#安卓#Spoof locked bootloader on local attestations
#安卓#Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification ...
A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more
Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
#Awesome#A compilation of resources in the software supply chain security domain, with emphasis on open source
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps u...
Verax is a shared registry for storing attestations of public interest on EVM chains, designed to enhance data discoverability and consumption for dApps across the network.
#安卓#Fixes Play Integrity API (and SafetyNet) verdicts
#安卓#attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remot...
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance
Kotlin Multiplatform Crypto/PKI/ASN.1 Library with Attestation and Hardware-Backed Crypto Support on Mobile
📜 "Coinbase Verifications" is a set of Coinbase-verified onchain attestations that enable access to apps and other onchain benefits.
Attestation and Secret Delivery Components
MultiZone® Security TEE is the quick and safe way to add security and separation to any RISC-V processors. The RISC-V standard ISA doesn't define TrustZone-like primitives to provide hardware separati...
Python implementation of OWASP CycloneDX
#IOS#Server-side library to validate the authenticity of Apple App Attest artifacts, written in Kotlin.
Documentation source and development of the PSA Certified API