wrongsecrets
Keywhiz
wrongsecrets | Keywhiz | |
---|---|---|
3 | 3 | |
1,155 | 2,617 | |
7.2% | - | |
9.9 | 0.0 | |
16 days ago | 8 months ago | |
Java | Java | |
GNU Affero General Public License v3.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wrongsecrets
- How to Not Use Secrets
-
Don't Tackle Security Alone: A Beginner's Guide To OWASP
OWASP WrongSecrets
-
Why WrongSecrets moved to the OWASP Github Organization
After 1 year of active development under my personal Github Id commjoen, it is time to migrate our OWASP project WrongSecrets to the OWASP Github organization.
Keywhiz
- The OpenTF Manifesto
- Keycloak: Open-Source Identity and Access Management
-
How can I securely create user accounts within a docker container?
There is also good ol' https://square.github.io/keywhiz
What are some alternatives?
WebGoat - WebGoat is a deliberately insecure application
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
trufflehog - Find and verify secrets
Bouncy Castle - Bouncy Castle Java Distribution (Mirror)
juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Spring Security - Spring Security
gitleaks - Protect and discover secrets using Gitleaks 🔑
Nimbus JOSE+JWT - JSON Web Token (JWT) implementation for Java with support for signatures (JWS), encryption (JWE) and web keys (JWK).
envless - OpenSource, frictionless and secure way to share and manage app secrets across teams.
pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Apache Shiro - Apache Shiro