SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 SSL Open-Source Projects
-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
ecapture
Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
mbedTLS
An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
-
Jetty
Eclipse Jetty® - Web Container & Clients - supports HTTP/2, HTTP/1.1, HTTP/1.0, websocket, servlets, and more
-
websockify
Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.
-
ssl-kill-switch2
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.
-
FluentFTP
An FTP and FTPS client for .NET & .NET Standard, optimized for speed. Provides extensive FTP commands, File uploads/downloads, SSL/TLS connections, Automatic directory listing parsing, File hashing/checksums, File permissions/CHMOD, FTP proxies, FXP support, UTF-8 support, Async/await support, Powershell support and more. Written entirely in C#.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Echo - web framework for Go
Project mention: Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding | dev.to | 2024-04-07Today, April 7th, 2024, marks the 10-year anniversary since CVE-2014-0160 was published. This security vulnerability known as "Heartbleed" was a flaw in the OpenSSL cryptography software, the most popular option to implement Transport Layer Security (TLS). In more layman's terms, if you type https:// in your browser address bar, chances are high that you are interacting with OpenSSL.
Recently I looked into having a relatively simple SSO setup for my homelab. My main objective is that I could easily login with Google or GitHub auth. At my previous job I used both JetBrains Hub [1] and Keycloak but I found both of them a bit of a PITA to setup.
JetBrains Hub was really, really easy to get going. As was my previous experience with them. The only thing that annoyed me was the lack of a latest tag on their Docker registry. Don't get me wrong, pinned versions are great, but for my personal use I mostly just want to update all my Docker containers in one go.
On the other hand I found Keycloak very cumbersome to get going. It was pretty easy in dev mode, but I stumbled to get it going in production. AFAIK it had something to do with the wildcard Let's Encrypt cert that I tried to use. But after a couple of hours, I just gave up.
I finally went with Dex [2]. I had previously put it off because of the lack of documentation, but in the end it was extremely easy to setup. It just required some basic YAML, a SQLite database and a (sub)domain. I combined Dex with the excellent OAuth2 Proxy and a custom Nginx (Proxy Manager) template for an easy two line SSO configuration on all of my internal services.
In addition to this setup, I also added Cloudflare Access and WAF outside of my home to add some security. I only want to add some CrowdSec to get a little more insights.
1. https://www.jetbrains.com/hub/
You’re in luck because such a tool exists :) https://testssl.sh/
Project mention: Any fun/interesting custom scripts or services being ran on your setup? | /r/homelab | 2023-05-16I do everything through a web browser -- I run an Arch VM with a modified version of ttyd running as a systemd service.
Project mention: Wireguard (docker-compose) has stopped being able to connect to the internet. | /r/WireGuard | 2023-07-10My hunch is that because I decided to include the acme-companion image in this nginx setup, that maybe it has something to do with the SSL certs? The only other thing I could think of is that I had to combine the networks in order for nginx-proxy and Sonarr both to be able to see my transmission instance via:
Project mention: Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released | news.ycombinator.com | 2024-02-28
It's work in progress: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/ar...
Newer version have okay-ish support, I'd guess the next OpenWRT release will have it again.
Project mention: S2n-TLS – A C99 implementation of the TLS/SSL protocol | /r/programming | 2023-12-05
Project mention: Example Java Application with Embedded Jetty and a htmx Website | dev.to | 2024-03-28As described on eclipse.dev/jetty: "Jetty provides a web server and servlet container, additionally providing support for HTTP/2, WebSocket, OSGi, JMX, JNDI, JAAS and many other integrations. These components are open source and are freely available for commercial use and distribution."
Project mention: My first BBS (anybody know of an easy to install browser based client?) | /r/bbs | 2023-07-05Try this: https://github.com/novnc/websockify I got mine set up as a windows service. But you can also just have it run on booting
Project mention: Recent 'MFA Bombing' Attacks Targeting Apple Users | news.ycombinator.com | 2024-03-27> us[e] Akamai to block scraping
Would https://github.com/lwthiker/curl-impersonate help? Haven’t tried with Akamai, but did help with another widely used CDN that shall remain unnamed (but has successfully infused me with burning hate for their products after a couple of years’ worth of using an always-on VPN to bypass Internet censorship and/or a slightly unusual browser).
SSL related posts
- Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
- Ask HN: How does the xz backdoor replace RSA_public_decrypt?
- Recent 'MFA Bombing' Attacks Targeting Apple Users
- See this page fetch itself, byte by byte, over TLS
- See this page fetch itself, byte by byte, over TLS
- Badssl.com
- Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released
-
A note from our sponsor - SaaSHub
www.saashub.com | 20 Apr 2024
Index
What are some of the best open-source SSL projects? This list will help you:
Project | Stars | |
---|---|---|
1 | mitmproxy | 34,277 |
2 | Echo | 28,466 |
3 | nginxconfig.io | 27,027 |
4 | OpenSSL | 24,142 |
5 | oauth2-proxy | 8,632 |
6 | ecapture | 8,134 |
7 | testssl.sh | 7,628 |
8 | Kitura | 7,615 |
9 | ttyd | 7,281 |
10 | acme-companion | 7,250 |
11 | rustls | 5,417 |
12 | Twisted | 5,416 |
13 | mbedTLS | 4,898 |
14 | GmSSL | 4,716 |
15 | s2n | 4,446 |
16 | Boost.Beast | 4,157 |
17 | Jetty | 3,742 |
18 | websockify | 3,736 |
19 | curl-impersonate | 3,308 |
20 | sslyze | 3,130 |
21 | ssl-kill-switch2 | 2,979 |
22 | FluentFTP | 2,937 |
23 | badssl.com | 2,734 |
Sponsored