Security APIs

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES: - Full programmmatic access to EC2, EBS, S3, SQS, SDB, and CloudFront. - Complete error handling: all operations check for errors and report complete error information by raising an AwsError. - Persistent HTTP connections with robust network-level retry layer using RightHttpConnection). This includes socket timeouts and retries. - Robust HTTP-level retry layer. Certain (user-adjustable) HTTP errors returned by Amazon's services are classified as temporary errors. These errors are automaticallly retried using exponentially increasing intervals. The number of retries is user-configurable. - Fast REXML-based parsing of responses (as fast as a pure Ruby solution allows). - Uses libxml (if available) for faster response parsing. - Support for large S3 list operations. Buckets and key subfolders containing many (> 1000) keys are listed in entirety. Operations based on list (like bucket clear) work on arbitrary numbers of keys. - Support for streaming GETs from S3, and streaming PUTs to S3 if the data source is a file. - Support for single-threaded usage, multithreaded usage, as well as usage with multiple AWS accounts. - Support for both first- and second-generation SQS (API versions 2007-05-01 and 2008-01-01). These versions of SQS are not compatible. - Support for signature versions 0 and 1 on SQS, SDB, and EC2. - Interoperability with any cloud running Eucalyptus (http://eucalyptus.cs.ucsb.edu) - Test suite (requires AWS account to do "live" testing).

HTTP::Cookie is a Ruby library to handle HTTP Cookies based on RFC 6265. It has with security, standards compliance and compatibility in mind, to behave just the same as today's major web browsers. It has builtin support for the legacy cookies.txt and the latest cookies.sqlite formats of Mozilla Firefox, and its modular API makes it easy to add support for a new backend store.

Provides API and a command line tool to Access the OS X Keychain. The command line tool isn't actually useful (use `security` instead), but demonstrates the usage quite well.

Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud.

Rodauth is Ruby's most advanced authentication framework, designed to work in all rack applications. It's built using Roda and Sequel, but it can be used as middleware in front of web applications that use other web frameworks and database libraries. Rodauth aims to provide strong security for password storage by utilizing separate database accounts if possible on PostgreSQL, MySQL, and Microsoft SQL Server. Configuration is done via a DSL that makes it easy to override any part of the authentication process. Rodauth supports typical authentication features: such as login and logout, changing logins and passwords, and creating, verifying, unlocking, and resetting passwords for accounts. Rodauth also supports many advanced authentication features: * Secure password storage using security definer database functions * Multiple primary multifactor authentication methods (WebAuthn and TOTP), as well as backup multifactor authentication methods (SMS and recovery codes). * Passwordless authentication using email links and WebAuthn authenticators. * Both standard HTML form and JSON API support for all features.

A Ruby API to nmap, the exploration tool and security / port scanner. Allows automating nmap and parsing nmap XML files.

Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud. Note that google-cloud-secret_manager-v1beta1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-secret_manager instead. See the readme for more details.

Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud. Note that google-cloud-secret_manager-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-secret_manager instead. See the readme for more details.

Security Command Center API provides access to temporal views of assets and findings within an organization.

Security Command Center API provides access to temporal views of assets and findings within an organization. Note that google-cloud-security_center-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-security_center instead. See the readme for more details.

Security Command Center API provides access to temporal views of assets and findings within an organization. Note that google-cloud-security_center-v1p1beta1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-security_center instead. See the readme for more details.

Escher helps you creating secure HTTP requests (for APIs) by signing HTTP(s) requests.

Sym is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment workflow. For additional security the private key itself can be encrypted with a user-generated password. For decryption using the key the password can be input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry. Unlike many other existing encryption tools, Sym focuses on getting out of your way by offering a streamlined interface with password caching (if MemCached is installed and running locally) in hopes to make encryption of application secrets nearly completely transparent to the developers. Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher, same cipher as used by the US Government. For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc. Sym accomplishes encryption transparency by combining several convenient features: 1. Sym can read the private key from multiple source types, such as pathname, an environment variable name, a keychain entry, or CLI argument. You simply pass either of these to the -k flag — one flag that works for all source types. 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local machine, much more secure then storing it on a file system, 3. By using a local password cache (activated with -c) via an in-memory provider such as memcached, sym invocations take advantage of password cache, and only ask for a password once per a configurable time period, 4. By using SYM_ARGS environment variable, where common flags can be saved. This is activated with sym -A, 5. By reading the key from the default key source file ~/.sym.key which requires no flags at all, 6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt an encrypted file with extension .enc 7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR, and replaces the encrypted version upon save & exit, optionally creating a backup. 8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory. Please refer the module documentation available here: https://www.rubydoc.info/gems/sym

Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.

ISAAC is a fast, cryptographically secure pseudo random number generator with strong statistical properties. This gem provides both a pure Ruby and a C extension based implementation which conforms to the Ruby 2 api for Random, with some enhancements. So, you should be able to use it as a drop in replacement for Ruby's (Mersenne Twister based) PRNG.

The Crocodoc API lets you upload documents and then generate secure and customized viewing sessions for them. See https://crocodoc.com for details.

