An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with zero-trust

A curated list of projects in awesome lists tagged with zero-trust .

https://github.com/opennhp/opennhp

A lightweight, cryptography-powered, open-source toolkit built to enforce Zero Trust security for infrastructure, applications, and data in the AI-driven world.

cybersecurity zero-trust zero-trust-network-access zero-trust-security

Last synced: 16 Jan 2026

https://github.com/OpenNHP/opennhp

NHP: A lightweight cryptography-driven Zero Trust networking protocol at the OSI 5th layer to hide your server and data from attackers.

cybersecurity zero-trust zero-trust-network-access zero-trust-security

Last synced: 10 Mar 2025

https://github.com/gravitl/netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

cloud devsecops k8s kubernetes mesh mesh-network network networking overlay-network security self-hosted virtual-network virtual-networking vpn vpn-server wg-quick wireguard wireguard-ui wireguard-vpn zero-trust

Last synced: 12 May 2025

https://github.com/codenotary/immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

auditable compliance cryptographic database gdpr go immutable immutable-database key-value merkle-tree pci-dss performance sql tamper-evident tamperproof timetravel verification verify zero-trust

Last synced: 12 May 2025

https://github.com/build-trust/ockam

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

authentication authorization credentials distributed-systems e2ee encrypted-connections encrypted-messages encryption end-to-end-encryption identity kafka key-management messaging rust security snowflake trust zero-trust

Last synced: 11 Dec 2025

https://github.com/pomerium/pomerium

Pomerium is an identity and context-aware access proxy.

beyondcorp gateway go iam identity identity-aware-proxy pomerium reverse-proxy vpn zero-trust

Last synced: 18 Mar 2026

https://github.com/hashicorp/boundary

Boundary enables identity-based access management for dynamic infrastructure.

hacktoberfest hashicorp security zero-trust

Last synced: 07 Apr 2026

https://github.com/openziti/ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti

appsec golang mesh netsec network networking overlay overlay-network secure-networking vpn vpn-2 zero-trust zero-trust-cloud zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztaa ztha ztna

Last synced: 02 Apr 2026

https://github.com/octelium/octelium

A next-gen FOSS self-hosted unified zero trust secure access platform that can operate as a remote access VPN, a ZTNA platform, API/AI/MCP gateway, a PaaS, an ngrok-alternative and a homelab infrastructure.

abac ai-gateway api-gateway beyondcorp homelab kubernetes mcp-gateway mfa opentelemetry paas policy-as-code quic remote-access ssh sso tunnel vpn wireguard zero-trust ztna

Last synced: 15 Apr 2026

https://github.com/openziti/zrok

Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.

file-sharing golang network peer-to-peer reverse-proxy security zero-trust

Last synced: 13 May 2025

https://github.com/lunasec-io/lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

compliance continuous-delivery cve-scanning cybersecurity dependency-analysis devsecops gdpr log4shell pci-dss sbom sbom-generator scanning scanning-tool security security-tools soc2 software-composition-analysis tokenization web-security zero-trust

Last synced: 15 May 2025

https://github.com/warrant-dev/warrant

Warrant is a highly scalable, centralized authorization service based on Google Zanzibar. Use it to define, enforce, query, and audit application authorization and access control.

abac access-control acl authorization authz ciam entitlements fgac fine-grained-access-control fine-grained-authorization golang iam permissions pricing-tiers rbac rebac relationship-based-access-control role-based-access-control zanzibar zero-trust

Last synced: 14 May 2025

https://github.com/mrash/fwknop

Single Packet Authorization > Port Knocking

authentication authorization firewall hmac port-knocker spa zero-trust

Last synced: 15 May 2025

https://github.com/openidentityplatform/openam

OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.

aaa access access-management accounting active-directory authentication authorization federation kerberos oauth oauth2 oidc openam opensso policy saml sso webauthn zero-trust zta

Last synced: 13 May 2025

https://github.com/OpenIdentityPlatform/OpenAM

OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.

aaa access access-management accounting active-directory authentication authorization federation kerberos oauth oauth2 oidc openam opensso policy saml sso webauthn zero-trust zta

Last synced: 30 Mar 2025

https://github.com/pomerium/awesome-zero-trust

A curated collection of awesome resources for the zero-trust security model.

