Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 3 Rust Credential Projects
-
Ockam
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
-
noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
disclosure: I work at Ockam.
The Portals for Mac app is an example of the type of thing you could build using the open source stack of protocols. The README (linked by parent) links out to all of the relevant parts of the protocol documentation to explain how these work together. The NAT Traversal (https://github.com/build-trust/ockam/blob/develop/examples/a...) part of the README is probably the best explanation of why the free relay you get via Ockam Orchestrator is a useful part of this demo.
As for why would anyone trust this: The protocols are designed so you absolutely don't have to trust the relay. Trust is pushed out to the edges that you control and so you're not susceptible to a MITM attack if something like a relay is compromised. The protocol design for all of this is open and documented, and was independently audited by (IMO) some of the best in the business, Trail of Bits: https://docs.ockam.io/reference/protocols.
Project mention: Magika: AI powered fast and efficient file type identification | news.ycombinator.com | 2024-02-15Yes!
Sometimes a file has no extension. Other times the extension is a lie. Still other times, you may be dealing with an unnamed bytestring and wish to know what kind of content it is.
This last case happens quite a lot in Nosey Parker [1], a detector of secrets in textual data. There, it is possible to come across unnamed files in Git history, and it would be useful to the user to still indicate what type of file it seems to be.
I added file type detection based on libmagic to Nosey Parker a while back, but it's not compiled in by default because libmagic is slow and complicates the build process. Also, libmagic is implemented as a large C library whose primary job is parsing, which makes the security side of me jittery.
I will likely add enabled-by-default filetype detection to Nosey Parker using Magika's ONNX model.
[1] https://github.com/praetorian-inc/noseyparker
Rust Credentials related posts
- GitHub: Can no longer search code without being logged in
- Show HN: Nosey Parker, a fast and low-noise secrets detector for textual data
- Nosey Parker, a fast and low-noise secrets detector, now supports enumerating GitHub repositories and writing results in SARIF format
- Show HN: Nosey Parker, a fast and low-noise secrets detector for textual data
- Nosey Parker, a newer secrets detector, can scan 100GB of Linux kernel commit history in 2 minutes on a laptop, and now can write SARIF output
- Nosey Parker, a fast secrets detector, now enumerates GitHub repos, writes SARIF output, and has 90 default rules
- Nosey Parker, a new scanner for hardcoded secrets in textual data
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source Credential projects in Rust? This list will help you:
Project | Stars | |
---|---|---|
1 | Ockam | 4,347 |
2 | noseyparker | 1,511 |
3 | mfaws | 6 |
Sponsored