13 个仓库
Encryption and transport security standards for application data.
Distinguishing note: Focuses on data-at-rest and data-in-transit security.
Explore 13 awesome GitHub repositories matching security & cryptography · Application Data Security. Refine with filters or upvote what's useful.
Appsmith is a low-code platform designed for building internal business tools, such as operational dashboards and administrative panels. It enables developers to construct dynamic user interfaces by dragging and dropping modular widgets onto a canvas and binding them directly to backend data sources. The platform utilizes a reactive framework that automatically updates interface elements and triggers functions whenever underlying data or widget properties change, eliminating the need for manual event handling. The platform distinguishes itself through a server-side proxy architecture that exe
Protects sensitive data using AES-256 encryption and TLS-secured connections.
This project is a reactive, offline-first NoSQL database engine designed for JavaScript applications. It provides a robust framework for managing application state by synchronizing data across browsers, mobile devices, and server-side runtimes. By treating local storage as the primary source of truth, it enables applications to remain functional without network connectivity, automatically reconciling changes with remote backends once a connection is restored. The database distinguishes itself through a modular architecture that supports cross-environment synchronization and high-performance d
Encrypts sensitive information stored in the local database to protect user privacy at rest.
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
Protects data in transit using encrypted connections for all data transfers without persisting any records to local disk storage.
This project is a modular e-commerce platform built on Ruby on Rails, designed to serve as a comprehensive engine for managing online retail operations. It provides the foundational infrastructure to handle complex product catalogs, customer order lifecycles, and global payment processing within a unified system. The platform distinguishes itself through a headless, API-first architecture that decouples backend commerce logic from custom frontend storefronts. It supports multi-tenant environments, allowing for the management of multiple independent retail storefronts or marketplaces from a si
Protects customer and transaction information using strong encryption at-rest and in-transit alongside automated security patching.
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
Encrypts captured interaction data using AES to ensure privacy and prevent unauthorized exposure.
This project is a software engineering style guide and a curated collection of architectural patterns and coding standards. It provides a multi-language coding standard to ensure maintainable software across Ruby, Python, JavaScript, and Swift. The project establishes a development workflow specification for version control, continuous integration, and peer review to maintain a linear project history. It also includes a web accessibility framework based on ARIA and WCAG standards, using design tokens and semantic HTML patterns to build inclusive interfaces. The guides cover a broad range of
Provides configurations to protect cookies from tampering and prevent accidental writes to production data.
CRMEB is a comprehensive e-commerce platform built on ThinkPHP 6, designed as a headless system that delivers standardized APIs to various frontend clients. It provides a unified backend to synchronize product catalogs, orders, and customer data across web browsers, mobile applications, and mini-programs. The platform supports diverse commerce models, including multi-vendor marketplaces where independent merchants manage their own stores, centralized chain store networks, and social commerce frameworks featuring affiliate distribution and community group buying. It also integrates specialized
Protects system data against CSRF, SQL injection, and shell attacks using encryption and filtering.
SQLCipher is an encrypted SQLite database engine and secure relational database that provides transparent AES-256 encryption for database files and stored data. It functions as a cryptographic storage engine that requires a passphrase or binary key to unlock and access content. The engine ensures data confidentiality through page-level encryption and protects data integrity using cryptographic hashes to detect unauthorized modifications. It includes capabilities for encryption key rotation to update passphrases and secure memory locking to prevent sensitive keys from being swapped from RAM to
Provides a secure way to store application settings and user data in encrypted files to prevent unauthorized access.
该项目是一系列参考实现、示例代码和入门套件,用于使用 JavaScript SDK 将 Firebase 后端服务集成到 Web 应用中。它作为一个实用指南,用于引导具有云托管认证、数据库和无服务器逻辑的项目。 该仓库提供了实现实时数据同步、用户身份管理和事件驱动云函数的具体示例。它还包括使用本地服务模拟器在生产部署前在本地机器上测试云功能的参考代码。 该代码库涵盖了广泛的功能,包括 NoSQL 和关系型数据存储、全球 CDN 上的静态资产托管,以及声明式安全规则的强制执行。它还演示了身份验证的集成以及在托管环境中执行服务器端逻辑的方法。
Implements security rules and protections to safeguard user information and application resources.
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Sets standards for encrypting network traffic using strong protocols and forward secrecy to prevent interception.
本项目是一系列 Android 应用开发的引导式教程和教育资源。它提供使用 Android Studio 和 Android SDK 从零开始构建移动应用和游戏的教学内容。 课程涵盖移动 UI 设计以及创建适应各种屏幕尺寸的响应式布局。它包括关于硬件集成的指南,用于通过权限模型访问设备传感器和原生服务,以及关于应用数据安全的课程。 材料涵盖通过本地数据库存储和远程数据库同步进行的数据管理。它还涉及 Web 服务集成,包括使用请求和响应模式将应用连接到外部数据源和地图。
Provides lessons on coding practices and mechanisms to protect user information and prevent common security vulnerabilities.
Shiro is a Java security framework that provides an identity and access manager for implementing authentication, authorization, cryptography, and session management. It serves as a security layer to verify user identities and enforce role-based access control for protected system resources. The project features a pluggable realm architecture that decouples security logic from identity data and a standalone session management system that tracks user state independently of the underlying servlet container. It includes an integrator for external identity providers using federation protocols such
Secures application data and passwords using symmetric/asymmetric encryption and salted hashing.
该项目作为掌握专业 Android 应用开发的综合教育路线图和课程。它提供了一条结构化的学习路径,引导开发者掌握构建、测试和部署可扩展移动软件所需的基本系统设计原则、架构模式和技术技能。 该资源的特色在于将复杂的技术主题组织成逻辑序列,涵盖了从基础移动开发工具到高级软件工程实践的所有内容。它强调用于构建可维护代码库的行业标准模式,确保学习者在构建系统、依赖管理和外部服务集成方面获得熟练度。 除了核心架构外,该课程还解决了移动生态系统中的关键方面,包括响应式流处理、异步执行和生命周期感知的组件管理。它还包含了关于保护应用数据、通过测试验证软件质量以及实现响应式用户界面的指导。该仓库作为寻求标准化移动工程方法和专业软件部署的开发者的集中指南。
Implements encryption, obfuscation, and permission controls to protect sensitive user information.