access-management beyondcorp device-management identity zero-trust

Last synced: 26 Jan 2026

https://github.com/always-further/nono

Secure, kernel-enforced sandbox CLI and SDKs for AI agents. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment.

agent agentic-ai ai-agent-security ai-agents ai-security code-execution cybersecurity isolation linux-security llm mcp open-source prompt-injection runtime-security sandbox security sigstore supply-chain-security zero-trust

Last synced: 09 May 2026

https://github.com/pritunl/pritunl-zero

Zero trust system

beyondcorp smartcard u2f zero-trust

Last synced: 15 Feb 2026

https://github.com/vatsi2/bitcoin-investor-software

Bitcoin whales slash taxes 47%, lock millions offline, and trade undetected. Royen: 2025’s elite crypto fortress. Become untouchable.

bitcoin bitcoin-halving bitcoin-secure bitcoin-tax-application cold-storage crypto-tax fifo hodlers irs lifo liquidity-management multisig-wallets otc-exchange regulatory-reporting self-custody tax-calculation whale-tracker zero-trust

Last synced: 02 Apr 2025

https://github.com/OpenIdentityPlatform/OpenDJ

OpenDJ is an LDAPv3 compliant directory service, which has been developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.

ldap ldap-client ldap-server ldap-service opendj opends replication rest rest-api rest2ldap zero-trust zta

Last synced: 06 Apr 2025

https://github.com/openidentityplatform/opendj

OpenDJ is an LDAPv3 compliant directory service, which has been developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.

ldap ldap-client ldap-server ldap-service opendj opends replication rest rest-api rest2ldap zero-trust zta

Last synced: 04 Feb 2026

https://github.com/wecooperate/iMonitorSDK

The world's most powerful System Activity Monitor Engine ¡ 一æŦžåŠŸčƒŊåŧēå¤§įš„įģˆįĢ¯čĄŒä¸ēé‡‡é›†é˜˛åžĄåŧ€å‘åĨ—äģļ ~ 旨在帎劊EDR、é›ļäŋĄäģģã€æ•°æŽåŽ‰å…¨ã€åŽĄčŽĄįŽĄæŽ§į­‰įģˆįĢ¯åŽ‰å…¨čŊ¯äģļ可äģĨåŋĢé€ŸåŽžįŽ°äē§å“åŠŸčƒŊīŧŒ č€Œä¸į”¨å…ŗåŋƒåē•åą‚éŠąåŠ¨įš„åŧ€å‘、įģ´æŠ¤å’Œå…ŧ厚性闎éĸ˜īŧŒčŽŠå…ļ可äģĨä¸“æŗ¨äēŽä¸šåŠĄåŧ€å‘

access-control defender edr endpoint-security etw kernel monitoring-tool procmon security sysmon zero-trust

Last synced: 11 Jul 2025

https://github.com/otterize/intents-operator

Manage network policies, AWS, GCP & Azure IAM policies, Istio Authorization Policies, and Kafka ACLs in a Kubernetes cluster with ease.

acl auth authentication authorization controller go golang hacktoberfest ibac intents kafka kubernetes mtls networkpolicies operator otterize zero-trust

Last synced: 11 May 2025

https://github.com/saeedmasoudie/pywarp

Pywarp is a powerful replacement for the official Cloudflare WARP app, offering an intuitive UI and extended options, including advanced DNS settings, custom endpoints, and support for change protocols like masque and WireGuard.

cloudflare cloudflare-warp masque pyqt6 pyside6 python pywarp warp warp-cli warp-gui warp-linux warp-masque warp-plus warp-python warp-terminal warp-theme warp-ui windows wireguard zero-trust

Last synced: 12 Feb 2026

https://github.com/ThinkInAIXYZ/clawdhome

ClawdHome securely isolates and manages multiple OpenClaw gateway instances on one Mac.

isolation local-first macos multi-instance openclaw private-ai-assistant security zero-trust

