Top 23 Java Security Projects

• Keycloak

  66 18,140 9.9 Java

  Open Source Identity and Access Management For Modern Applications and Services

  

  Project mention: Ask HN: Any Comprehensive Courses on Auth? | news.ycombinator.com | 2023-11-19

  FastAPI's tutorial on how to implement a basic OAuth server helped me a lot in understanding the basic concepts.

  https://fastapi.tiangolo.com/tutorial/security/

  After getting familiar, I self hosted Keycloak and integrated it with my FastAPI server.

  https://www.keycloak.org/

• Tink

  6 13,369 9.1 Java

  Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

  

  Project mention: “Please do not make it public” (Tencent’s Sogou Input Method) | news.ycombinator.com | 2023-08-09

  > I wonder what people say when they find a bug despite you using standard crypto?

  Not using TLS doesn't automatically mean you need to "roll your own crypto". They could have used a well documentend library such as Google Tink[1] instead of doing their own crypto.

  [1] https://github.com/google/tink

• Onboard AI

  getonboard.dev

  sponsored

  Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.

  

• ZAP

  12 11,479 8.7 Java

  The ZAP core project

  

  Project mention: Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting | news.ycombinator.com | 2023-10-27

  Briefly reviewed your product. Seems like OWASP ZAP is your competition: https://www.zaproxy.org/

  It runs entirely in the browser so it uses the browser "native" frameworks.

• SuperTokens Community

  24 10,745 9.0 Java

  Open source alternative to Auth0 / Firebase Auth / AWS Cognito

  

  Project mention: What is the best way to implement authentication that provides Google Auth, Facebook Auth, etc. | /r/node | 2023-10-18

• Cryptomator

  94 10,105 6.8 Java

  Multi-platform transparent client-side encryption of your files in the cloud

  

  Project mention: VeraCrypt: Free, open source, disk encryption for Windows, Mac OS X, Linux | news.ycombinator.com | 2023-10-01

  I've used countless encryption "schemes" over the years, from True/Vera-Crypt to encrypted sparse bundles/images, and none have ever really felt right.

  These days i tend to use Cryptomator[0] instead. It accomplishes what none of the others could do, which is transparent encryption across devices.

  With Cryptomator, i simply create a vault somewhere in the cloud, stuff data in it, and i can access it from my laptop, phone or tablet, and not think much about it. It integrates into the normal file browsing APIs, and doesn't get in the way.

  Because it does "per file" encryption, it also doesn't need to download a 20-100MB chunk from the cloud before decrypting, so it's rather fast (depending on file size of course).

  [0]: https://cryptomator.org/

• jjwt

  2 9,482 0.0 Java

  Java JWT: JSON Web Token for Java and Android

  

  Project mention: Java JWT: JSON Web Token for Java and Android | news.ycombinator.com | 2023-10-04

• Spring Security

  1 8,091 9.8 Java

  Spring Security

  

  Project mention: Spring Security private_key_jwt with AWS KMS | dev.to | 2023-01-16

  Spring security has long had great OAuth2.0 support from both the server and client elements. Recently spring security added support for the private_key_jwt client authentication method as part of the authorization code grant flow. Spring Security GitHub ref

• InfluxDB

  www.influxdata.com

  sponsored

  Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

  

• graylog

  14 6,856 9.6 Java

  Free and open log management

  

  Project mention: graylog VS openobserve - a user suggested alternative | libhunt.com/r/graylog2-server | 2023-09-07

• DependencyCheck

  3 5,481 9.0 Java

  OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

  Project mention: How To Secure Your JavaScript Applications | dev.to | 2023-06-14

  Use Security Tools: To identify known vulnerabilities in your project's dependencies, you can utilize commands like npm audit or employ third-party security scanners such as DependencyCheck or Dependabot. These tools thoroughly analyze the dependency tree and offer actionable insights to assist you in resolving any identified vulnerabilities.

• Apache Shiro

  0 4,200 7.1 Java

  Apache Shiro

  

• hawk

  0 3,950 0.0 Java

  ✔️ Secure, simple key-value storage for Android

• MifareClassicTool

  3 3,948 0.0 Java

  An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

  Project mention: MifareClassicTool - An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags. | /r/hacking | 2023-02-19

• jasypt-spring-boot

  0 2,663 5.0 Java

  Jasypt integration for Spring boot

• pac4j

  1 2,338 9.4 Java

  Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

  

  Project mention: The Java security framework to protect web applications and web services | news.ycombinator.com | 2023-06-26

• FairEmail

  30 2,328 0.0 Java

  Fully featured, open source, privacy friendly email app for Android

  Project mention: FairEmail development may cease due to Google 'security' requirements | news.ycombinator.com | 2023-11-16

• jCasbin

  0 2,268 0.0 Java

  An authorization library that supports access control models like ACL, RBAC, ABAC in Java

  

• find-sec-bugs

  0 2,140 0.0 Java

  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

  

• Bouncy Castle

  2 2,068 9.6 Java

  Bouncy Castle Java Distribution (Mirror)

  

  Project mention: Java implementation of a quantum computing resistant cryptographic algorithm | news.ycombinator.com | 2023-10-23

  The readme mentions a dependency on Bouncy Castle - note that BC already contains several Java-based PQC signature schemes, see https://doc.primekey.com/bouncycastle/interoperability#Inter... and https://github.com/bcgit/bc-java

• dependency-track

  6 2,016 0.0 Java

  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

  

  Project mention: Dependency-Track | news.ycombinator.com | 2023-10-27

• Peergos

  5 1,755 0.0 Java

  A p2p, secure file storage, social network and application protocol

  

  Project mention: Amino – The Public IPFS DHT Is Getting a Facelift | news.ycombinator.com | 2023-10-03

  You can do that with peergos [1]- mount a peergos folder locally using FUSE. Or login to the web interface and share easily and privately.

  [1] https://github.com/peergos/peergos

• orbot

  3 1,719 0.0 Java

  The Github home of Orbot: Tor on Android (Also available on gitlab!)

  

  Project mention: Daily Reminder: You Need Orbot on Your Smartphone | /r/privacy | 2023-10-24

• itext7

  0 1,688 0.0 Java

  iText for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText can be a boon to nearly every workflow.

  

• burpgpt

  1 1,685 10.0 Java

  A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

  Project mention: Lost all my content writing contracts. Feeling hopeless as an author. | /r/ChatGPT | 2023-05-06

• SaaSHub

  www.saashub.com

  sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Java Security related posts

• Korean Smartphones Have Mandatory Shutter Sounds, 8 in 10 Want It Muted
  1 project | news.ycombinator.com | 25 Nov 2023
• Ask HN: Any Comprehensive Courses on Auth?
  3 projects | news.ycombinator.com | 19 Nov 2023
• FairEmail development may cease due to Google 'security' requirements
  1 project | news.ycombinator.com | 16 Nov 2023
• Auditor app version 77 released
  1 project | /r/GrapheneOS | 14 Nov 2023
• Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting
  4 projects | news.ycombinator.com | 27 Oct 2023
• Dependency-Track
  1 project | news.ycombinator.com | 27 Oct 2023
• SSLContext Kickstart 8.2.0 Released - Library to easily configure ssl
  1 project | /r/java | 26 Oct 2023
• A note from our sponsor - #<SponsorshipServiceOld:0x00007f0f9ba39cb8>
  www.saashub.com | 30 Nov 2023

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Java projects with our weekly report!