43 个仓库
Methods for creating and restoring database backups that are secured with encryption to protect sensitive data at rest.
Distinguishing note: None available; no candidates provided.
Explore 43 awesome GitHub repositories matching security & cryptography · Encrypted Backups. Refine with filters or upvote what's useful.
rclone is a command-line utility and sync engine for managing, synchronizing, and migrating files across numerous cloud storage providers. It functions as a storage management tool that enables bidirectional or one-way synchronization between local filesystems and remote cloud backends. The project acts as a unified cloud storage gateway, capable of merging multiple remote providers into a single directory tree. It further provides a filesystem mount to expose remote cloud storage as a local disk for direct operating system access and a transparent encryption wrapper to secure data before it
Secures sensitive data using transparent encryption before uploading it to cloud providers for backup.
Ente is a privacy-focused platform for end-to-end encrypted storage and two-factor authentication management. It functions as a zero-knowledge identity provider, ensuring that all cryptographic operations, key derivation, and data encryption occur locally on the user's device. By maintaining this architecture, the service provider remains unable to access or decrypt any stored personal information or authentication credentials. The platform distinguishes itself through a combination of on-device intelligence and resilient data distribution. It utilizes a local machine learning engine to perfo
Provides secure, client-side encrypted cloud backups for sensitive personal data and credentials.
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
Describes a redundant 3-2-1 backup model utilizing encrypted local and remote copies.
This project is a comprehensive security hardening and privacy management guide for macOS. It provides a set of instructions and checklists for reducing the system attack surface through manual configuration, policy enforcement, and a layered defense strategy. The guide emphasizes a system auditing framework, using binary analysis, system logs, and packet inspection to verify that security controls and application sandboxing are functioning as intended. It offers tool-agnostic recommendations, defining security goals while allowing users to select their own third-party software for implementa
Provides guidance on creating encrypted local or remote archives to protect system backups from unauthorized access.
Signal-Desktop is a cross-platform messaging application that provides end-to-end encrypted communication. It implements the Signal Protocol to secure messages and voice calls, ensuring that only intended recipients can access content. The application manages asynchronous key exchange and session initialization to maintain secure communication channels between parties who are not online simultaneously. The project distinguishes itself through advanced cryptographic protections, including hybrid post-quantum security that combines classical elliptic curve cryptography with lattice-based algori
Encrypts local message archives to prevent unauthorized access if the physical device is compromised.
Whistle is an HTTP debugging proxy that captures, inspects, and modifies traffic through a web-based management interface. It operates as a man-in-the-middle proxy, intercepting HTTP, HTTPS, HTTP/2, WebSocket, and TCP traffic between clients and servers, and provides a plugin-based architecture that extends core functionality with custom rules, UI panels, and protocol handlers at runtime. The project distinguishes itself through a combination of capabilities that go beyond basic traffic inspection. It supports server-side headless operation on Linux, allowing it to intercept traffic for appli
Provides on-the-fly modification of HTTP request headers, bodies, URLs, and responses through user-defined rules.
Duplicati is a self-hosted backup server designed to perform encrypted, incremental, and compressed backups to a wide range of local, network, and cloud-based storage providers. It functions as a background service that automates recurring data protection tasks, ensuring that only changed data blocks are stored to maximize efficiency and minimize bandwidth usage. The project distinguishes itself through a centralized management console that allows for the orchestration of multiple distributed backup agents from a single web-based dashboard. It supports multi-tenant management, enabling the or
Secures backup archives with AES-256 encryption to ensure data confidentiality at rest on remote storage providers.
Borg 是一个命令行备份工具,专为去重数据归档和安全存储而设计。它通过识别唯一的文件块并应用压缩来最小化跨多个备份版本的总存储占用。 该软件以使用认证加密而著称,确保所有存储的数据保持机密并防止未经授权的篡改。它还提供虚拟文件系统接口,允许用户将归档挂载为本地目录,从而在无需执行完整数据集恢复的情况下浏览和访问单个文件。 该系统通过存储库级元数据索引和内容定义分块来管理这些归档,使用滚动哈希算法来检测并仅存储唯一的数据段。这些功能由基于流的压缩支持,以优化存储需求和网络传输速度。
Offers a security-focused backup solution that uses authenticated encryption to protect archived data.
Kopia is a backup utility designed to create encrypted, deduplicated, and compressed snapshots of files and directories. It functions as a client-side tool that secures data locally before transmitting it to various storage targets, ensuring that sensitive information remains protected throughout the backup process. The system utilizes content-addressable block storage and metadata-driven versioning to identify and remove redundant data across multiple snapshots. By employing a pluggable storage abstraction layer, it supports a wide range of local, network, and cloud-based storage providers,
Creates deduplicated and compressed snapshots of files with end-to-end encryption for secure storage.
Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur
Creates encrypted copies of security tokens to ensure data recovery and protection against device loss.
Hetty is an HTTP intercepting proxy and web security research toolkit used to capture, inspect, and modify traffic between a browser and a server. It functions as an HTTP request editor for creating and replaying manual requests to test server behavior and as a project-based traffic logger that isolates network logs across different security research engagements. The tool provides a request-response interception loop that pauses outgoing requests and incoming responses in transit, allowing for manual editing or cancellation. It includes a manual request replay engine to construct and transmit
Intercepts and alters HTTP request or response data in real time to test server behavior.
This project is a web-based management interface designed for the administration, monitoring, and configuration of Nginx server instances. It functions as a centralized platform for managing reverse proxy settings, traffic routing, and server lifecycles, providing a visual dashboard to replace manual configuration file editing. The platform distinguishes itself through integrated infrastructure automation and observability tools. It supports distributed environments by synchronizing configuration states across multiple nodes and containerized services, while offering artificial intelligence a
Encrypts configuration backups to ensure data protection and integrity.
Ladder is a web proxy server and HTTP response modifier designed to circumvent bot protections, CORS restrictions, and paywalls. It functions by intercepting traffic to modify HTML, CSS, and JavaScript via regular expressions and altering HTTP headers to reveal restricted content. The project distinguishes itself through its ability to bypass anti-scraping mechanisms and specialized bot detection, such as Cloudflare, by integrating with external challenge-solving services. It also enables client identity emulation by spoofing user agents and network identifiers to masquerade as different brow
Intercepts and alters HTTP request and response data in real time using regular expressions to modify page content.
AnyProxy is an HTTP/HTTPS proxy framework built on Node.js that intercepts and modifies traffic through a plugin system. It functions as a configurable proxy server where user-defined plugins inspect or alter requests and responses as they pass through the proxy. The framework distinguishes itself through a middleware stack that processes requests sequentially, enabling modular traffic transformation and logging. It handles HTTPS interception by dynamically generating and installing root certificates for transparent decryption, and routes traffic based on configurable rules matching request p
Alters the content of intercepted HTTP or HTTPS messages before they reach their destination or the client.
Longhorn is a distributed block storage system and orchestrator for Kubernetes. It provides persistent, replicated block storage volumes that survive pod restarts and node failures by maintaining synchronous copies of data across multiple cluster nodes. The system implements the Container Storage Interface (CSI) for dynamic volume provisioning and attachment. It is distinguished by its support for shared read-write access to a single block volume across multiple pods, as well as the ability to export volume snapshots to external S3 or NFS targets for off-cluster disaster recovery. The platfo
Applies encryption to volume backups independently of whether the source volume is encrypted.
Databasus is a self-hosted backup platform that automates PostgreSQL backups, verifies their restorability, and stores them across multiple destinations while managing team access with role-based permissions. It combines on-the-fly AES-256-GCM encryption, cron-driven scheduling, job-queue-based verification, multi-destination storage, WAL streaming, throwaway container restore testing, and workspace-based role access control into a unified backup system. The platform distinguishes itself through automatic backup verification that restores each backup into a temporary database container for in
Encrypts each backup file on the fly with AES-256-GCM using a unique key derived from a master key and random salt.
Proxyman is a cross-platform HTTP debugging proxy that captures, inspects, and modifies HTTP, HTTPS, and WebSocket traffic. It functions as a man-in-the-middle proxy, decrypting SSL/TLS traffic to allow real-time inspection and modification of encrypted requests and responses. The tool is designed for debugging web and mobile applications, with capabilities for API mocking and simulation, scriptable traffic modification, and team collaboration on network logs. What distinguishes Proxyman is its deep integration with mobile and cross-platform development workflows. It provides automated certif
Intercepts HTTP requests and lets users edit the URL, method, headers, and body before forwarding them to the server.
An HTTP proxy library for Go
Intercepts both HTTP and decrypted HTTPS traffic at request and response stages for inspection and modification.
Decrypts an encrypted backup file using a standalone browser-based tool without needing the app.
InvenTree is an open-source inventory management platform built on Django, designed for tracking parts, stock levels, and supply chain operations through a web interface and REST API. The system uses barcodes—including QR codes, 1D barcodes, and Data Matrix codes—as primary identifiers for scanning, linking, and triggering inventory actions, and extends core functionality through a Python plugin framework supporting custom actions, UI panels, barcode handlers, and scheduled tasks. The platform distinguishes itself through a comprehensive plugin-based extensibility system that allows custom in
Applies GPG encryption to backup archives during creation and decrypts them during restore.