SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Java Security Projects
Open Source Identity and Access Management For Modern Applications and ServicesProject mention: Ask HN: Any Comprehensive Courses on Auth? | news.ycombinator.com | 2023-11-19
FastAPI's tutorial on how to implement a basic OAuth server helped me a lot in understanding the basic concepts.
After getting familiar, I self hosted Keycloak and integrated it with my FastAPI server.
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.Project mention: “Please do not make it public” (Tencent’s Sogou Input Method) | news.ycombinator.com | 2023-08-09
> I wonder what people say when they find a bug despite you using standard crypto?
Not using TLS doesn't automatically mean you need to "roll your own crypto". They could have used a well documentend library such as Google Tink instead of doing their own crypto.
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
The ZAP core project
Open source alternative to Auth0 / Firebase Auth / AWS CognitoProject mention: What is the best way to implement authentication that provides Google Auth, Facebook Auth, etc. | /r/node | 2023-10-18
Multi-platform transparent client-side encryption of your files in the cloudProject mention: VeraCrypt: Free, open source, disk encryption for Windows, Mac OS X, Linux | news.ycombinator.com | 2023-10-01
I've used countless encryption "schemes" over the years, from True/Vera-Crypt to encrypted sparse bundles/images, and none have ever really felt right.
These days i tend to use Cryptomator instead. It accomplishes what none of the others could do, which is transparent encryption across devices.
With Cryptomator, i simply create a vault somewhere in the cloud, stuff data in it, and i can access it from my laptop, phone or tablet, and not think much about it. It integrates into the normal file browsing APIs, and doesn't get in the way.
Because it does "per file" encryption, it also doesn't need to download a 20-100MB chunk from the cloud before decrypting, so it's rather fast (depending on file size of course).
Java JWT: JSON Web Token for Java and AndroidProject mention: Java JWT: JSON Web Token for Java and Android | news.ycombinator.com | 2023-10-04
Spring SecurityProject mention: Spring Security private_key_jwt with AWS KMS | dev.to | 2023-01-16
Spring security has long had great OAuth2.0 support from both the server and client elements. Recently spring security added support for the private_key_jwt client authentication method as part of the authorization code grant flow. Spring Security GitHub ref
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
Free and open log managementProject mention: graylog VS openobserve - a user suggested alternative | libhunt.com/r/graylog2-server | 2023-09-07
Use Security Tools: To identify known vulnerabilities in your project's dependencies, you can utilize commands like npm audit or employ third-party security scanners such as DependencyCheck or Dependabot. These tools thoroughly analyze the dependency tree and offer actionable insights to assist you in resolving any identified vulnerabilities.
✔️ Secure, simple key-value storage for Android
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.Project mention: MifareClassicTool - An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags. | /r/hacking | 2023-02-19
Jasypt integration for Spring boot
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...Project mention: The Java security framework to protect web applications and web services | news.ycombinator.com | 2023-06-26
Fully featured, open source, privacy friendly email app for AndroidProject mention: FairEmail development may cease due to Google 'security' requirements | news.ycombinator.com | 2023-11-16
An authorization library that supports access control models like ACL, RBAC, ABAC in Java
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Bouncy Castle Java Distribution (Mirror)Project mention: Java implementation of a quantum computing resistant cryptographic algorithm | news.ycombinator.com | 2023-10-23
The readme mentions a dependency on Bouncy Castle - note that BC already contains several Java-based PQC signature schemes, see https://doc.primekey.com/bouncycastle/interoperability#Inter... and https://github.com/bcgit/bc-java
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.Project mention: Dependency-Track | news.ycombinator.com | 2023-10-27
A p2p, secure file storage, social network and application protocol
The Github home of Orbot: Tor on Android (Also available on gitlab!)Project mention: Daily Reminder: You Need Orbot on Your Smartphone | /r/privacy | 2023-10-24
iText for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText can be a boon to nearly every workflow.
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.Project mention: Lost all my content writing contracts. Feeling hopeless as an author. | /r/ChatGPT | 2023-05-06
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Java Security related posts
Korean Smartphones Have Mandatory Shutter Sounds, 8 in 10 Want It Muted
1 project | news.ycombinator.com | 25 Nov 2023
Ask HN: Any Comprehensive Courses on Auth?
3 projects | news.ycombinator.com | 19 Nov 2023
FairEmail development may cease due to Google 'security' requirements
1 project | news.ycombinator.com | 16 Nov 2023
Auditor app version 77 released
1 project | /r/GrapheneOS | 14 Nov 2023
Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting
4 projects | news.ycombinator.com | 27 Oct 2023
1 project | news.ycombinator.com | 27 Oct 2023
SSLContext Kickstart 8.2.0 Released - Library to easily configure ssl
1 project | /r/java | 26 Oct 2023
A note from our sponsor - #<SponsorshipServiceOld:0x00007f0f9ba39cb8>
www.saashub.com | 30 Nov 2023
What are some of the best open-source Security projects in Java? This list will help you: