19 个仓库
Libraries and modules for implementing specific network and system authentication handshake protocols.
Distinguishing note: Focuses on specific legacy and enterprise authentication protocols like NTLM, distinct from generic identity management or OAuth flows.
Explore 19 awesome GitHub repositories matching security & cryptography · Authentication Protocols. Refine with filters or upvote what's useful.
This project is a cross-platform messaging client that implements a secure, real-time communication protocol. It provides a comprehensive development toolkit, including a database library and messaging SDK, which allows for the creation of custom messaging applications that maintain synchronized state across multiple devices. The core architecture relies on an asynchronous event-driven model to ensure responsive performance while managing persistent local database synchronization with server-side state. The client distinguishes itself through a robust end-to-end encryption layer that supports
Telegram delivers authorization codes through messaging instead of traditional SMS to lower costs and increase security.
PHPMailer is a comprehensive library for constructing and sending complex email messages within PHP applications. It provides an object-oriented framework for building MIME-compliant emails, managing attachments, and handling multi-format content such as HTML and plain-text alternatives. The library serves as a robust interface for email dispatch, supporting both individual messaging and high-performance bulk distribution through persistent connections. The project distinguishes itself through a deep focus on secure transmission and identity verification. It integrates advanced security proto
The library verifies user credentials against mail servers using legacy protocols to satisfy specific relay requirements before initiating the email transmission process.
This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven
Identifies and hardens legacy authentication protocols to improve system security.
This project serves as a comprehensive, community-driven directory for the .NET ecosystem. It functions as a curated index of high-quality libraries, frameworks, and tools designed to assist developers in identifying recommended solutions for a wide range of project requirements and software engineering tasks. The repository distinguishes itself by providing a categorized catalogue that simplifies the discovery of resources across the entire .NET development lifecycle. By maintaining a standardized collection of community-contributed utilities, it helps developers navigate the ecosystem to fi
Provides libraries and modules for implementing specific network and system authentication handshake protocols.
RabbitMQ is a multi-protocol messaging broker that functions as an AMQP message broker, a clustered message queue, and a distributed message stream. It provides a server for translating and bridging communication between diverse messaging standards to connect heterogeneous systems. The system distinguishes itself through distributed broker clustering and federation, using shoveling mechanisms to synchronize data across geographically separate sites. It supports high-throughput, append-only logs for persisting and reading large sequences of messages for real-time processing. The broker covers
Uses a pluggable authentication framework to validate identities via LDAP and OAuth2 providers.
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f
Provides an automated authentication attack module for PC-Anywhere remote administration services.
libgit2 is a portable, cross-platform C library that provides a programmatic interface for integrating Git version control directly into applications. It serves as a linkable implementation of Git internals, allowing developers to manage repositories and manipulate version control data without requiring a system installation of the Git command line tool. The library functions as an embedded API and object database manager capable of reading and writing commits, trees, blobs, and tags. It includes a network transport client to handle the transfer of repository data over protocols such as SSH a
Provides support for NTLM and Negotiate authentication protocols to secure access to remote servers.
This project is a Git credential helper that automates the storage and retrieval of authentication secrets for remote repository operations. It functions as an OAuth token manager and an operating system vault storage interface to ensure authentication secrets are encrypted at rest. The tool acts as a cross-platform authentication broker, enabling the sharing of secure credentials between a host operating system and a Linux subsystem. It also serves as an enterprise proxy gateway, routing authentication traffic through corporate proxy servers to reach restricted repository endpoints. The sys
Supports enterprise network authentication protocols to provide seamless access to Windows-based resources.
Gate One is an HTML5-powered terminal emulator and SSH client
Authenticates users through pluggable backends including Kerberos, PAM, Google Auth, and anonymous access.
FastAPI Users is a ready-to-use authentication library for FastAPI applications that handles user registration, login, password reset, email verification, and profile retrieval with minimal configuration. It provides a complete authentication system built around pluggable backends and transports, supporting JWT tokens, database sessions, and Redis-based token storage that can be combined in a single route. The library distinguishes itself through its modular architecture, offering router-based module composition that organizes authentication flows as independent FastAPI routers for registrati
Supports multiple authentication backends (JWT, database, Redis) and transports (header, cookie) in a single route.
Passbolt is an open-source, self-hosted password manager designed for teams. It provides a centralized, encrypted vault where organizations can store, share, and manage credentials securely. The server exposes a JSON REST API that authenticates requests using either GPGAuth or JWT tokens, and all secrets are protected with OpenPGP end-to-end encryption, ensuring the server never has access to plaintext passwords. The platform distinguishes itself through a comprehensive role-based access control system that governs resource sharing and administrative actions. Teams can organize users into gro
Authenticates API requests using the legacy GPGAuth protocol for backward compatibility.
Learn-Web-Hacking 是一个结构化的 Web 安全学习指南和渗透测试知识库。它提供了一系列研究笔记,专注于识别和利用 Web 应用程序及网络协议中的漏洞。 该项目包括用于评估大语言模型安全风险以防止提示词注入的专业框架,以及用于加固云原生基础设施(包括容器标准和编排工具)的指南。它还涵盖了身份标准和认证协议的分析。 这些材料涵盖了广泛的安全能力,包括网络协议分析、用于攻击面映射的信息收集,以及涉及横向移动和持久化的内部网络渗透。它还详细介绍了零信任架构和入侵检测等防御策略。
Studies the implementation and security weaknesses of identity standards including OAuth, JWT, and SAML.
