Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Kee Vault is a password manager for your web browser. Password databases (Vaults) are encrypted using the KeePass storage format before being sent to a remote server for synchronisation across any modern device/browser

Stars: ✭ 57 (-43%)

Mutual labels: password-safety, passwords

password-list

Password lists with top passwords to optimize bruteforce attacks

Stars: ✭ 174 (+74%)

Mutual labels: password-safety, passwords

laravel-pwned-passwords

Simple Laravel validation rule that allows you to prevent or limit the re-use of passwords that are known to be pwned (unsafe). Based on TroyHunt's Have I Been Pwned (https://haveibeenpwned.com)

Stars: ✭ 67 (-33%)

Mutual labels: password-safety, passwords

Hashview

A web front-end for password cracking and analytics

Stars: ✭ 601 (+501%)

Mutual labels: security-tools, passwords

Spicypass

A light-weight password manager with a focus on simplicity and security

Stars: ✭ 367 (+267%)

Mutual labels: security-tools, password-safety

Dumb Passwords

Don't let your user be a victim of their own action

Stars: ✭ 77 (-23%)

Mutual labels: passwords, password-safety

Gg Shield

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

Stars: ✭ 708 (+608%)

Mutual labels: security-tools, secret

Pwned Passwords

🔐Go client library for checking values against compromised HIBP Pwned Passwords

Stars: ✭ 81 (-19%)

Mutual labels: passwords, password-safety

Bank Vaults

A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.

Stars: ✭ 1,316 (+1216%)

Mutual labels: secret

Vsaudit

VOIP Security Audit Framework

Stars: ✭ 97 (-3%)

Mutual labels: security-tools

Flask Unsign

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Stars: ✭ 90 (-10%)

Mutual labels: security-tools

Wsmanager

Webshell Manager

Stars: ✭ 99 (-1%)

Mutual labels: security-tools

Keylogger

🔐 Open Source Python Keylogger Collection

Stars: ✭ 97 (-3%)

Mutual labels: security-tools

Katzkatz

Python3 script to parse txt files containing Mimikatz output

Stars: ✭ 91 (-9%)

Mutual labels: passwords

Awx Migrate

Tool to migrate AWX to a new instance

Stars: ✭ 89 (-11%)

Mutual labels: passwords

View All Similar Projects ➔

open source short-term secure messaging solution

How it works

Need to send a secret to someone? Use Fugacious to ensure that no permanent record of your secret will remain.

Visit fugacio.us
Enter your secret
Share your link

The link to your secret will only remain alive for the preset amount of time or number of views.

Getting started with development

Dependencies

Docker

Be sure Docker is running, then

Build the environment with:

$ docker-compose build

Start the server

$ docker-compose up

That's it, the app is running on http://localhost:3000

Local setup

Setup application dependencies

$ bin/setup

Start the app

$ foreman start -p 3000

Open your browser to http://localhost:3000

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -m 'Adds some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

See CONTRIBUTING.md for more information

Deploying to Heroku

Use this friendly button:

Or, use our friendly bootstrap script:

Ensure you have the Heroku Toolbelt installed.

Execute Heroku setup with bin/heroku. Your shell output should look something like this and once successfully launched, will open your new Fugacious instance!

Getting started with Rails 4 on Heroku for more information.

Deploying to cloud.gov

Configure cloud.gov specific settings in config/secrets.yml
Run bin/push_cloud_dot_gov

Operators

Fugacious URLs should be treated as sensitive information since knowing the URL could allow someone to access the stored secret (assuming it was accessed within the time-to-live of the secret). This means you should be careful about how you configure your HTTP server. Many have a default configuration to log all requests, including these sensitive URLs, to file or to stdout. Most PaaS, like Heroku or Cloud Foundry are configured this way, too.

Operators of fugacious should take this into consideration when setting up their app. Otherwise, they will potentially be disclosing sensitive information to their hosting providers.

License

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

For more information, see license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 100

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (26) 🔗