awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

20 repository-uri

Awesome GitHub RepositoriesWebSocket Security

Security controls for persistent WebSocket connections including authentication and input validation.

Distinguishing note: Focuses on stateful connection security, distinct from stateless HTTP security.

Explore 20 awesome GitHub repositories matching security & cryptography · WebSocket Security. Refine with filters or upvote what's useful.

Awesome WebSocket Security GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • owasp/cheatsheetseriesAvatar OWASP

    OWASP/CheatSheetSeries

    32,298Vezi pe GitHub↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Secures persistent connections through authentication and input validation to prevent data injection.

    Pythonapplication-securityappsecbest-practices
    Vezi pe GitHub↗32,298
  • nats-io/nats-serverAvatar nats-io

    nats-io/nats-server

    20,076Vezi pe GitHub↗

    NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t

    Validates incoming WebSocket connections using various security methods including tokens, certificates, and identity-based credentials.

    Gocloudcloud-computingcloud-native
    Vezi pe GitHub↗20,076
  • elysiajs/elysiaAvatar elysiajs

    elysiajs/elysia

    18,531Vezi pe GitHub↗

    Elysia is a high-performance TypeScript web framework designed for building type-safe backend services. It provides a modular, plugin-based architecture that allows developers to compose server logic, middleware, and validation schemas into scalable application instances. By leveraging native web standards, the framework ensures portability across diverse JavaScript runtimes, including Node.js, Deno, and various edge computing environments. The framework distinguishes itself through its focus on end-to-end type safety, automatically synchronizing request and response definitions between the s

    Enforces strict schema constraints on incoming WebSocket messages to ensure data integrity.

    TypeScriptbunframeworkhttp
    Vezi pe GitHub↗18,531
  • yhirose/cpp-httplibAvatar yhirose

    yhirose/cpp-httplib

    16,597Vezi pe GitHub↗

    This is a header-only C++ library that provides implementations for HTTP clients, HTTP servers, and a WebSocket framework. It allows for the creation of network services and the consumption of remote APIs without requiring a separate compilation step or external binary linking. The project features backend-agnostic TLS integration for secure HTTPS and WSS communication and employs a thread-pool model to process concurrent requests. It distinguishes itself with a full-duplex WebSocket state-machine and a middleware-based request pipeline that supports regular-expression path routing. The libr

    Provides secure WebSocket communication using the wss scheme and certificate verification.

    C++
    Vezi pe GitHub↗16,597
  • tootallnate/java-websocketAvatar TooTallNate

    TooTallNate/Java-WebSocket

    10,811Vezi pe GitHub↗

    Java-WebSocket is a collection of classes for implementing WebSocket clients and servers using pure Java. It provides a framework for hosting servers that manage connections via event-driven subclasses and tools for establishing client connections to remote servers. The library includes a secure communication tool for encrypting traffic using the WSS protocol and a compression library that uses per-message deflate extensions to reduce transmitted data size. It supports the configuration of cipher suites to limit encryption protocols and ensure compatible communication. The project enables bi

    Supports secure communication using the WSS protocol and certificate management to protect data streams.

    Java
    Vezi pe GitHub↗10,811
  • 99designs/gqlgenAvatar 99designs

    99designs/gqlgen

    10,729Vezi pe GitHub↗

    gqlgen is a schema-first Go library designed to build type-safe GraphQL servers. It functions as a code generation engine that transforms declarative GraphQL schema definitions into strongly-typed Go source code, ensuring strict alignment between the API contract and the underlying implementation. The framework distinguishes itself through its deep integration with the Go type system and its highly extensible build pipeline. By using schema-first development, it automates the creation of server boilerplate and resolver stubs, allowing developers to map schema fields directly to Go structs and

    Validates initial connection payloads during the handshake process to verify user identity for subscriptions.

    Gocodegendataloadergogenerate
    Vezi pe GitHub↗10,729
  • facebookincubator/socketrocketAvatar facebookincubator

    facebookincubator/SocketRocket

    9,616Vezi pe GitHub↗

    SocketRocket is an Objective-C WebSocket client library designed to establish bidirectional real-time communication channels between an application and a server. It provides a networking layer for real-time data streaming, utilizing a heartbeat monitor to maintain the stability of active network streams. The library is built to operate across restricted networks by routing traffic through HTTP proxies. It secures data transmission using TLS encryption and SSL certificate pinning to prevent unauthorized interception of network traffic. Its underlying capabilities include low-level TCP socket

    Encrypts data transfers using TLS and SSL certificate pinning to prevent unauthorized interception.

    Objective-C
    Vezi pe GitHub↗9,616
  • daltoniam/starscreamAvatar daltoniam

    daltoniam/Starscream

    8,639Vezi pe GitHub↗

    Starscream is a Swift WebSocket client library that provides a concrete implementation of the WebSocket protocol for iOS and macOS applications. It functions as an event-driven wrapper for establishing and managing bidirectional connections to send and receive text and binary frames over TCP. The library includes a secure WebSocket client capable of encrypting traffic and validating server identities. It manages the full connection lifecycle, from the initial handshake and header exchange to session termination with custom close codes. The project covers a broad range of networking capabilit

    Implements encrypted communication channels and security controls to protect data transmitted via WebSockets.

    Swift
    Vezi pe GitHub↗8,639
  • vi/websocatAvatar vi

    vi/websocat

    8,571Vezi pe GitHub↗

    Websocat is a specialized set of command-line tools for WebSocket communication, acting as a client, server, and stream processor. It provides a terminal-based interface for connecting to WebSocket servers, hosting secure WebSocket servers, and bridging data between WebSockets and other network transports. The project distinguishes itself by functioning as a bidirectional network relay, allowing the routing of data between WebSocket streams, TCP sockets, UNIX sockets, and standard system input and output. It includes specialized implementations for SOCKS5 and HTTP proxying, as well as a strea

    Establishes secure, encrypted WebSocket connections using TLS or static symmetric keys.

    Rustclicommand-linecommand-line-tool
    Vezi pe GitHub↗8,571
  • javalin/javalinAvatar javalin

    javalin/javalin

    8,290Vezi pe GitHub↗

    Javalin is a lightweight web framework for Java and Kotlin designed for building REST APIs and web applications. It functions as an embedded Jetty web server, allowing applications to run as standalone processes without the need for an external servlet container. The project provides specialized frameworks for diverse communication patterns, including a REST API framework with automatic OpenAPI schema generation, a GraphQL API framework with query and mutation resolvers, and a WebSocket server for bidirectional real-time communication. It also includes a dedicated framework for pushing real-t

    Provides handlers to perform authentication and validation during the WebSocket upgrade process.

    Kotlinhacktoberfestjavajavalin
    Vezi pe GitHub↗8,290
  • mrniko/netty-socketioAvatar mrniko

    mrniko/netty-socketio

    7,021Vezi pe GitHub↗

    netty-socketio is a Java implementation of a Socket.IO server designed for real-time bidirectional communication between clients and servers. It functions as a real-time event engine and WebSocket communication server, utilizing the Netty network framework to manage high-performance socket connections. The project enables distributed socket server scaling by acting as a distributed message broker. It synchronizes client states and broadcasts messages across multiple server nodes through the use of an external data store. The system manages traffic via namespace-based connection routing and r

    Protects real-time data transfers using encryption and security certificates to secure stateful WebSocket connections.

    Javajavanettypolling
    Vezi pe GitHub↗7,021
  • proxymanapp/proxymanAvatar ProxymanApp

    ProxymanApp/Proxyman

    6,858Vezi pe GitHub↗

    Proxyman is a cross-platform HTTP debugging proxy that captures, inspects, and modifies HTTP, HTTPS, and WebSocket traffic. It functions as a man-in-the-middle proxy, decrypting SSL/TLS traffic to allow real-time inspection and modification of encrypted requests and responses. The tool is designed for debugging web and mobile applications, with capabilities for API mocking and simulation, scriptable traffic modification, and team collaboration on network logs. What distinguishes Proxyman is its deep integration with mobile and cross-platform development workflows. It provides automated certif

    Captures WebSocket and Secure WebSocket messages from browsers, mobile devices, and local applications.

    debugging-tooliosmacos
    Vezi pe GitHub↗6,858
  • sta/websocket-sharpAvatar sta

    sta/websocket-sharp

    6,067Vezi pe GitHub↗

    websocket-sharp is a C# library implementation of the WebSocket protocol used for building bidirectional client and server applications. It enables real-time data exchange between endpoints via persistent connections. The library provides specialized networking capabilities, including SSL encrypted networking for secure transport and certificate validation. It also features HTTP proxy tunneling to route traffic through intermediary servers using basic or digest authentication. The project covers a broad range of capabilities, including the implementation of both WebSocket clients and servers

    Provides security controls for persistent connections, including SSL/TLS encryption and certificate validation.

    C#
    Vezi pe GitHub↗6,067
  • oisf/suricataAvatar OISF

    OISF/suricata

    6,008Vezi pe GitHub↗

    Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in real-time to identify and alert on malicious activity. It operates as a rule-based threat detection system, matching traffic against user-defined signatures to detect known attack patterns and policy violations, and can be placed inline to actively block malicious packets before they reach their target. The engine inspects a wide range of application-layer protocols including HTTP, DNS, TLS, SMB, and MQTT, and supports high-performance packet capture through specialized hardware a

    Inspects WebSocket traffic for malicious patterns and enforces security policies on WebSocket communications.

    Ccybersecurityidsintrusion-detection-system
    Vezi pe GitHub↗6,008
  • nginx/unitAvatar nginx

    nginx/unit

    5,560Vezi pe GitHub↗

    NGINX Unit is an open-source application server designed to natively execute code across multiple programming language runtimes and WebAssembly within a single process. It serves as a multi-language application server that can run applications written in Go, Java, Node.js, Perl, PHP, Python, Ruby, and WebAssembly side by side, without requiring separate runtime environments for each language. The server distinguishes itself through a RESTful JSON control API that enables dynamic, zero-downtime configuration changes without restarting the server. It combines event-driven asynchronous I/O with

    Validates WebSocket payload lengths in the Java language module to prevent infinite loops and excessive CPU consumption.

    C
    Vezi pe GitHub↗5,560
  • boostorg/beastAvatar boostorg

    boostorg/beast

    4,801Vezi pe GitHub↗

    Beast este o bibliotecă C++ pentru implementarea clienților și serverelor HTTP și WebSocket de nivel scăzut. Acesta funcționează ca un framework de rețea asincron conceput pentru a compune operațiuni I/O non-blocante și stive de fluxuri stratificate pentru gestionarea traficului de rețea concurent, utilizând în mod specific modelul asincron Boost.Asio. Biblioteca oferă o implementare cuprinzătoare a protocoalelor HTTP/1.1 și WebSocket. Pentru HTTP, include primitive pentru parsarea și serializarea mesajelor cu suport pentru codificarea transferului fragmentat (chunked), citirea incrementală a corpului și pipelining-ul cererilor. Implementarea sa WebSocket acoperă întregul ciclu de viață al comunicării bidirecționale, inclusiv handshake-uri, negocierea subprotocolului, fragmentarea mesajelor și monitorizarea stării prin cadre de control. Beast include o suită specializată de instrumente pentru gestionarea buffer-elor de rețea pentru a optimiza I/O scatter-gather prin buffer-e de memorie dinamice și bazate pe secvențe. De asemenea, acoperă comunicarea securizată în rețea prin integrarea straturilor SSL/TLS pentru fluxuri criptate, autentificarea certificatelor și terminarea securizată a conexiunilor. Framework-ul oferă abstracții cross-platform pentru I/O de fișiere și gestionarea semnalelor de sistem pentru a susține dezvoltarea stabilă a aplicațiilor de rețea.

    Wraps WebSocket streams in an SSL/TLS layer to provide encrypted bidirectional communication.

    C++asioasync-programmingboost
    Vezi pe GitHub↗4,801
  • zlt2000/microservices-platformAvatar zlt2000

    zlt2000/microservices-platform

    4,735Vezi pe GitHub↗

    Acest proiect este o arhitectură enterprise cuprinzătoare pentru construirea de sisteme distribuite multi-tenant, implementată ca o platformă de microservicii Spring Cloud. Oferă un framework complet pentru gestionarea microserviciilor, concentrându-se pe arhitectura de date multi-tenant și furnizarea centralizată a identității. Platforma se distinge prin abordarea sa integrată față de identitate și securitate, utilizând un furnizor de identitate OAuth2 pentru a gestiona single sign-on, controlul accesului bazat pe roluri și emiterea de token-uri JWT în cadrul serviciilor distribuite. Separă în continuare limitele organizaționale prin izolarea datelor multi-tenant, asigurându-se că resursele și datele sunt partiționate logic sau fizic între diferiți chiriași (tenants). Sistemul acoperă o suprafață largă de capabilități distribuite, inclusiv guvernanța serviciilor prin rutarea API gateway și circuit breaking, precum și coordonarea datelor prin tranzacții distribuite și mecanisme de blocare. Include, de asemenea, un stack de observabilitate distribuită pentru tracing-ul cererilor și logare centralizată, alături de sincronizarea motorului de căutare în timp real și mesagerie asincronă bazată pe evenimente. Fluxul de lucru de dezvoltare este susținut de instrumente de automatizare pentru generarea codului aplicației și împachetarea binară specifică platformei.

    Secures real-time communication by authenticating WebSocket handshakes before establishing connections.

    Javaelkgpejava
    Vezi pe GitHub↗4,735
  • httprunner/httprunnerAvatar httprunner

    httprunner/httprunner

    4,279Vezi pe GitHub↗

    HttpRunner este un framework de testare de rețea multi-protocol conceput pentru automatizarea testelor funcționale și de regresie ale interfețelor HTTP. Funcționează ca un tester de rețea multi-protocol care suportă HTTP/1.1, HTTP/2, WebSocket, TCP și RPC pentru a valida diverse tipare de comunicare. Proiectul include motoare specializate pentru testarea performanței API, testarea bazată pe date și un generator de cazuri de test care convertește fișiere HAR, comenzi curl și definiții Swagger în scripturi executabile. Framework-ul se distinge prin capacitatea de a separa logica de testare de datele de business prin intermediul unui motor de execuție bazat pe date și prin suportul pentru testarea de sarcină (load testing) cu grad ridicat de concurență prin orchestrare distribuită. Dispune de un sistem de plugin-uri multi-limbaj care permite utilizatorilor să extindă motorul de bază cu logică personalizată de validare și procesare scrisă în Go, Python sau Java. Proiectul acoperă o gamă largă de capabilități, inclusiv modelarea scenariilor complexe pentru simularea fluxului de lucru al utilizatorului, validarea răspunsurilor și analiza detaliată a performanței rețelei. Oferă instrumente pentru generarea distribuită de sarcină, sondarea geografică a rețelei și integrarea suitelor de testare automatizate în pipeline-uri CI. Motorul de testare de bază poate fi executat printr-o interfață de linie de comandă sau integrat în ecosistemul de testare Python folosind un runner dedicat.

    The project extracts parameters from responses and performs assertions on returned data to verify communication correctness.

    Goadbagent-tarsmcp-server
    Vezi pe GitHub↗4,279
  • theturtle32/websocket-nodeAvatar theturtle32

    theturtle32/WebSocket-Node

    3,784Vezi pe GitHub↗

    WebSocket-Node is a server-side implementation of the WebSocket protocol for Node.js environments. It serves as a framework for establishing persistent, bidirectional communication channels and low-latency data exchange between clients and servers. The project provides a secure socket implementation using transport layer security and includes an integrated client for establishing outbound encrypted connections. It utilizes a formal protocol-state machine and an event-driven connection framework to manage high-concurrency network streams. The framework covers server-side infrastructure includ

    Implements security controls for persistent WebSocket connections, including transport layer encryption.

    JavaScript
    Vezi pe GitHub↗3,784
  • websocket-client/websocket-clientAvatar websocket-client

    websocket-client/websocket-client

    3,706Vezi pe GitHub↗

    This is a Python WebSocket client library designed to establish full-duplex, persistent network connections for real-time exchange of text and binary data. It functions as an asynchronous network client and a TCP socket wrapper, managing the complete lifecycle of a connection from the initial handshake to graceful closure. The implementation includes a secure WebSocket client that handles SSL/TLS encryption, certificate verification, and secure handshake protocols. It further distinguishes itself by supporting advanced connectivity options, including proxy routing via HTTP or SOCKS proxies an

    Implements security controls for persistent WebSocket connections including SSL/TLS encryption and certificate verification.

    Pythonpythonrfc-6455websocket
    Vezi pe GitHub↗3,706
  1. Home
  2. Security & Cryptography
  3. WebSocket Security

Explorează sub-etichetele

  • WebSocket Payload Validations1 sub-tagValidation of WebSocket payload lengths to prevent infinite loops and excessive CPU consumption. **Distinct from WebSocket Security:** Distinct from WebSocket Security: focuses specifically on payload length validation to prevent resource exhaustion, not general authentication or input validation.
  • WebSocket Traffic Inspections2 sub-tag-uriInspects WebSocket traffic for malicious patterns and enforces security policies on WebSocket communications. **Distinct from WebSocket Security:** Distinct from WebSocket Security: focuses on real-time traffic inspection and pattern matching rather than authentication or input validation.