ZeroSSL: XSS to session hijacking, stealing a private key (and password hash)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
  • dehydrated

    letsencrypt/acme client implemented as a shell-script – just add water

    Dehydrated.io, damn few dependencies.

    You're welcome.

    https://github.com/dehydrated-io/dehydrated

  • acme-tiny

    A tiny script to issue and renew TLS certs from Let's Encrypt

    Going to throw another hat into the ring here: I use acme-tiny [1], which is a single file ACME client written in Python in under 200 lines. The idea behind it is that you can fully read and understand everything it does without spending too much time on it. I really like this approach, so I went ahead and started using it, and have been for a few years now.

    [1] https://github.com/diafygi/acme-tiny

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • lego

    Let's Encrypt/ACME client and library written in Go

    I too am moving away from acme.sh for the same reason. Dehydrated looks nice but I started using goacme.

    https://github.com/go-acme/lego

    I wasn't set on only bash though.

  • chromium

    The official GitHub mirror of the Chromium source

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts