We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
secureheaders - Manages application of security headers with many safe defaults
master represents the unreleased 4.x line. See the upgrading to 4.x doc for instructions on how to upgrade. Bug fixes should go in the 3.x branch for now.The 3.x branch is moving into maintenance mode. See the upgrading to 3.x doc for instructions on how to upgrade including the differences and benefits of using the 3.x branch.
secure-headers csp hsts referrer-policy rack middleware xframe-options cookie content-security-policysecure_headers - Manages application of security headers with many safe defaults
master represents 6.x line. See the upgrading to 4.x doc, upgrading to 5.x doc, or upgrading to 6.x doc for instructions on how to upgrade. Bug fixes should go in the 5.x branch for now. The 3.x branch is moving into maintenance mode. See the upgrading to 3.x doc for instructions on how to upgrade including the differences and benefits of using the 3.x branch.
secure-headers csp hsts referrer-policy rack middleware xframe-options cookie content-security-policyreact-pwa - An upgradable boilerplate for Progressive web applications (PWA) with server side rendering, build with SEO in mind and achieving max page speed and optimized user experience
A highly scalable, Progressive Web Application foundation,boilerplate, with the best Developer Experience.
pwa react ssr hot-reload code-splitting seo babel srcset expressjs es7 hsts hstspreload pwa-apps webpack4testssl.sh - Testing TLS/SSL encryption anywhere on any port
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Or help yourself downloading the ZIP archive https://github.com/drwetter/testssl.sh/archive/2.9dev.zip. testssl.sh --help will give you some help upfront. More help: see doc directory with man pages. Older sample runs are at https://testssl.sh/.
tls cipher openssl logjam socket hpkp ct hsts bigip caa freak drown heartbleed rc4 ocsp ticketbleed crime poodle sslnginxconfig.io - ⚙️ NGiИX config generator on steroids 💉
NGINX is so much more than just a webserver. You already knew that, probably. A lot of features with corresponding configuration directives. You can deep dive into the NGINX documentation right now OR you can use this tool to check how NGINX works, observe how your inputs are affecting the output, generate the best config for your specific use-case (and in parallel you can still use the docs).
nginx nginx-configuration php-fpm ssl letsencrypt cdn wordpress https http2 gzip expiration security rate-limiting laravel symfony ssl-certificate security-headers hsts nginx-configs drupal config configuration generatorsecure_headers - Manages application of security headers with many safe defaults
main branch represents 6.x line. See the upgrading to 4.x doc, upgrading to 5.x doc, or upgrading to 6.x doc for instructions on how to upgrade. Bug fixes should go in the 5.x branch for now. It can also mark all http cookies with the Secure, HttpOnly and SameSite attributes. This is on default but can be turned off by using config.cookies = SecureHeaders::OPT_OUT.
rack secure-headers csp hsts referrer-policy middleware xframe-options cookie content-security-policySecureHeaders - A PHP library aiming to make the use of browser security features more accessible.
A PHP class aiming to make the use of browser security features more accessible. For full documentation, please see the Wiki.
secureheaders hsts cookie csp content-security-policy secure headers secure-cookie samesiteHTTP Strict Transport Security IIS Module
A module for IIS which enables HTTP Strict Transport Security compliant with the HSTS Draft Specification (RFC 6797).
hsts https iis securityhstspreload.org - :lock: Chromium's HSTS preload list submission website.
This folder contains the source for the HSTS preload list submission website at hstspreload.org. See github.com/chromium/hstspreload for the core library that checks websites against the submission requirements.
hsts https chrome chromium security hstspreloadyes-https - Say yes to https with express and connect.
yes-https is a happy little npm module that makes it easy to require https for your connect based application.
https express nodejs hstsfastify-helmet - Important security headers for Fastify
Simply require this plugin, and the basic security headers will be set. fastify-helmet is a collection of 12 smaller middleware functions that set HTTP headers. Running fastify.register(helmet) will not include all of these middleware functions by default.
fastify helmet security headers x-frame-options csp hsts clickjackhood - Cover your head. Security headers middlware
Cover your head. Security headers middleware for connect or express.
security headers csp hsts xframe nosniff connect express middlewareLib
You can get Lib.AspNetCore.Security and Lib.AspNetCore.Mvc.Security from NuGet. The documentation is available here.
asp-net-core security hsts cspLib
Lib.Web.Mvc is a library which contains some helper classes for ASP.NET MVC such as strongly typed jqGrid helper, attribute and helper providing support for HTTP/2 Server Push with Cache Digest, attribute and helpers providing support for Content Security Policy Level 2, FileResult providing support for Range Requests, action result and helper providing support for XSL transformation and more. Lib.Web.Mvc is available on NuGet.
asp-net-mvc hsts csp2 http2 http2-push jqgrid jquery-grid-plugin range-requestshstspreload - 🔒🔍 A Go package to scan sites against requirements for Chromium-maintained HSTS preload list
HSTS is HTTP Strict Transport Security, which is a policy system for web sites to express a desire only to be contacted over HTTPS. See https://github.com/chromium/hstspreload.org for the submission site code.
hstspreload hsts https mit chromium chromePRISM-AP - An automated Wireless RogueAP MITM attack framework.
PRISM-AP is an automated Wireless RogueAP MITM attack framework. This script is distributed "as is" and no support will be provided in it's current state (not intended for beginners).
wireless pentesting pentest framework kali security automated mitm mana karma hsts bypass intercept tool tools 802-1xKatWeb - A lightweight static web server and reverse proxy designed for the modern web.
To download KatWeb, you can either download a packaged release from the releases page, or compile KatWeb from the source code in the repository (not recommended, code in the repository is not suitable for production use). After you have extracted the compressed release, you can run the right build for your platform. The root folder for serving files is /html/, the configuration is /conf.json. Documentation for KatWeb can be found on the KatWeb Wiki.
webserver hsts gzip http2 reverse-proxy websocket letsencrypt web-server https tls lightweight brotlisensu-plugins-ssl - This plugin provides native SSL instrumentation for monitoring, including: hostname and chain verification, cert expiry, and Qualys SSL Labs reporting
Check that a specific website is chained to a specific root certificate (Let's Encrypt for instance). Checks a CRL has not or is not expiring by inspecting it's next update value.
sensu-plugins ssl-monitoring monitoring ssl-certificates hsts hstspreload
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