This is the simple REST client for Security Token Service API V1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Security Token Service API, but note that some services may provide a separate modern client that is easier to use.

= The Owasp ESAPI Ruby project == Introduction The Owasp ESAPI Ruby is a port for outstanding release quality Owasp ESAPI project to the Ruby programming language. Ruby is now a famous programming language due to its Rails framework developed by David Heinemeier Hansson (http://twitter.com/dhh) that simplify the creation of a web application using a convention over configuration approach to simplify programmers' life. Despite Rails diffusion, there are a lot of Web framework out there that allow people to write web apps in Ruby (merb, sinatra, vintage) [http://accidentaltechnologist.com/ruby/10-alternative-ruby-web-frameworks/]. Owasp Esapi Ruby wants to bring all Ruby deevelopers a gem full of Secure APIs they can use whatever the framework they choose. == Why supporting only Ruby 1.9.2 and beyond? The OWASP Esapi Ruby gem will require at least version 1.9.2 of Ruby interpreter to make sure to have full advantages of the newer language APIs. In particular version 1.9.2 introduces radical changes in the following areas: === Regular expression engine (to be written) === UTF-8 support Unicode support in 1.9.2 is much better and provides better support for character set encoding/decoding * All strings have an additional chunk of info attached: Encoding * String#size takes encoding into account – returns the encoded character count * You can get the raw datasize * Indexed access is by encoded data – characters, not bytes * You can change encoding by force but it doesn’t convert the data === Dates and Time From "Programming Ruby 1.9" "As of Ruby 1.9.2, the range of dates that can be represented is no longer limited by the under- lying operating system’s time representation (so there’s no year 2038 problem). As a result, the year passed to the methods gm, local, new, mktime, and utc must now include the century—a year of 90 now represents 90 and not 1990." == Roadmap Please see ChangeLog file. == Note on Patches/Pull Requests * Fork the project. * Create documentation with rake yard task * Make your feature addition or bug fix. * Add tests for it. This is important so I don't break it in a future version unintentionally. * Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull) * Send me a pull request. Bonus points for topic branches. == Copyright Copyright (c) 2011 the OWASP Foundation. See LICENSE for details.

API Gateway enables you to provide secure access to your backend services through a well-defined REST API that is consistent across all of your services, regardless of the service implementation. Clients consume your REST APIS to implement standalone apps for a mobile device or tablet, through apps running in a browser, or through any other type of app that can make a request to an HTTP endpoint. Note that google-cloud-api_gateway-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-api_gateway instead. See the readme for more details.

Financial information scraper gem. Uses Yahoo Finance API.

Our APIs allow easy and secure access to bank account data and payment initiation. The account data accessible are account holder's personal information, account balances, transaction history and much more. The available payment methods depend on the banks implementation but typically are domestic transfers, SEPA credit transfer, instant SEPA credit transfer, fast payment scheme, and SWIFT international payments.

This is the simple REST client for Security Command Center API V1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Security Command Center API, but note that some services may provide a separate modern client that is easier to use.

The client library for the Google Network Security V1beta1 API. Note that google-cloud-network_security-v1beta1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-network_security instead. See the readme for more details.

This is the simple REST client for Security Command Center API V1beta1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Security Command Center API, but note that some services may provide a separate modern client that is easier to use.

This is the simple REST client for Security Command Center API V1beta2. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Security Command Center API, but note that some services may provide a separate modern client that is easier to use.

Helpers for securing APIs with G5

A simple API client for the Secured Cloud

Java implementation of the krypt-provider API using the standard JDK security library

This is the simple REST client for Security Token Service API V1beta. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Security Token Service API, but note that some services may provide a separate modern client that is easier to use.

APIFuzzer gem builds api for finding security issues through a fuzzer

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES:

Grendel is a RESTful web service which allows for the secure storage of users' documents. Grendel-Ruby provides a Ruby API for Grendel.

This is the simple REST client for Web Security Scanner API V1beta. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Web Security Scanner API, but note that some services may provide a separate modern client that is easier to use.

This is the simple REST client for Web Security Scanner API V1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Web Security Scanner API, but note that some services may provide a separate modern client that is easier to use.

This is the simple REST client for Web Security Scanner API V1alpha. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Web Security Scanner API, but note that some services may provide a separate modern client that is easier to use.

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES:

Get the most of Robinhood: accounts, positions, portfolio, buy and sell securities, etc.

awsudo enables users to execute commands that make API calls to AWS under the security context of an IAM role. The IAM role is assumed only upon successful authentication against a SAML compliant federation service. aws-agent enables users to authenticate against a SAML compliant federation service once, after which aws-agent provides temporary credentials to awsudo to use.

Rails gem that allows you to easily interact with an Oauth secured rest API with the ActiveResource model.

This is the simple REST client for Network Security API V1beta1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Network Security API, but note that some services may provide a separate modern client that is easier to use.

Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES: - Full programmmatic access to EC2, EBS, S3, SQS, SDB, and CloudFront. - Complete error handling: all operations check for errors and report complete error information by raising an AwsError. - Persistent HTTP connections with robust network-level retry layer using RightHttpConnection). This includes socket timeouts and retries. - Robust HTTP-level retry layer. Certain (user-adjustable) HTTP errors returned by Amazon's services are classified as temporary errors. These errors are automaticallly retried using exponentially increasing intervals. The number of retries is user-configurable. - Fast REXML-based parsing of responses (as fast as a pure Ruby solution allows). - Uses libxml (if available) for faster response parsing. - Support for large S3 list operations. Buckets and key subfolders containing many (> 1000) keys are listed in entirety. Operations based on list (like bucket clear) work on arbitrary numbers of keys. - Support for streaming GETs from S3, and streaming PUTs to S3 if the data source is a file. - Support for single-threaded usage, multithreaded usage, as well as usage with multiple AWS accounts. - Support for both first- and second-generation SQS (API versions 2007-05-01 and 2008-01-01). These versions of SQS are not compatible. - Support for signature versions 0 and 1 on SQS, SDB, and EC2. - Interoperability with any cloud running Eucalyptus (http://eucalyptus.cs.ucsb.edu) - Test suite (requires AWS account to do "live" testing).

This is the simple REST client for Network Security API V1. Simple REST clients are Ruby client libraries that provide access to Google services via their HTTP REST API endpoints. These libraries are generated and updated automatically based on the discovery documents published by the service, and they handle most concerns such as authentication, pagination, retry, timeouts, and logging. You can use this client to access the Network Security API, but note that some services may provide a separate modern client that is easier to use.

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES: - Full programmmatic access to EC2, EBS, S3, SQS, SDB, and CloudFront. - Complete error handling: all operations check for errors and report complete error information by raising an AwsError. - Persistent HTTP connections with robust network-level retry layer using RightHttpConnection). This includes socket timeouts and retries. - Robust HTTP-level retry layer. Certain (user-adjustable) HTTP errors returned by Amazon's services are classified as temporary errors. These errors are automaticallly retried using exponentially increasing intervals. The number of retries is user-configurable. - Fast REXML-based parsing of responses (as fast as a pure Ruby solution allows). - Uses libxml (if available) for faster response parsing. - Support for large S3 list operations. Buckets and key subfolders containing many (> 1000) keys are listed in entirety. Operations based on list (like bucket clear) work on arbitrary numbers of keys. - Support for streaming GETs from S3, and streaming PUTs to S3 if the data source is a file. - Support for single-threaded usage, multithreaded usage, as well as usage with multiple AWS accounts. - Support for both first- and second-generation SQS (API versions 2007-05-01 and 2008-01-01). These versions of SQS are not compatible. - Support for signature versions 0 and 1 on SQS, SDB, and EC2. - Interoperability with any cloud running Eucalyptus (http://eucalyptus.cs.ucsb.edu) - Test suite (requires AWS account to do "live" testing).

API Gateway enables you to provide secure access to your backend services through a well-defined REST API that is consistent across all of your services, regardless of the service implementation. Clients consume your REST APIS to implement standalone apps for a mobile device or tablet, through apps running in a browser, or through any other type of app that can make a request to an HTTP endpoint.

Themis is a convenient cryptographic library for data protection. It provides secure messaging with forward secrecy and secure data storage. Themis is aimed at modern development practices and has a unified API across 12 platforms, including Ruby, JavaScript, iOS/macOS, Python, and Java/Android.

== DESCRIPTION: The RightScale AWS gems have been designed to provide a robust, fast, and secure interface to Amazon EC2, EBS, S3, SQS, SDB, and CloudFront. These gems have been used in production by RightScale since late 2006 and are being maintained to track enhancements made by Amazon. The RightScale AWS gems comprise: - RightAws::Ec2 -- interface to Amazon EC2 (Elastic Compute Cloud) and the associated EBS (Elastic Block Store) - RightAws::S3 and RightAws::S3Interface -- interface to Amazon S3 (Simple Storage Service) - RightAws::Sqs and RightAws::SqsInterface -- interface to first-generation Amazon SQS (Simple Queue Service) (API version 2007-05-01) - RightAws::SqsGen2 and RightAws::SqsGen2Interface -- interface to second-generation Amazon SQS (Simple Queue Service) (API version 2008-01-01) - RightAws::SdbInterface and RightAws::ActiveSdb -- interface to Amazon SDB (SimpleDB) - RightAws::AcfInterface -- interface to Amazon CloudFront, a content distribution service == FEATURES:

This is the official ruby library for the Sigimera REST API. It encapsulates the authentication process in a secure way and simplifies the access to the Crises Information Platform.

This is a simple mass-assignment security module loosely based on ActiveModel::MassAssignmentSecurity. It attempts to steal the good ideas and some of the API while being compatible with Rails 2.3-based applications.

The Zoom API allows developers to safely and securely access information from Zoom. You can use this API to build private services or public applications on the [Zoom App Marketplace](http://marketplace.zoom.us). To learn how to get your credentials and create private/public applications, read our [Authorization Guide](https://marketplace.zoom.us/docs/guides/authorization/credentials). All endpoints are available via `https` and are located at `api.zoom.us/v2/`. For instance you can list all users on an account via `https://api.zoom.us/v2/users/`.