Data

Tools

Indexes

Applications

Experiments

Open Source Science

oo35bvy

nothing to do

https://github.com/ppngb620d/oo35bvy

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (3.4%) to scientific vocabulary
Last synced: 9 months ago · JSON representation

Repository

nothing to do

Basic Info
  • Host: GitHub
  • Owner: Ppngb620d
  • License: mit
  • Language: Jupyter Notebook
  • Default Branch: main
  • Size: 337 MB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created over 1 year ago · Last pushed 9 months ago
Metadata Files
Readme Changelog Contributing Funding License Code of conduct Citation Codeowners Security Support Governance Roadmap Authors Notice Copyright Dco Cla

README-ar.md

English | | | Azrbaycan | | | Catal | etina | Deutsch | | Espaol | | Franais | | Indonesia | Italiano | | | | | | | Nederlands | Polski | Portugus (Brasil) | | | Trke | | Ting Vit

# API Security Checklist API --- ## (Authentication) - [ ]        `Basic Auth` ( [JWT](https://jwt.io/), [OAuth](https://oauth.net/)). - [ ]        `` ` ` ` `. . - [ ]        ` ` ` jail feature` . - [ ]        . ### JSON Web Token) JWT) - [ ]        (`JWT Secret`) brute forcing . - [ ]        JWT. (`HS256` `RS256`). - [ ]        (`TTL`, `RTTL`) . - [ ]        JWT, [easily](https://jwt.io/#debugger-io). - [ ]        . JWT . ## - [ ]        (Throttling) DDoS brute-force. - [ ]        HTTPS MITM (Man In The Middle Attack). - [ ]        `HSTS` header SSL SSL Strip. - [ ]        . - [ ]        IP . ## Authorization ### OAuth - [ ]        `redirect_uri` . - [ ]        ( `response_type=token`). - [ ]        `state` CSRF OAuth. - [ ]        scope . ## - [ ]        HTTP method : `GET ()`, `POST ( )`, `PUT/PATCH ( )`, and `DELETE ( )`, `405 Method Not Allowed` method . - [ ]        `content-type` reuest header (Content Negotiation) ( `application/xml`, `application/json`, ) `406 Not Acceptable` . - [ ]        `content-type` posted data ( `application/x-www-form-urlencoded`, `multipart/form-data`, `application/json`, ). - [ ]        ( `XSS`, `SQL-Injection`, `Remote Code Execution`, ). - [ ]        (`credentials`, `Passwords`, `security tokens`, `API keys`) Authorization header. - [ ]        . - [ ]        API caching Rate Limit policies ( ` Quota`, ` Spike Arrest`, ` Concurrent Rate Limit`) ## - [ ]        authentication broken authentication. - [ ]        . `/me/orders` `/user/654321/orders`. - [ ]        auto-increment. `UUID` . - [ ]        XML, entity parsing `XXE` (XML external entity). - [ ]        XML, entity expansion `Billion Laughs/XML bomb` exponential entity expansion. - [ ]        CDN . - [ ]        Workers, Queues HTTP Blocking. - [ ]        DEBUG mode . - [ ]        . ## - [ ]        `X-Content-Type-Options: nosniff` header. - [ ]        `X-Frame-Options: deny` header. - [ ]        `Content-Security-Policy: default-src 'none'` header. - [ ]        headers - `X-Powered-By`, `Server`, `X-AspNet-Version` . - [ ]        `content-type` `application/json` `content-type` `application/json`. - [ ]        `credentials`, `Passwords`, `security tokens`. - [ ]        status code . ( `200 OK`, `400 Bad Request`, `401 Unauthorized`, `405 Method Not Allowed`, ). ## CI & CD - [ ]        / unit/integration tests coverage. - [ ]        . - [ ]        . - [ ]        ( /) . - [ ]        ( ) . - [ ]        rollback. ## Monitoring - [ ] Use centralized logins for all services and components. - [ ] Use agents to monitor all traffic, errors, requests, and responses. - [ ] Use alerts for SMS, Slack, Email, Telegram, Kibana, Cloudwatch, etc. - [ ] Ensure that you aren't logging any sensitive data like credit cards, passwords, PINs, etc. - [ ] Use an IDS and/or IPS system to monitor your API requests and instances. --- ## : - [yosriady/api-development-tools](https://github.com/yosriady/api-development-tools) - RESTful HTTP+JSON APIs. --- # fork pull request. `team@shieldfy.io`.

Owner

  • Login: Ppngb620d
  • Kind: user

Dependencies

.github/workflows/ci-plus.yml actions
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
requirements.txt pypi
  • certifi ==2024.7.4
  • chardet ==5.2.0
  • charset-normalizer ==3.3.2
  • idna ==3.7
  • numpy ==2.0.1
  • pandas ==2.2.2
  • python-dateutil ==2.9.0.post0
  • pytz ==2024.1
  • requests ==2.32.3
  • six ==1.16.0
  • tzdata ==2024.1
  • urllib3 ==2.2.2
.github/workflows/main.yml actions
  • actions/checkout v2 composite
  • ansible/ansible-lint-action master composite
bower.json bower
  • d3 ~3.5.6
  • d3-geo-projection ~0.2.15
  • dat-gui ~0.5.1
  • font-awesome ~4.5.0
  • jquery ~2.1.4
  • lodash ~3.10.1
  • reveal.js ~3.2.0
  • stats.js *
  • topojson ~1.6.19
Dockerfile docker
  • alpine latest build
  • golang alpine build
Android/Demo/build.gradle maven
pom.xml maven
package.json npm
  • grunt ^0.4.5 development
  • grunt-contrib-clean ^0.6.0 development
  • grunt-contrib-concat ^0.5.1 development
  • grunt-contrib-copy ~0.4.1 development
  • grunt-contrib-jshint ^0.11.0 development
  • grunt-contrib-uglify ^0.8.0 development
  • grunt-contrib-watch ^0.6.1 development
  • grunt-git ~0.2.14 development
  • grunt-serve ^0.1.6 development
  • grunt-text-replace ~0.3.12 development
  • jshint-stylish ^1.0.0 development
  • load-grunt-tasks ^3.1.0 development
AuthService/AuthService.csproj nuget
  • Google.Apis.Auth 1.57.0
  • Microsoft.AspNet.WebApi.Cors 5.2.8
  • Microsoft.AspNetCore.Authentication.JwtBearer 6.0.5
  • Microsoft.EntityFrameworkCore 6.0.5
  • Microsoft.IdentityModel.Tokens 6.17.0
  • Newtonsoft.Json 13.0.1
  • Serilog.AspNetCore 5.0.0
  • Swashbuckle.AspNetCore 6.2.3
  • System.IdentityModel.Tokens.Jwt 6.17.0
pubspec.lock pub
  • async 2.5.0-nullsafety.1
  • boolean_selector 2.1.0-nullsafety.1
  • characters 1.1.0-nullsafety.3
  • charcode 1.2.0-nullsafety.1
  • clock 1.1.0-nullsafety.1
  • cloud_firestore 0.14.3
  • cloud_firestore_platform_interface 2.2.0
  • cloud_firestore_web 0.2.1
  • collection 1.15.0-nullsafety.3
  • cupertino_icons 1.0.0
  • fake_async 1.2.0-nullsafety.1
  • firebase 7.3.3
  • firebase_auth 0.18.2
  • firebase_auth_platform_interface 2.1.2
  • firebase_auth_web 0.3.1+2
  • firebase_core 0.5.2
  • firebase_core_platform_interface 2.0.0
  • firebase_core_web 0.2.1
  • flutter 0.0.0
  • flutter_login_facebook 0.4.0+1
  • flutter_test 0.0.0
  • flutter_web_plugins 0.0.0
  • google_sign_in 4.5.6
  • google_sign_in_platform_interface 1.1.2
  • google_sign_in_web 0.9.2
  • http 0.12.2
  • http_parser 3.1.4
  • intl 0.16.1
  • js 0.6.2
  • list_ext 0.1.15
  • matcher 0.12.10-nullsafety.1
  • meta 1.3.0-nullsafety.3
  • nested 0.0.4
  • path 1.8.0-nullsafety.1
  • pedantic 1.9.2
  • plugin_platform_interface 1.0.3
  • provider 4.3.3
  • quiver 2.1.5
  • rxdart 0.24.1
  • sky_engine 0.0.99
  • source_span 1.8.0-nullsafety.2
  • stack_trace 1.10.0-nullsafety.1
  • stream_channel 2.1.0-nullsafety.1
  • string_scanner 1.1.0-nullsafety.1
  • term_glyph 1.2.0-nullsafety.1
  • test_api 0.2.19-nullsafety.2
  • typed_data 1.3.0-nullsafety.3
  • vector_math 2.1.0-nullsafety.3
project/Sprint4/requirements-dev.txt pypi
  • pytest ==6.2.5 development
Gemfile rubygems
  • asciidoctor = 2.0.11
  • asciidoctor-multipage = 0.0.12
  • concurrent-ruby = 1.1.7
  • tilt = 2.0.10