22 results found Sort:

chiteroman
BootloaderSpoofer chiteroman
62
610
gpl-3.0
16
Spoof locked bootloader on local attestations
avb android hacking hardware bootloader attestation certificate certificates
Created 2023-09-18
19 commits to main branch, last one about a month ago
GrapheneOS
Auditor GrapheneOS
83
450
mit
26
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification ...
hsm android security integrity strongbox grapheneos monitoring secureboot attestation secure-boot authenticity cryptography verifiedboot remote-attestation
Created 2018-01-30
860 commits to main branch, last one 5 days ago
keylime
keylime keylime
142
395
apache-2.0
22
A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
ima iot tpm edge cloud security opensource attestation virtualization
Created 2016-10-19
1,816 commits to master branch, last one 19 hours ago
in-toto
witness in-toto
56
393
apache-2.0
25
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
security attestation supply-chain verification security-tools
Created 2021-12-03
315 commits to main branch, last one 4 days ago
chainloop-dev
chainloop chainloop-dev
25
330
apache-2.0
9
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
ospo sbom slsa spdx in-toto license security cyclonedx devsecops compliance attestation oss-compliance sbom-discovery slsa-provenance metadata-platform sbom-distribution regulated-industry open-source-licensing supply-chain-security
Created 2023-03-06
671 commits to main branch, last one 22 hours ago
intel
confidential-computing-zoo intel
57
292
apache-2.0
14
Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
sgx tdx cloud enclave containers attestation key-management confidential-computing
Created 2021-11-25
532 commits to main branch, last one 10 days ago
ShaneK2
inVtero.net ShaneK2
57
276
agpl-3.0
31
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps u...
forensics hypervisor attestation memory-dump secure-hash memory-hacking cloud-computing memory-analysis virtual-machine patch-management microarchitecture reverse-engineering integrity-monitoring
Created 2011-04-29
183 commits to master branch, last one 9 months ago
bureado
awesome-software-supply-chain-security bureado
25
260
unknown
26
A compilation of resources in the software supply chain security domain, with emphasis on open source
sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security
Created 2022-02-20
447 commits to main branch, last one about a year ago
in-toto
attestation in-toto
49
207
other
21
in-toto Attestation Framework
attestation software-supply-chain-security
Created 2021-04-01
634 commits to main branch, last one 22 hours ago
Consensys
linea-attestation-registry Consensys
55
100
mit
13
Verax is a shared registry for storing attestations of public interest on EVM chains, designed to enhance data discoverability and consumption for dApps across the network.
evm sdk web3 solidity thegraph typescript attestation smart-contracts
Created 2023-07-05
288 commits to dev branch, last one 15 hours ago
GrapheneOS
AttestationServer GrapheneOS
46
98
mit
12
attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remot...
hsm android security integrity strongbox grapheneos monitoring secureboot attestation secure-boot authenticity cryptography verifiedboot remote-attestation
Created 2018-03-17
1,644 commits to main branch, last one 21 hours ago
hex-five
multizone-sdk hex-five
23
77
other
11
MultiZone® Security TEE is the quick and safe way to add security and separation to any RISC-V processors. The RISC-V standard ISA doesn't define TrustZone-like primitives to provide hardware separati...
tee fpga risc-v sifive xilinx firmware freertos security container multizone trustzone hypervisor attestation microkernel secure-boot root-of-trust secure-element trusted-computing digilent-arty-board trusted-execution-environment
Created 2018-12-21
250 commits to master branch, last one 5 months ago
coinbase
verifications coinbase
6
67
mit
6
📜 "Coinbase Verifications" is a set of Coinbase-verified onchain attestations that enable access to apps and other onchain benefits.
did onchain ethereum op-stack optimism attestation account-verification decentralized-identity verifiable-credentials ethereum-attestation-service
Created 2023-11-07
11 commits to main branch, last one 3 months ago
CycloneDX
cyclonedx-python-lib CycloneDX
33
61
apache-2.0
15
Python implementation of OWASP CycloneDX
bom vex cbom mbom obom purl sbom spdx owasp python library saasbom cyclonedx attestation package-url software-library bill-of-materials software-bill-of-materials
Created 2021-08-27
654 commits to main branch, last one 5 days ago
veehaitch
devicecheck-appattest veehaitch
8
60
apache-2.0
8
Server-side library to validate the authenticity of Apple App Attest artifacts, written in Kotlin.
ios java kotlin security webauthn attestation devicecheck apple-appattest
Created 2020-08-15
198 commits to main branch, last one about a year ago
kubernetes-sigs
tejolote kubernetes-sigs
9
55
apache-2.0
5
A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
sbom slsa sigstore provenance attestation
Created 2022-07-09
714 commits to main branch, last one a day ago
Catherine22
SecuritySample Catherine22
6
53
apache-2.0
4
(Android) Hide encrypted secret API keys in C/C++ code, retrieve and decrypt them via JNI. Google SafetyNet APIs example.
jws ndk android attestation secret-keys certificates safetynet-api rsa-cryptography json-web-signature
Created 2017-06-23
49 commits to master branch, last one 4 years ago
virtee
sev-snp-measure virtee
14
52
apache-2.0
6
Calculate AMD SEV/SEV-ES/SEV-SNP measurement for confidential computing
security attestation confidential-computing
Created 2022-03-08
125 commits to main branch, last one 10 days ago
confidential-containers
trustee confidential-containers
76
50
apache-2.0
19
Attestation and Secret Delivery Components
attestation key-management confidential-computing
Created 2022-04-25
621 commits to main branch, last one a day ago
ARM-software
psa-api ARM-software
24
49
other
16
Documentation source and development of the PSA Certified API
api iot security attestation cryptography firmware-update
Created 2022-09-06
340 commits to main branch, last one about a month ago
mchmarny
s3cme mchmarny
8
46
apache-2.0
4
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance
oidc sbom slsa cosine provenance attestation vulnerability supply-chain-security
Created 2023-01-12
330 commits to main branch, last one 5 months ago
chainguard-dev
vex chainguard-dev
11
44
apache-2.0
3
vexctl is a tool to attest VEX impact statements
vex csaf sbom sarif scanner container attestation vulnerability vulnerability-detection
This repository has been archived (exclude archived)
Created 2022-08-27
166 commits to main branch, last one about a year ago