APISecurityBestPractices
Secrets management guide
Resources to help developers keep sensitive information secret and mitigate potential security breaches
Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
2k stars
27 watching
89 forks
last commit: over 5 years ago
Linked from 1 awesome list
apikeysleakedsecuritysecurity-tools
kikobeats/awesome-apiRelated projects:
| Repository | Description | Stars |
|---|---|---|
 unfor19/githubsecrets | A tool to manage GitHub Actions secrets | 45 |
 chrisbjr/api-guard | A package for authenticating RESTful APIs with API keys in Laravel | 692 |
 nullsecuritynet/tools | Provides tools, exploits, and code snippets for security research and education purposes. | 39 |
 paragonie/sapient | A toolkit for securing PHP APIs by adding application-layer cryptography to HTTP(S) traffic. | 314 |
 floragunncom/search-guard | Provides security features and authentication mechanisms for Elasticsearch clusters | 66 |
 anshumanbh/git-all-secrets | Tools to discover sensitive information from GitHub repositories and gists | 1,112 |
 gokul595/api_guard | Provides JWT-based authentication with token refreshing and blacklisting for Rails APIs | 276 |
 jkroepke/helm-secrets | Tools to manage encrypted secrets in Kubernetes Helm charts using Git workflow and cloud native secret managers. | 1,534 |
 geekshiv/smart-contract-hacking | A collection of resources and information on the topic of smart contract security testing and vulnerabilities. | 235 |
 ricoberger/vault-secrets-operator | Creates Kubernetes secrets from Vault for a secure GitOps workflow | 632 |
 ankane/secure_rails | Security best practices for Rails applications to protect against various types of attacks and vulnerabilities. | 1,032 |
 blst-security/cherrybomb | A tool that audits and tests API specifications to prevent security errors and ensures APIs function as intended. | 1,150 |
 owasp/wrongsecrets | An educational platform demonstrating common mistakes in secrets management and providing tools to help developers identify and mitigate these issues. | 1,236 |
 vesvault/libves.c | An API library providing end-to-end encryption for data storage and transmission. | 37 |
 defguard/wireguard-rs | Provides a unified API for managing secure and private networking using the WireGuard protocol. | 159 |