Supersonic 是一个基于 LLM 的数据分析平台和语义层引擎,可将自然语言问题转换为可执行的 SQL 查询。它作为一个商业智能仪表板和 Text-to-SQL 接口,允许用户通过对话界面检索业务指标和洞察。 该系统通过使用受控的逻辑层来定义统一的指标和维度,将业务定义与物理数据库模式解耦。这种语义建模允许平台将人类语言模式映射到精选模型,并将抽象的语义陈述转换为针对特定数据库引擎定制的物理 SQL。 该平台提供了一个企业级数据网关,具有数据集、列和行级别的基于角色的细粒度访问控制。其能力包括多轮对话管理、多数据库连接以及用于第三方工具集成的插件架构。 该项目通过无头编程 API 和用于外部数据消费的语义层 API 暴露其功能。
Provides a pluggable service provider interface for managing user authentication and authorization.
Calibre-Web-Automated is a self-hosted ebook library server that watches file system folders for new ebook files, automatically converts them to a target format, enriches their metadata from online sources, and inserts them into a Calibre-managed library. It provides a web interface for browsing, reading in-browser, searching full text, and managing collections, while also supporting user authentication through multiple protocols including OAuth 2.0, OpenID Connect, LDAP, magic links, and reverse proxy headers. The server integrates directly with Kobo e-reader devices, synchronizing books, co
Supports OAuth 2.0, OpenID Connect, LDAP, magic link, reverse proxy, and password authentication with role mapping and audit logging.
KafkaJS 是一个纯 JavaScript 编写的 Apache Kafka 客户端,提供了从 Kafka 集群生产和消费消息所需的必要工具,无需原生依赖或外部插件。它作为 Node.js 应用程序参与分布式消息处理和实时事件流的综合集成库。 该项目以其对 Kafka 有线协议的原生实现而著称,避免了 C++ 依赖。它具有支持 SSL、TLS 和 SASL 身份验证的安全客户端,以及允许原子消息发送和链接偏移量提交的事务功能,以确保精确一次 (exactly-once) 处理。 该库涵盖了广泛的运营领域,包括用于管理主题和消费者组的完整集群管理、高级分区路由和分配策略,以及通过事件驱动监控实现的全面遥测。它还实现了网络可靠性模式,例如指数退避重试和机架感知数据获取,以优化延迟。
Provides a modular system for integrating identity verification methods including SASL, SCRAM, and OAuth.
This project is a portable implementation of the secure shell toolset designed for deployment across diverse operating systems and platforms. It provides a suite of tools for secure remote login and command execution based on the secure shell protocol. The implementation includes a sandboxed server that isolates processes to limit the impact of potential vulnerabilities on the host operating system. It also functions as a cryptographic key manager for generating and storing security keys to replace or supplement password-based authentication. The project covers encrypted file transfer for mo
Integrates with pluggable authentication backends like PAM to handle diverse identity verification methods.
AKHQ is a web-based management interface for Apache Kafka, providing a centralized platform for administering clusters, topics, and consumer groups. It serves as a comprehensive monitoring and administration tool that includes a Kafka Connect manager and a ksqlDB administration interface. The platform distinguishes itself through extensive schema registry integration, allowing users to browse and decode Avro, Protobuf, and JSON messages using Confluent, Tibco, or AWS Glue registries. It also features a granular security model with role-based access control, sensitive data masking, and support
Implements a pluggable authentication framework supporting interchangeable backends like LDAP, OIDC, and JWT.
TermSCP is a multi-protocol terminal user interface file manager used for browsing and transferring files across SCP, SFTP, FTP, S3, and WebDAV. It functions as a secure remote connection manager and an SSH file transfer client, providing a keyboard-driven environment for remote server administration. The project features a dual-pane filesystem explorer with synchronized navigation to keep local and remote views in lockstep. It integrates an embedded terminal shell for executing local and remote commands without leaving the interface and employs a remote-file edit proxy to allow modifications
Supports protocol-specific authentication methods for SCP, SFTP, FTP, S3, and WebDAV.
该项目是一个用于 Linux 系统的可插拔认证模块(PAM),强制执行多因素身份验证。它直接集成到系统认证栈中,要求在标准用户凭据之外提供基于时间的一次性密码(TOTP),从而提供了一种保护本地和远程 Shell 访问的机制。 该模块通过其对基于时间的一次性密码算法的实现而脱颖而出,其中包括对时钟偏移补偿的内置支持,以解决服务器与用户设备之间的时间差异。它通过本地基于文件的持久化机制管理个人用户密钥,并支持模块堆叠,允许管理员在单个登录流程中在多个认证模块之间传递凭据。 除了核心验证外,该工具还提供可配置的策略设置,允许管理员定义宽限期并管理密钥文件位置。它促进了唯一认证密钥与移动应用程序的同步,确保在保持系统级安全标准的同时,多因素强制执行保持功能正常。
Implements a modular authentication framework that integrates custom security logic into the standard system login pipeline.