Projects in the topic security


libpathrs

a project by cyphar

The plan is to implement a safe path resolution library for Linux to avoid the plentiful numbers of security vulnerabilities that have been seen in the wild related to path resolution race conditions and various other attacks. I've been working on kernel-space solutions but even if they were merged, it is difficult to use them safely directly. So this library intends to provide simple wrappers that everyone can use. https://github.com/openSUSE/libpathrs

Updated almost 4 years ago. 1 hackers ♥️. 1 follower.

Kanidm: A safe and modern IDM system

an invention by firstyear

This hackweek I'll be working on Kanidm, an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme. Kanidm Github

Updated about 2 years ago. 2 hacker ♥️. 1 follower.

Kanidm - A modern opensource IDM

a project by firstyear

Project Description

Kanidm is a modern, fast, opensource IDM aiming to be an alternative to projects like 389-ds, freeipa, samba 4 and others. Inspired by many identity as a services, many features of this project aim to advance the state of what is possible with opensource security and IDM today.

Updated over 1 year ago. 4 hacker ♥️. 3 followers.

Dawnscanner: revive the project and create an RPM package

a project by pperego

Project Description

Dawnscanner was a ruby code security static analyzer I created in 2013 and led until a couple of years ago. Unfortunately in my last two jobs, my focus was less on ruby code, so the project lost some traction.

Updated about 2 years ago. 1 hackers ♥️. 2 followers.

Kanidm - Modern Opensource Identity Management

an invention by firstyear

Project Description

Kanidm is a identity management system (a store of accounts, groups and more) that supports authentication to opensuse, web sites, networks, and more. The project has a focus on respect of humans, correctness, simplicity and performance. In previous hackweeks we have implemented cryptographic authentication (webauthn), wasm based web UI and more.

Updated 11 months ago. 5 hacker ♥️. 3 followers.

FIDO2 emulation

a project by mkoutny

Project Description

FIDO2 is set of specifications for multi-factor authentication. It is based on asymmetric cryptography with secrets stored in a HW token. The token must support the protocol to be usable.

Updated 11 months ago. 4 hacker ♥️. 5 followers.

Learn more about Application Security (AppSec) Open Source Tools and Testing Techniques

an idea by heidi.bronson

Project Description

Application security (AppSec) is a threat that all organizations are facing. While we have QA engineers and security teams to help avoid these threats, true AppSec can only be obtained by giving developers the tools to find and fix vulnerabilities before their code is pushed into the deployment pipeline. As a software engineer, I want to make sure that my applications are secure. During this hackweek, I want to study the OWASP Top 10 vulnerabilities, related testing techniques, and open source tools that can be used to test our applications and keep them safe from malicious actors.

Updated 12 months ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

Project Verifree : internal key server(s)

a project by mcaj

Project description

The project Verifree is about GPG key server. The goal is build a Key server, where users are able to

Updated 12 months ago. 4 hacker ♥️. 7 followers.

Poking technologies for enrolling customer key to kernel trusted keyring

a project by joeyli

Project Description

The keys in db or mok can be used to verify boot loader and kernel binary for booting. But upstream kernel doesn't trust them for enrolling to trusted keyring because they are enrolled outside the boundaries of kernel. Which means that IMA can not use db/mok keys for verification.

Updated 11 months ago. 1 hackers ♥️. 1 follower.

Model checking the BPF verifier

an invention by shunghsiyu

Project Description

BPF verifier plays a crucial role in securing the system (though less so now that unprivileged BPF is disabled by default in both upstream and SLES), and bugs in the verifier has lead to privilege escalation vulnerabilities in the past (e.g. CVE-2021-3490).

Updated 11 months ago. 4 hacker ♥️. 3 followers.