Last synced: 15 Apr 2026

https://github.com/cogolabs/beyond

BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust

Last synced: 09 Apr 2025

https://github.com/cogolabs/transcend

BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust

Last synced: 19 Mar 2025

https://github.com/miragenetwork/mirageserver

蜃åĸƒīŧšåŸēäēŽHeadscaleäŋŽæ”šįš„å¸ĻWebUIåŧ€æēį‰ˆæœŦTailscale控åˆļ器

headscale mirage sdp tailscale web-ui zero-trust

Last synced: 09 Apr 2025

https://github.com/MirageNetwork/MirageServer

蜃åĸƒīŧšåŸēäēŽHeadscaleäŋŽæ”šįš„å¸ĻWebUIåŧ€æēį‰ˆæœŦTailscale控åˆļ器

headscale mirage sdp tailscale web-ui zero-trust

Last synced: 26 Mar 2025

https://github.com/lucadibello/zerotrust-your-home

🔐 Securing Your Digital Sanctuary, Trust None, Protect Everything.

backup-restore continuous-monitoring home-automation log-management privacy-by-design security-by-design zero-trust

Last synced: 05 Apr 2025

https://github.com/vmware/secrets-manager

VMware Secrets Manager is a lightweight secrets manager to protect your sensitive data. It’s perfect for edge deployments where energy and footprint requirements are strict—See more: https://vsecm.com/

cloud-native edge kubernetes secret-management secrets-manager security spiffe spire zero-trust

Last synced: 05 Oct 2025

https://github.com/erisa/discord-oidc-worker

Sign into Discord on Cloudflare Access, powered by Cloudflare Workers!

cloudflare-access cloudflare-workers discord oauth2 oidc-provider workers zero-trust

Last synced: 04 Apr 2025

https://github.com/werbot/werbot

🔑 Team Access Sharing - a self-hosted solution with single sign-on for secure, easy shared access to servers, databases, and applications.

1password audit bastion cluster database-access firewall firewalls go golang hacktoberfest kubernetes kubernetes-access pam postgresql rdp security self-hosted ssh werbot zero-trust

Last synced: 06 Aug 2025

https://github.com/ssbostan/tondra

Continuous Development on Kubernetes environments with Skaffold

agile docker flask helm k8s kubernetes skaffold zero-trust

Last synced: 01 May 2025

https://github.com/microsoft/azureopenai-with-apim

Deploy APIM. Auto-configure it to work with your Azure Open AI.

api api-management apim azure azure-government azure-openai federal government open-ai zero-trust

Last synced: 05 Apr 2025

https://github.com/uatuko/ruek

🔐 Lightning fast, global scale authorization service without the overhead of a yet another DSL.

abac access-control authorization cmake cpp20 fga fine-grained-authorization grpc least-privilege rbac rebac zanzibar zero-trust

Last synced: 07 Apr 2025

https://github.com/openidentityplatform/openidm

OpenIDM is an open standards based Identity Management, Provisioning and Compliance solution. Experience shows that the most important features of an identity management product are: high flexibility in Business Process handling and compliance with open standards and interfaces. A highly flexible user interface combined with a very robust workflow engine make OpenIDM ready for any Identity Management project.

activiti compliance connector directory integration process-manager provision rest-api workflow zero-trust zta

Last synced: 05 Apr 2025

https://github.com/spiffe/spike

SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane. It protects your secrets and helps your ops, SREs, and sysadmins manage sensitive data securely with minimal overhead.

cloud-native devops devsecops identity-management infrastructure infrastructure-security secrets-management secrets-manager secrets-store security spiffe spire zero-trust

Last synced: 06 Apr 2025

https://github.com/openziti/ziti-sdk-nodejs

An SDK for embedding zero trust into Node.JS applications and web servers to improve security.

appsec javascript netsec node nodejs sdk sdk-js security zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztna

Last synced: 28 Apr 2026

https://github.com/azure/azure-spring-apps-landing-zone-accelerator

The Azure Spring Apps landing zone accelerator is an open-source collection of architectural guidance and reference implementation to accelerate deployment of Azure Spring Apps at scale.

application-gateway arm-templates azure azure-cli azure-spring-apps azure-spring-cloud bicep cloud database firewall lza on-premises spring-apps spring-boot spring-cloud tanzu terraform virtual-network vmware zero-trust

Last synced: 22 Aug 2025

https://github.com/Azure/azure-spring-apps-landing-zone-accelerator

The Azure Spring Apps landing zone accelerator is an open-source collection of architectural guidance and reference implementation to accelerate deployment of Azure Spring Apps at scale.

application-gateway arm-templates azure azure-cli azure-spring-apps azure-spring-cloud bicep cloud database firewall lza on-premises spring-apps spring-boot spring-cloud tanzu terraform virtual-network vmware zero-trust

Last synced: 13 May 2025

https://github.com/openidentityplatform/openig

Open Identity Gateway (OpenIG) is a high-performance reverse proxy server with specialized session management and credential replay functionality.

authorization gateway groovy-script oauth openam openid-connect openig opensso policy-agent replay reverse-proxy reverse-proxy-server rewrite saml saml2 sso throttling zero-trust zta

Last synced: 05 Apr 2025

https://github.com/openziti/edge

Application-embedded connectivity and zero-trust components

appsec netsec zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust

Last synced: 06 Aug 2025

https://github.com/quicsec/quicsec

HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0-Okta), AuthZ (OPA), defense-in-depth (WAAP/WAF), and observability (metrics, logs, alerting, dashboard).

auth0 authentication cert-manager cloud-native grafana http http3 kubernetes loki metrics mtls oidc okta open-policy-agent prometheus quic security spiffe waf zero-trust

Last synced: 12 Apr 2025

https://github.com/adamyi/CTFProxy

Your ultimate infrastructure to run a CTF, with a BeyondCorp-like zero-trust network and simple infrastructure-as-code configuration.

capture-the-flag ctf ctf-events ctf-framework ctf-platform ctf-scoreboard ctf-tools ctfd education proxy security zero-trust

Last synced: 30 Mar 2025

https://github.com/pomerium/pomerium-helm

Official helm charts for Pomerium.

beyondcorp chart cloud-native helm-charts pomerium zero-trust

Last synced: 20 Aug 2025

https://github.com/zscaler/terraform-provider-zpa

:cloud: Terraform Provider for Zscaler Private Access :cloud:

sase terraform terraform-provider zero-trust zscaler

Last synced: 12 Mar 2026

https://github.com/flowshield/flowshield

Global web3.0 decentralized private retrieval of data security networkīŧŒBuilding Cyber Sovereignty. by @IceFireLabs

blockchain dao decentralized ethereum fvm ipfs libp2p nerovs network p2p security web3 zero-trust

Last synced: 13 Apr 2025

https://github.com/zscaler/terraform-provider-zia

:cloud: Terraform Provider for Zscaler Internet Access :cloud:

sase terraform terraform-provider zero-trust zscaler

Last synced: 08 May 2026

https://github.com/dknauss/sudo

Sudo for WordPress! đŸĨĒ Risky actions — activating plugins, deleting users, changing key settings — are gated by a required reauthentication step, regardless of user role. Time-bounded sessions, 2FA support, rate limiting, and configurable policies for REST, WP-CLI, Cron, WPGraphQL, & XML-RPC. No role escalation, no new permissions — just a gate. â›Šī¸

access-control principle-of-least-privilege sudo wordpress-admin-backend wordpress-admin-panel wordpress-administrators wordpress-auth wordpress-cron wordpress-multisite-compatible wordpress-plugins wordpress-rest-api wordpress-security wordpress-security-plugin wordpress-users wordpress-xmlrpc wp-cli wpgraphql zero-trust

Last synced: 28 Jun 2026

https://github.com/mithril-security/blind_llama_client

Zero-trust AI APIs for easy and private consumption of open-source LLMs

ai confidential llm open-source zero-trust

Last synced: 12 May 2025

https://github.com/darkdragon14/docker-cloudflare-tunnel-sync

Automatically synchronize Cloudflare Tunnels and routes from Docker container labels.

automation cloudflare cloudflare-tunnel cloudflared devops docker infrastructure labels self-hosted service-discovery zero-trust

Last synced: 30 May 2026

https://github.com/treadiehq/private-connect

Securely connect and access private services across any environment, no VPNs, no firewall rules.

networking open-source secure-tunneling service-connectivity zero-trust

Last synced: 10 Apr 2026

https://github.com/dknauss/wp-sudo

Sudo for WordPress! đŸĨĒ Risky actions — activating plugins, deleting users, changing key settings — are gated by a required reauthentication step, regardless of user role. Time-bounded sessions, 2FA support, rate limiting, and configurable policies for REST, WP-CLI, Cron, WPGraphQL, & XML-RPC. No role escalation, no new permissions — just a gate. â›Šī¸

access-control principle-of-least-privilege sudo wordpress-admin-backend wordpress-admin-panel wordpress-administrators wordpress-auth wordpress-cron wordpress-multisite-compatible wordpress-plugins wordpress-rest-api wordpress-security wordpress-security-plugin wordpress-users wordpress-xmlrpc wp-cli wpgraphql zero-trust

Last synced: 08 Mar 2026

https://github.com/gamussa/kuma4devs

Service Mesh for the Developer (with examples using Kuma Mesh kuma.io)

java kotlin mtls observability service-mesh zero-trust

Last synced: 25 Jun 2025

https://github.com/pomerium/pomerium-operator

An operator for running Pomerium on a Kubernetes cluster.

beyondcorp cloud-native go helm-chart identity kubernetes kubernetes-operator pomerium zero-trust

Last synced: 01 May 2025

https://github.com/borgoat/farmfa

TOTP MFA for teams: Shamir's Secret Sharing and zero trust OTP generation

hotp least-privilege mfa otp otp-generator shamir-secret-sharing totp zero-trust

Last synced: 12 Jan 2026

https://github.com/opentdf/spec

Trusted Data Format (TDF) is an Open, Interoperable, JSON encoded data format for implementing Data Centric Security for objects (such as files or emails) in zero-trust security world. This repository specifies the protocols and schemas required for TDF operation.

data-encryption data-tagging drm end-to-end-encryption file-encryption open-source opensource opentdf tdf zero-trust zero-trust-security

Last synced: 15 Jun 2025

https://github.com/zscaler/zscaler-sdk-python

Official Zscaler SDK Python provides an uniform and easy-to-use interface for each of the Zscaler product APIs.

ansible hacktoberfest pypi sase zero-trust zia zpa zscaler

Last synced: 02 May 2026

https://github.com/opentdf/platform

Persistent data centric security that extends owner control wherever data travels

data-encryption data-tagging drm end-to-end-encryption file-encryption go golang open-source opensource opentdf tdf zero-trust zero-trust-security

Last synced: 07 May 2026

https://github.com/thyrisAI/safe-zone

TSZ (Thyris Safe Zone) is an open-source PII detection and guardrails engine that prevents sensitive data from leaking to LLMs and third-party APIs.

ai-security data-privacy data-security guardrails guardrails-redaction pii-detection secrets-detection zero-trust

Last synced: 20 Jan 2026

https://github.com/tonikelope/coronapoker

The Texas hold 'em NL videogame we deserve, not the one we need, or was it the opposite?

java linux macos p2p poker texas-holdem windows zero-trust zero-trust-architecture

Last synced: 04 Jul 2026

https://github.com/zscaler/terraform-aws-cloud-connector-modules

Terraform Modules for Zscaler Cloud Connector on AWS

aws sase terraform zero-trust zscaler

Last synced: 21 Apr 2025

https://github.com/curityio/oauth-filter-for-java

A Servlet Filter that can be used for OAuth 2.0 protection in any Java-based Web API

api claims oauth2 scopes sdk zero-trust

Last synced: 28 Jul 2025

https://github.com/openagentidentityprotocol/agentidentityprotocol

Agent Identity Protocol - Zero-trust security layer for AI agents. Policy enforcement proxy for MCP with Human-in-the-Loop approval, DLP scanning, and audit logging.

agent-identity-protocol ai-agents ai-safety cursor-ide dlp golang human-in-the-loop llm mcp model-context-protocol policy-enforcement security zero-trust

Last synced: 29 May 2026

https://github.com/openziti/ziti-sdk-js

A JavaScript-based SDK for delivering secure browser-based web applications over a Ziti Network

appsec javascript netsec openziti sdk security zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztna

Last synced: 29 Jul 2025

https://github.com/cfgate/cfgate

Gateway API-native Kubernetes operator for Cloudflare Tunnel, DNS, and Access

access-policy cloudflare cloudflare-tunnel controller dns gateway-api go kubernetes kubernetes-operator operator tunnel zero-trust

Last synced: 16 May 2026

https://github.com/fosrl/windows

Pangolin VPN client for Windows devices

proxy remote-access vpn windows wireguard zero-trust zero-trust-network-access ztna

Last synced: 28 Apr 2026