Projects in the topic security


Kanidm - Modern Opensource Identity Management

an invention by firstyear

Project Description

Kanidm is a identity management system (a store of accounts, groups and more) that supports authentication to opensuse, web sites, networks, and more. The project has a focus on respect of humans, correctness, simplicity and performance. In previous hackweeks we have implemented cryptographic authentication (webauthn), wasm based web UI and more.

Updated about 1 month ago. 5 hacker ♥️. 3 followers.

FIDO2 emulation

a project by mkoutny

Project Description

FIDO2 is set of specifications for multi-factor authentication. It is based on asymmetric cryptography with secrets stored in a HW token. The token must support the protocol to be usable.

Updated about 2 months ago. 4 hacker ♥️. 5 followers.

Learn more about Application Security (AppSec) Open Source Tools and Testing Techniques

an idea by heidi.bronson

Project Description

Application security (AppSec) is a threat that all organizations are facing. While we have QA engineers and security teams to help avoid these threats, true AppSec can only be obtained by giving developers the tools to find and fix vulnerabilities before their code is pushed into the deployment pipeline. As a software engineer, I want to make sure that my applications are secure. During this hackweek, I want to study the OWASP Top 10 vulnerabilities, related testing techniques, and open source tools that can be used to test our applications and keep them safe from malicious actors.

Updated about 2 months ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

Project Verifree : internal key server(s)

a project by mcaj

Project description

The project Verifree is about GPG key server. The goal is build a Key server, where users are able to

Updated 2 months ago. 4 hacker ♥️. 7 followers.

Poking technologies for enrolling customer key to kernel trusted keyring

a project by joeyli

Project Description

The keys in db or mok can be used to verify boot loader and kernel binary for booting. But upstream kernel doesn't trust them for enrolling to trusted keyring because they are enrolled outside the boundaries of kernel. Which means that IMA can not use db/mok keys for verification.

Updated about 2 months ago. 1 hackers ♥️. 1 follower.

Model checking the BPF verifier

an invention by shunghsiyu

Project Description

BPF verifier plays a crucial role in securing the system (though less so now that unprivileged BPF is disabled by default in both upstream and SLES), and bugs in the verifier has lead to privilege escalation vulnerabilities in the past (e.g. CVE-2021-3490).

Updated about 1 month ago. 4 hacker ♥️. 3 followers.

rust security reviews and cargo-crev

a project by jzerebecki

Project Description

Look into things that make security/code reviews of rust code easier and play with cargo-crev.

Updated about 1 month ago. 1 hackers ♥️. 1 follower.

Explore Crev as collaborative code audit

a project by pperego

Project Description

Crev [1] is a collaborative code audit idea. Since it's common that more security engineers can work on the same projects, or there can be a different person auditing a piece of code after some time, there is the need to keep track of the code audit notes in a non-repudiable way.

Updated about 2 months ago. 3 hacker ♥️. 3 followers.