python-tuf - Python reference implementation of The Update Framework (TUF)

  •        11

This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform to version 1.0 of the TUF specification. The reference implementation strives to be a readable guide and demonstration for those working on implementing TUF in their own languages, environments, or update systems.

https://theupdateframework.com/
https://github.com/theupdateframework/python-tuf

Tags
Implementation
License
Platform

   




Related Projects

tuf - A framework for securing software update systems

  •    Python

The Update Framework (TUF) helps developers maintain the security of a software update system, even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system. TUF is hosted by the Linux Foundation as part of the Cloud Native Computing Foundation (CNCF) and is used in production by companies such as Docker, DigitalOcean, Flynn, LEAP, Kolide, Cloudflare, and VMware. A variant of TUF called Uptane is widely used to secure over-the-air updates in automobiles.

go-tuf - Go implementation of The Update Framework (TUF)

  •    Go

This is a Go implementation of The Update Framework (TUF), a framework for securing software update systems.go-tuf provides a CLI for managing a local TUF repository.

go-tuf - Go implementation of The Update Framework (TUF)

  •    Go

This is a Go implementation of The Update Framework (TUF), a framework for securing software update systems. go-tuf provides a CLI for managing a local TUF repository.

notary - Notary is a project that allows anyone to have trust over arbitrary collections of data

  •    Go

The Notary project has officially been accepted in to the Cloud Native Computing Foundation (CNCF). It has moved to https://github.com/theupdateframework/notary. Any downstream consumers should update their Go imports to use this new location, which will be the canonical location going forward. We have moved the repo in GitHub, which will allow existing importers to continue using the old location via GitHub's redirect.

Cryptlib - provides Encryption and Authentication Service

  •    C

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.


GOSINT - The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs)

  •    Javascript

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend. Updating is simple and encouraged as bugs are reported and fixed or new features are added. To update your instance of GOSINT, pull the latest version of GOSINT from the repository and re-run the build command to compile the updated binary.

Dogtag - Certificate System

  •    Java

The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. It supports Certificate issuance, revocation, and retrieval, Certificate Revocation List (CRL) generation and publishing, Encryption key archival and recovery and lot more.

eos - An open source smart contract platform

  •    C++

Welcome to the EOSIO source code repository! This software enables businesses to rapidly build and deploy high-performance and high-security blockchain-based applications. EOSIO is released under the open source MIT license and is offered “AS IS” without warranty of any kind, express or implied. Any security provided by the EOSIO software depends in part on how it is used, configured, and deployed. EOSIO is built upon many third-party libraries such as Binaryen (Apache License) and WAVM (BSD 3-clause) which are also provided “AS IS” without warranty of any kind. Without limiting the generality of the foregoing, Block.one makes no representation or guarantee that EOSIO or any third-party libraries will perform as intended or will be free of errors, bugs or faulty code. Both may fail in large or small ways that could completely or partially limit functionality or compromise computer systems. If you use or implement EOSIO, you do so at your own risk. In no event will Block.one be liable to any party for any damages whatsoever, even if it had been advised of the possibility of damage.

Android-DFU-Library - A library with DFU feature for Android 4.3+.

  •    Java

The nRF5x Series chips are flash-based SoCs, and as such they represent the most flexible solution available. A key feature of the nRF5x Series and their associated software architecture and S-Series SoftDevices is the possibility for Over-The-Air Device Firmware Upgrade (OTA-DFU). See Figure 1. OTA-DFU allows firmware upgrades to be issued and downloaded to products in the field via the cloud and so enables OEMs to fix bugs and introduce new features to products that are already out on the market. This brings added security and flexibility to product development when using the nRF5x Series SoCs. This repository contains a tested library for Android 4.3+ platform which may be used to perform Device Firmware Update on the nRF5x device using a phone or a tablet.

mvt - MVT (Mobile Verification Toolkit) helps conducting forensics of mobile devices in order to find signs of a potential compromise

  •    Python

Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence.

vuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go

  •    Go

For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually. This leads to the following problems. Vuls is a tool created to solve the problems listed above. It has the following characteristics.

Kubernetes_Security_Specialist_Study_Guide

  •    HCL

The CKS is the third Kubernetes based certification backed by the Cloud Native Computing Foundation (CNCF). CKS will join the existing Certified Kubernetes Administrator (CKA) and Certified Kubernetes Application Developer (CKAD) programs. All three certifications are online, proctored, performance-based exams that will require solving multiple Kubernetes security tasks from the command line. With the massive investment into Kubernetes over the last five years, these certifications continue to be highly sought after by many seeking out technical knowledge about Kubernetes. This repository contains resources to build a Kubernetes cluster, and example questions and answers based on the Certified Kubernetes Security Specialist (CKS) exam curriculum.

caldera - An automated adversary emulation system

  •    Python

CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK™) project. These features allow CALDERA to dynamically operate over a set of systems using variable behavior, which better represents how human adversaries perform operations than systems that follow prescribed sequences of actions. CALDERA is useful for defenders who want to generate real data that represents how an adversary would typically behave within their networks. Since CALDERA's knowledge about a network is gathered during its operation and is used to drive its use of techniques to reach a goal, defenders can get a glimpse into how the intrinsic security dependencies of their network allow an adversary to be successful. CALDERA is useful for identifying new data sources, creating and refining behavioral-based intrusion detection analytics, testing defenses and security configurations, and generating experience for training.

diffy - Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response

  •    Python

Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT). Diffy allows a forensic investigator to quickly scope a compromise across cloud instances during an incident, and triage those instances for followup actions. Diffy is currently focused on Linux instances running within Amazon Web Services (AWS), but owing to our plugin structure, could support multiple platforms and cloud providers.

SKGL - Serial Key Generating Library

  •    DotNet

This project helps you to create a well-working, easy-to-use software licensing system. 20 letters short serial key, feature locking, machine locking...

rails-security-checklist - :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

  •    Ruby

This checklist is limited to Rails security precautions and there are many other aspects of running a Rails app that need to be secured (e.g. up-to-date operating system and other software) that this does not cover. Consult a security expert. One aim for this document is to turn it into a community resource much like the Ruby Style Guide.

Moby Project - An open framework to assemble specialized container systems

  •    Go

Moby is an open-source project created by Docker to advance the software containerization movement. It provides a “Lego set” of dozens of components, the framework for assembling them into custom container-based systems, and a place for all container enthusiasts to experiment and exchange ideas.

Software Protector

  •    DotNet

Software Protector is an open source 100% managed .NET licensing system based on SKGL Project. Generate keys for your software, and validate them using SKGL lib

reposado - Host Apple Software Updates on the hardware and OS of your choice.

  •    Python

Reposado is a set of tools written in Python that replicate the key functionality of Mac OS X Server's Software Update Service. Reposado is licensed under the new BSD license.

malspider - Malspider is a web spidering framework that detects characteristics of web compromises.

  •    Python

Malspider has built-in detection for characteristics of compromise like hidden iframes, reconnaisance frameworks, vbscript injection, email address disclosure, etc. As we find stuff we will continue to add classifications to this tool and we hope you will do the same. Malspider will be a much better tool if CIRT teams and security practioners around the world contribute to the project. As mentioned above, it is very important to get help from other security practioners. Outside of adding classifications/signatures to the tool, here is a list of enhancements that would benefit the project and the broader infosec community. Don't feel contrained to this list, though.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.