration and consistent signing to avoid repeated Keychain access requests for license storage.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Shares blocked and allowed IP lists among a group of servers to maintain consistent security policies.
SAMKeychain este un manager de keychain Objective-C care oferă o interfață programatică pentru a crea, citi și șterge credențiale securizate stocate în keychain-ul de sistem macOS și iOS. Acesta servește ca un wrapper ușor pentru gestionarea parolelor și a datelor sensibile pe platformele Apple. Proiectul oferă un API unificat care abstractizează diferențele de implementare între macOS și iOS. Acesta înfășoară API-urile C de nivel scăzut în clase Objective-C pentru a oferi o interfață orientată pe obiecte pentru interacțiunea cu daemon-ul de securitate al sistemului. Biblioteca acoperă stocarea securizată a credențialelor și controlul accesului, inclusiv capacitatea de a stoca, prelua și șterge parolele conturilor și token-urile de autentificare în stocare persistentă criptată.
Implements direct integration with the system security daemon for encrypted persistent storage of sensitive data.
Knuff este un instrument de debugging desktop conceput pentru testarea payload-urilor serviciului Apple Push Notification. Permite livrarea de payload-uri JSON personalizate către dispozitivele mobile pentru a verifica dacă notificările sunt primite corect. Aplicația se integrează cu keychain-ul sistemului pentru a gestiona certificatele de securitate și cheile private pentru semnarea cererilor. Include, de asemenea, un utilitar pentru a exporta aceste identități de securitate din keychain în formate de fișiere portabile pentru utilizarea cu alte instrumente de dezvoltare. Instrumentul oferă mecanisme pentru preluarea automată a token-urilor dispozitivului și un manager de payload pentru a salva și reutiliza token-urile dispozitivului și configurațiile JSON. Acest lucru permite persistența datelor specifice de notificare pentru a asigura scenarii de testare repetabile.
Exports security identities from the system keychain into files for use with external push tools.
Franz este un agregator de mesagerie multi-serviciu și un spațiu de lucru de comunicare unificat. Acesta combină mai multe servicii de chat, e-mail și calendar într-o singură interfață desktop pentru a elimina necesitatea de a comuta între aplicații disparate. Proiectul se distinge printr-un wrapper de browser axat pe confidențialitate care blochează trackerele terțe și amprentarea, folosind în același timp criptarea nativă a sistemului pentru stocarea credențialelor. Încorporează un sumarizator de conversații AI care poate rula local sau prin hosting cloud pentru a condensa mesajele ratate și a redacta răspunsuri conștiente de context. Aplicația oferă o gestionare extinsă a sesiunilor pentru mai multe conturi simultane și organizează instrumentele în spații de lucru axate pe concentrare. Include capabilități pentru triajul comunicării, cum ar fi transformarea mesajelor în sarcini, agregarea vizualizărilor de calendar și centralizarea accesului la fișiere în serviciile integrate. Utilizatorii pot extinde platforma prin plugin-uri de servicii personalizate și pot gestiona layout-urile cu ferestre de serviciu detașabile sau alăturate.
Secures authentication tokens and passwords using the operating system's native encrypted keychain storage.
Acest proiect este o colecție de instrumente și scripturi de linie de comandă concepute pentru a interoga keychain-urile de sistem și a recupera parolele în text clar pentru identificatori de rețea wireless specifici. Funcționează ca un extractor de credențiale de rețea wireless care preia cheile de securitate salvate pentru identificatorul de set de servicii (SSID) curent sau specificat. Utilitarul include în mod specific un instrument de acces la keychain-ul macOS și un retriever bazat pe Bash pentru a extrage cheile de securitate din magazinul de securitate al sistemului. Utilizează comenzi de terminal specifice platformei și parsarea prin expresii regulate pentru a izola parolele în text clar din datele de diagnosticare verbose ale sistemului. Software-ul acoperă recuperarea credențialelor de rețea și administrarea rețelei locale, oferind o metodă de a găsi cheile de securitate pentru rețelele wireless conectate prin execuția de comenzi shell.
Extracts plaintext passwords and security keys from the system-level secure enclave.