With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js. Learn more →
Top 23 Signature Open-Source Projects
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
Uber Apk Signer
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
PiracyChecker
An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
-
multi-party-ecdsa
Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).
-
jose-jwt
Ultimate Javascript Object Signing and Encryption (JOSE), JSON Web Token (JWT) and Json Web Keys (JWK) Implementation for .NET and .NET Core
-
eth-crypto
Cryptographic javascript-functions for ethereum and tutorials to use them with web3js and solidity
-
enc
🔑🔒 A modern and friendly CLI alternative to GnuPG: generate and download keys, encrypt, decrypt, and sign text and files, and more.
-
GpgFrontend
A free, open-source, robust yet user-friendly, compact and cross-platform tool for OpenPGP encryption. It stands out as an exceptional GUI frontend for the modern GnuPG (gpg).
-
UXMPDFKit
An iOS PDF viewer and annotator written in Swift that can be embedded into any application.
-
Set-OutlookSignatures
The open source gold standard to centrally manage and deploy email signatures and out-of-office replies for Outlook and Exchange
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Project mention: My Boss Downloaded and Opened a .lnk File and Installed a Malware in His Device | /r/computerforensics | 2023-06-06You should run a tool like loki for ioc scanning. This will identify persistence https://github.com/Neo23x0/Loki
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
Project mention: Wearmodder Auto - Automatically scalling sideloaded apps for WearOS | /r/WearOS | 2023-12-09uber-apk-signer made by patrickfav, this uses v1.3.0
There are GitHub repos that instantly update offsets after each update.
Project mention: A beginner's guide to constant-time cryptography (2017) | news.ycombinator.com | 2024-02-22I noticed in July of 2022 that Go did exactly the vulnerable example and reported it to the security team.
https://github.com/golang/go/issues/53849
It was fixed as of Go 1.21 https://go.dev/doc/go1.21
---
The article cites JavaScript, which is not constant time. There's no sure way to do constant time operations in JavaScript and thus no secure way to do crypto directly in Javascript. Browsers like Firefox depend on low level calls which should be implemented in languages that are constant time capable.
JavaScript needs something like constant time WASM in order to do crypto securely, but seeing the only constant time WASM project on GitHub has only 16 stars and the last commit was 2 years ago, it doesn't appear to have much interest. https://github.com/WebAssembly/constant-time
However, for JavaScript, I recommend Paul's library Noble which is "hardened to be algorithmically constant time". It is by far the best library available for JavaScript. https://github.com/paulmillr/noble-secp256k1
Project mention: GpgFrontend: Open-source, Cross-platform GnuPG Front end | news.ycombinator.com | 2024-03-16
If you mean signing as in "adding a digital, cryptographic signature", you could use pyhanko () which provides everything state-of-the-art to do just that.
Project mention: ISO - Application to standardize and control email signatures | /r/sysadmin | 2023-12-08Set-OutlookSignatures might be what your are looking for: https://github.com/Set-OutlookSignatures/Set-OutlookSignatures
Signature related posts
- Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
- E2EE on the web: is the web that bad?
- Macaroons Escalated Quickly
- ISO - Application to standardize and control email signatures
- Email signatures!!!
- Signing PDFs
- Outlook Signature Automation
-
A note from our sponsor - SurveyJS
surveyjs.io | 26 Apr 2024
Index
What are some of the best open-source Signature projects? This list will help you:
Project | Stars | |
---|---|---|
1 | signature_pad | 10,095 |
2 | Loki | 3,219 |
3 | CreepyCodeCollection | 2,346 |
4 | signature-base | 2,329 |
5 | DIE-engine | 2,101 |
6 | Uber Apk Signer | 1,782 |
7 | tweetnacl-js | 1,721 |
8 | hazedumper | 1,674 |
9 | PiracyChecker | 1,545 |
10 | multi-party-ecdsa | 935 |
11 | jose-jwt | 900 |
12 | eth-crypto | 862 |
13 | jwt-framework | 854 |
14 | noble-secp256k1 | 693 |
15 | Nauz-File-Detector | 484 |
16 | enc | 474 |
17 | GpgFrontend | 424 |
18 | pyHanko | 426 |
19 | noble-ed25519 | 384 |
20 | oauth-1.0a | 322 |
21 | multi-party-sig | 286 |
22 | UXMPDFKit | 274 |
23 | Set-OutlookSignatures | 268 |
Sponsored