secrets
platform-compat
secrets | platform-compat | |
---|---|---|
1 | 23 | |
214 | 249 | |
0.9% | - | |
0.0 | 1.2 | |
6 months ago | about 4 years ago | |
Rust | C# | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
secrets
-
New very promising Linux syscall for creating secret memory even the kernel cant read. I'll be working for creating a crate for using it out.
I have thought extremely hard about this and implemented the following API for this problem: https://github.com/stouset/secrets
platform-compat
-
KeePass flaw allows retrieval of master password
DotNet offers the SecureString class to keep a string encrypted in Memory, but as long as the OS does not natively support this concept, the only advantage is that it resides in memory for a shorter time, the disadvantage is that SecureStrings are easier to search for.
- System.Net.Mail.SmtpClient is not recommended anymore; what is the alternative?
-
Bitwarden PINs can be brute-forced
Note the KeePass's resistance to the attack mentioned depends on the security of .NET's secure string, which, here's what Microsoft has to say about it (https://github.com/dotnet/platform-compat/blob/master/docs/D...)
As for KeePassXC, last I checked it didn't even bother.
-
Ever Find A Dead Man's Switch On A Network/Domain?
TIL. Looks like the deprecation note recommends MailKit.
-
Disabilities and Windows Passwords
Well of course, but it does have to be passed to the module that generates the hashes AD uses in the first place. And as I said, the standard password reset screen is bound to store the password in plain text somewhere as well.
-
Embedded logo in HTML email sent from PowerShell
This won’t help you with your question, but I figured I should warn against using send-mailmessage.
-
Alternative to PowerShell cmdlet 'send-mailmessage'
points you here.
-
API pagination help?
Some of the reasons for not using Hashtable or other non-generic collection types are outlined here. That's why Microsoft doesn't recommend their usage in new implementations across all of its API documentation.
- How to deal with credentials in automated scripts?
-
pfSense configuration backup
And if you really want to be secure you need to something better than a SecureString: https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md
What are some alternatives?
nosecmem - Demonstrate ability to read memfd_secret() data from the kernel
MailKit - A cross-platform .NET library for IMAP, POP3, and SMTP.
memory_pages - `memory_pages` is a small library provinig a cross-platform API to request pages from kernel with certain premisions
ImportExcel - PowerShell module to import/export Excel spreadsheets, without Excel
stupidalloc - A stupid Rust memory allocator
dotfiles - Home directory with an absurd amount of tweaks
cactusref - 🌵 Cycle-Aware Reference Counting in Rust
envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.
distrobuilder - System container image builder for LXC and Incus
envchain - Environment variables meet macOS Keychain and gnome-keyring <3
AngleSharp - :angel: The ultimate angle brackets parser library parsing HTML5, MathML, SVG and CSS to construct a DOM based on the official W3C specifications.
SecretManagement - PowerShell module to consistent usage of secrets through different extension vaults