Top 23 Java Security Projects
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.Latest mention: Building a Secure Signed JWT | reddit.com/r/programming | 2021-01-15
appears to be focused on cryptography and not token signing. Maybe more of a complement? I did see a section about digital signing: https://github.com/google/tink/blob/master/docs/PRIMITIVES.md#digital-signatures and don't see any reason you couldn't integrate tink to sign JWTs.
The OWASP ZAP core project
Open Source Identity and Access Management For Modern Applications and Services
Java JWT: JSON Web Token for Java and AndroidLatest mention: JWT authentication in Spring Security and Angular | dev.to | 2020-09-14
There are many open-source JWT implementations available for all languages. In this blog post, we use Java jjwt library in this blog post.
Free and open source log management
Multi-platform transparent client-side encryption of your files in the cloudLatest mention: Cryptopmator vs Veracrypt using with Resilio Sync | reddit.com/r/Cryptomator | 2021-01-04
Why does Cryptomator (GPL-3.0 License) have to be replaced with VeraCrypt to be completely open source?
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.Latest mention: Weekly Developer Roundup #16 - Sun Oct 04 2020 | dev.to | 2020-10-03
jeremylong/DependencyCheck (Java): OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
A system for distributing and managing secrets
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.Latest mention: Store NFC-cards in app | reddit.com/r/fossdroid | 2020-12-21
Do you know what types of cards they are? Can you read them with https://github.com/ikarus23/MifareClassicTool/ ? What does https://play.google.com/store/apps/details?id=com.nxp.taginfolite&hl=en&gl=US say about them?
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Open source alternative to Auth0 / Firebase Auth / AWS Cognito
Signal Protocol library for Java/Android
Bouncy Castle Java Distribution (Mirror)Latest mention: Dozens sue Amazon's Ring after camera hack leads to threats and racial slurs | reddit.com/r/technology | 2020-12-23
Recently there was a constant time enhancement in bouncy castle that added a comparison using indexOf instead of charAt. Fairly easy to overlook, although glaring in hindsight, if there are no negative tests covering the functionality.
An authorization library that supports access control models like ACL, RBAC, ABAC in Java
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.Latest mention: My Inlaws Wifi Is Being Spoofed By Their | reddit.com/r/techsupport | 2020-12-31
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Advanced Graphical User Interface for NMapLatest mention: Network Scan | reddit.com/r/msp | 2021-01-06
With nmap scan results, it's up to you to convert the data to anything other than text. Zenmap is a GUI frontend for the scanner, and can do a bit of graphic mapping, but it's really showing its age. https://github.com/danicuestasuarez/NMapGUI might be a better use of your time.
The best authentication plugin for the Bukkit/Spigot API!Latest mention: Online mode = false // Any way to configure it to allow Premium skins? | reddit.com/r/admincraft | 2021-01-19
AuthMe Reloaded has this option if I remember correctly. Link: https://github.com/AuthMe/AuthMeReloaded
OpenPGP for Android
Java binding to the Networking and Cryptography (NaCl) library with the awesomeness of libsodium
Password strength estimator
What are some of the best open-source Security projects in Java? This list will help you: