The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 SSL Open-Source Projects
-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
ecapture
Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
mbedTLS
An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
-
-
-
Jetty
Eclipse Jetty® - Web Container & Clients - supports HTTP/2, HTTP/1.1, HTTP/1.0, websocket, servlets, and more
-
websockify
Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.
-
ssl-kill-switch2
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.
-
FluentFTP
An FTP and FTPS client for .NET & .NET Standard, optimized for speed. Provides extensive FTP commands, File uploads/downloads, SSL/TLS connections, Automatic directory listing parsing, File hashing/checksums, File permissions/CHMOD, FTP proxies, FXP support, UTF-8 support, Async/await support, Powershell support and more. Written entirely in C#.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Echo - web framework for Go
Project mention: Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding | dev.to | 2024-04-07Today, April 7th, 2024, marks the 10-year anniversary since CVE-2014-0160 was published. This security vulnerability known as "Heartbleed" was a flaw in the OpenSSL cryptography software, the most popular option to implement Transport Layer Security (TLS). In more layman's terms, if you type https:// in your browser address bar, chances are high that you are interacting with OpenSSL.
Recently I looked into having a relatively simple SSO setup for my homelab. My main objective is that I could easily login with Google or GitHub auth. At my previous job I used both JetBrains Hub [1] and Keycloak but I found both of them a bit of a PITA to setup.
JetBrains Hub was really, really easy to get going. As was my previous experience with them. The only thing that annoyed me was the lack of a latest tag on their Docker registry. Don't get me wrong, pinned versions are great, but for my personal use I mostly just want to update all my Docker containers in one go.
On the other hand I found Keycloak very cumbersome to get going. It was pretty easy in dev mode, but I stumbled to get it going in production. AFAIK it had something to do with the wildcard Let's Encrypt cert that I tried to use. But after a couple of hours, I just gave up.
I finally went with Dex [2]. I had previously put it off because of the lack of documentation, but in the end it was extremely easy to setup. It just required some basic YAML, a SQLite database and a (sub)domain. I combined Dex with the excellent OAuth2 Proxy and a custom Nginx (Proxy Manager) template for an easy two line SSO configuration on all of my internal services.
In addition to this setup, I also added Cloudflare Access and WAF outside of my home to add some security. I only want to add some CrowdSec to get a little more insights.
1. https://www.jetbrains.com/hub/
You’re in luck because such a tool exists :) https://testssl.sh/
Project mention: Any fun/interesting custom scripts or services being ran on your setup? | /r/homelab | 2023-05-16I do everything through a web browser -- I run an Arch VM with a modified version of ttyd running as a systemd service.
Project mention: Wireguard (docker-compose) has stopped being able to connect to the internet. | /r/WireGuard | 2023-07-10My hunch is that because I decided to include the acme-companion image in this nginx setup, that maybe it has something to do with the SSL certs? The only other thing I could think of is that I had to combine the networks in order for nginx-proxy and Sonarr both to be able to see my transmission instance via:
Project mention: Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released | news.ycombinator.com | 2024-02-28
It's work in progress: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/ar...
Newer version have okay-ish support, I'd guess the next OpenWRT release will have it again.
Project mention: S2n-TLS – A C99 implementation of the TLS/SSL protocol | /r/programming | 2023-12-05
Project mention: Example Java Application with Embedded Jetty and a htmx Website | dev.to | 2024-03-28As described on eclipse.dev/jetty: "Jetty provides a web server and servlet container, additionally providing support for HTTP/2, WebSocket, OSGi, JMX, JNDI, JAAS and many other integrations. These components are open source and are freely available for commercial use and distribution."
Project mention: My first BBS (anybody know of an easy to install browser based client?) | /r/bbs | 2023-07-05Try this: https://github.com/novnc/websockify I got mine set up as a windows service. But you can also just have it run on booting
Project mention: Recent 'MFA Bombing' Attacks Targeting Apple Users | news.ycombinator.com | 2024-03-27> us[e] Akamai to block scraping
Would https://github.com/lwthiker/curl-impersonate help? Haven’t tried with Akamai, but did help with another widely used CDN that shall remain unnamed (but has successfully infused me with burning hate for their products after a couple of years’ worth of using an always-on VPN to bypass Internet censorship and/or a slightly unusual browser).
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2024-04-07.
SSL related posts
- Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
- Ask HN: How does the xz backdoor replace RSA_public_decrypt?
- Recent 'MFA Bombing' Attacks Targeting Apple Users
- See this page fetch itself, byte by byte, over TLS
- See this page fetch itself, byte by byte, over TLS
- Badssl.com
- Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source SSL projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | mitmproxy | 34,277 |
| 2 | Echo | 28,466 |
| 3 | nginxconfig.io | 27,027 |
| 4 | OpenSSL | 24,142 |
| 5 | oauth2-proxy | 8,632 |
| 6 | ecapture | 8,134 |
| 7 | Kitura | 7,615 |
| 8 | testssl.sh | 7,628 |
| 9 | ttyd | 7,281 |
| 10 | acme-companion | 7,250 |
| 11 | rustls | 5,417 |
| 12 | Twisted | 5,416 |
| 13 | mbedTLS | 4,898 |
| 14 | GmSSL | 4,716 |
| 15 | s2n | 4,446 |
| 16 | Boost.Beast | 4,157 |
| 17 | Jetty | 3,742 |
| 18 | websockify | 3,736 |
| 19 | curl-impersonate | 3,308 |
| 20 | sslyze | 3,130 |
| 21 | ssl-kill-switch2 | 2,979 |
| 22 | FluentFTP | 2,937 |
| 23 | badssl.com | 2,734 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com