Top 23 Java Security Projects
Open Source Identity and Access Management For Modern Applications and ServicesProject mention: Keycloak Docker setup tutorial | dev.to | 2021-06-24
Keycloak is an open-source identity and access management solution for modern applications and services. Keycloak provides both SAML and OpenID protocol solutions.
The OWASP ZAP core projectProject mention: An Incomplete List of Practical Security for Mortals | dev.to | 2021-07-06
consider adding some security testing inside the pipeline
Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Java JWT: JSON Web Token for Java and AndroidProject mention: JWT authentication in Spring Security and Angular | dev.to | 2020-09-14
There are many open-source JWT implementations available for all languages. In this blog post, we use Java jjwt library in this blog post.
Spring SecurityProject mention: How to ignore Url from Once per request filter | reddit.com/r/javahelp | 2021-05-12
You can extract (and validate) the JWT token into the Principal by implementing the getPreAuthenticatedPrincipal method, and map the claims to user details by providing through a custom implementation of AuthenticationUserDetailsService.
Free and open source log managementProject mention: Looking for suggestions on a MDR solution | reddit.com/r/msp | 2021-07-13
Have worked on a similar integration project, But with Graylog SIEM and TheHive Project. https://www.graylog.org/
Multi-platform transparent client-side encryption of your files in the cloudProject mention: Hey, you. Yeah, YOU! Make sure all your seed phrases and passwords are backed up manually! | reddit.com/r/CryptoCurrency | 2021-07-25
What about storing a text file via a client side encrypted volume with an app like https://cryptomator.org/ that works with Dropbox or Google Drive? Btw, I have nothing to do with this company or project, I actually just like the app.
Apache ShiroProject mention: Libraries, Frameworks and Technologies you would NOT recommend | reddit.com/r/java | 2021-04-13
Apache Shiro is another security framework. I haven't tried it out myself, but I was sorely tempted to when trying to set up Spring Security.
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.Project mention: Does anybody know any good materials for java defensive coding please?. | reddit.com/r/java | 2021-06-19
DependencyCheck is an open source tool that checks for vulnerabilities in dependencies used within a project. While it is a reactive tool, it's an important one since the code a developer writes is not the only code an application uses.
Open source alternative to Auth0 / Firebase Auth / AWS CognitoProject mention: Stateless alternative to Keycloak? | reddit.com/r/selfhosted | 2021-05-09
Checkout supertokens.io. You can deploy as many instances of the server as you'd like, and they all communicate with one database. There is no state maintained in any of those instances, so even if they restart, it won't matter much.
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.Project mention: Help With Mifare Classic Tags | reddit.com/r/NFC | 2021-02-17
Note that some phones that don't have a NFC chip made by NXP don't fully support Mifare Classic tags. See this list and this one.
A system for distributing and managing secrets
Fully featured, open source, privacy friendly email app for AndroidProject mention: K-9 Mail is back | news.ycombinator.com | 2021-07-24
A few years ago I had trouble with K9 going into "poll only mode", for lack of a better term. Push notifications simply didn't work and I missed lots of emails as a result.
Switched to FairEmail and have been a happy user since.
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)Project mention: Enforcing Coding Best Practices using CI | dev.to | 2021-05-30
SpotBugs with Find sec bugs for Java
Signal Protocol library for Java/AndroidProject mention: Aprovado a 06/07/2021 o ChatControl permite a monitorização de todas as trocas de correspondecias digitais na UE, ordem judicial não é necessária e utilizadores "inspecionados" não são informados. | reddit.com/r/portugal | 2021-07-09
Parece que a lib de encriptação do WhatsApp é baseada na do Signal.
Bouncy Castle Java Distribution (Mirror)Project mention: Java - Bouncy castle - OpenPGP | reddit.com/r/crypto | 2021-05-19
An authorization library that supports access control models like ACL, RBAC, ABAC in JavaProject mention: Casbin: An authorization library that supports access control models like ACL, RBAC, ABAC in Java | reddit.com/r/java | 2021-04-08
A p2p, secure file storage, social network and application protocolProject mention: Is holochain is a place you could build a functional distributed / lambda-architecture db yet? | reddit.com/r/holochain | 2021-06-25
Peergos https://peergos.org/ is really cool too. Again, heavy emphasis on agency esp via object capabilities. It's like what we expect Holo hosting will look like in beta; all program execution happens in the browser, and apps have to ask your browser for permission before they do anything. Just like Spritely, it uses IPFS as a backing store.
Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.Project mention: My Inlaws Wifi Is Being Spoofed By Their | reddit.com/r/techsupport | 2020-12-31
Java library for secure, distributed, P2P-based file synchronization and sharing.Project mention: Libgdx, box2d local multiplayer? | reddit.com/r/gamedev | 2021-07-11
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
The best authentication plugin for the Bukkit/Spigot API!Project mention: Online mode = false // Any way to configure it to allow Premium skins? | reddit.com/r/admincraft | 2021-01-19
AuthMe Reloaded has this option if I remember correctly. Link: https://github.com/AuthMe/AuthMeReloaded
Advanced Graphical User Interface for NMapProject mention: Network Scan | reddit.com/r/msp | 2021-01-06
With nmap scan results, it's up to you to convert the data to anything other than text. Zenmap is a GUI frontend for the scanner, and can do a bit of graphic mapping, but it's really showing its age. https://github.com/danicuestasuarez/NMapGUI might be a better use of your time.
What are some of the best open-source Security projects in Java? This list will help you: