Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/istio-ecosystem/authservice

Move OIDC token acquisition out of your app code and into the Istio mesh

auth authz istio oidc security

Last synced: 03 Jul 2024

https://github.com/turbot/powerpipe

Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.

aws azure cis cloud cnapp cspm dashboards devops devsecops duckdb gcp golang hcl kubernetes mysql postgresql security sql sqlite terraform

Last synced: 03 Jul 2024

https://github.com/github/entitlements-app

The Ruby Gem that Powers Entitlements - GitHub's Identity and Access Management System

entitlements iam security

Last synced: 03 Jul 2024

https://github.com/kyoshidajp/bundler-alive

Are your gems alive? bunder-alive checks if gems in a RubyGem's Gemfile.lock are active.

bundler-alive dependency-checker ruby security security-tools

Last synced: 03 Jul 2024

https://github.com/gregmolnar/spektr

Static code analyser to find security issues in Rails applications

rails security

Last synced: 03 Jul 2024

https://github.com/Wafris/wafris-rb

Wafris Client for Rails and Rack applications

firewall rails security waf

Last synced: 03 Jul 2024

https://github.com/forcesunseen/graphquail

Burp Suite extension that offers a toolkit for testing GraphQL endpoints.

burp extension graphql security suite testing

Last synced: 03 Jul 2024

https://github.com/turbot/steampipe-mod-aws-perimeter

Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrusted accounts, insecure network configurations and more.

aws hacktoberfest network perimeter powerpipe powerpipe-mod security sql steampipe steampipe-mod

Last synced: 03 Jul 2024

https://github.com/globaleaks/GlobaLeaks

GlobaLeaks is free, open source software enabling anyone to easily set up and maintain a secure whistleblowing platform.

aes-encryption angularjs anonymity anti-corruption argon2 bootstrap digital-human-rights https letsencrypt libsodium open-source openpgp privacy python security sqlalchemy tor twisted usability whistleblowing

Last synced: 03 Jul 2024

https://github.com/oke-py/npm-audit-action

GitHub Action to run `npm audit`

github-action npm security vulnerability

Last synced: 03 Jul 2024

https://github.com/VKSRC/Github-Monitor

Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)

github leakage monitor restful security

Last synced: 02 Jul 2024

https://github.com/googleprojectzero/halfempty

A fast, parallel test case minimization tool.

bisection fuzzing security testcase-reducer

Last synced: 02 Jul 2024

https://github.com/bleachbit/bleachbit

BleachBit system cleaner for Windows and Linux

antiforensics bleachbit disk-cleaner gplv3 gtk linux privacy python security windows

Last synced: 02 Jul 2024

https://github.com/nsacyber/WALKOFF

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

administration analytics automation automation-framework cybersecurity devops framework integration orchestration orchestration-framework orchestrator python security sysadmin walkoff walkoff-apps walkoff-workflows workflow

Last synced: 02 Jul 2024

https://nsacyber.github.io/WALKOFF

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

administration analytics automation automation-framework cybersecurity devops framework integration orchestration orchestration-framework orchestrator python security sysadmin walkoff walkoff-apps walkoff-workflows workflow

Last synced: 02 Jul 2024

https://github.com/brimstone/docker-kali

A Docker image for bits of Kali Linux

armitage docker kali metasploit pentesting security zaproxy

Last synced: 02 Jul 2024

https://github.com/unnawut/roca-detect

A docker container that checks your keys for ROCA vulnerability.

detector docker docker-container roca-detection roca-vulnerability rsa rsa-keys security security-audit security-tools ssh-key

Last synced: 02 Jul 2024

https://github.com/muayyad-alsadi/oneway

a tool to drop privileges for docker entry-points

containers docker init-system jail privileges security

Last synced: 02 Jul 2024

https://github.com/Nitrokey/nitrokey-pro-firmware

Firmware for the Nitrokey Pro device

firmware nitrokey open-source security usb-stick

Last synced: 02 Jul 2024

https://github.com/CTFd/CTFd

CTFs as you need them

ctf ctfd education flask security

Last synced: 02 Jul 2024

https://github.com/dalibo/ldap2pg

:elephant: :busts_in_silhouette: Manage PostgreSQL roles and privileges from YAML or LDAP

acl directory golang ldap postgresql privileges roles security users yaml

Last synced: 02 Jul 2024

https://github.com/chaitin/veinmind-tools

veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集

cloud-native cloud-security container-security containerd docker image-security security

Last synced: 02 Jul 2024

https://github.com/bytedance/Elkeid

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

cwpp edr hids linux-security rasp security

Last synced: 02 Jul 2024

https://github.com/tejado/Authorizer

Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP :key::mobile_phone_off:

android auto-type bluetooth bluetooth-hid encryption gpg gpg-encryption hid keyboard-emulation otp password-manager password-store security smartphone usb usb-hid

Last synced: 02 Jul 2024

https://github.com/4ARMED/kubeletmein

Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.

kubelet kubernetes security

Last synced: 02 Jul 2024

https://github.com/wKovacs64/hibp

An unofficial TypeScript SDK for the 'Have I been pwned?' service.

breach breach-events breaches data-breach deno dump hack haveibeenpwned hibp javascript passwords pastes promise pwned security typescript

Last synced: 02 Jul 2024

https://github.com/wKovacs64/pwned

A command-line tool for querying the 'Have I been pwned?' service.

breach dump hack hacktoberfest haveibeenpwned hibp passwords pastes pwned security

Last synced: 02 Jul 2024

https://github.com/TankerHQ/sdk-js

Tanker client-side encryption SDK for JavaScript

cryptography encryption end-to-end javascript privacy sdk security tanker

Last synced: 02 Jul 2024

https://sap.github.io/fosstars-rating-core/

A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.

calculating-ratings java scores security security-rating security-risks security-tools

Last synced: 02 Jul 2024

https://github.com/JosephTLucas/lintML

A security-first linter for code that shouldn't need linting

linter machine-learning security

Last synced: 02 Jul 2024

https://github.com/bosch-aisecurity-aishield/watchtower

AIShield Watchtower: Dive Deep into AI's Secrets! 🔍 Open-source tool by AIShield for AI model insights & vulnerability scans. Secure your AI supply chain today! ⚙️🛡️

adversarial-attacks aisec aisecurity mlops mlsecops security security-automation security-tools supply-chain vulnerability-scanners

Last synced: 02 Jul 2024

https://github.com/arturmiller/adversarial_ml_ctf

This repository is a CTF challenge, showing a security flaw in most (all?) common artificial neural networks. They are vulnerable for adversarial images.

adversarial challenge ctf docker flask machine-learning optimization python security website

Last synced: 02 Jul 2024

https://github.com/YingtongDou/Nash-Detect

Code for KDD 2020 paper Robust Spammer Detection by Nash Reinforcement Learning

fraud-detection game-theory machine-learning reinforcement-learning security spam-detection

Last synced: 01 Jul 2024

https://github.com/YingtongDou/CARE-GNN

Code for CIKM 2020 paper Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters

datamining deep-learning fraud-detection fraud-prevention graphneuralnetwork machine-learning reinforcement-learning security

Last synced: 01 Jul 2024

https://github.com/osipxd/encrypted-datastore

Extensions to store DataStore in EncryptedFile

android datastore encrypted encryption security tink

Last synced: 01 Jul 2024

https://github.com/DopplerHQ/gitops-secrets-nodejs

GitOps encrypted secrets workflow for Node.js

secret-management secrets secrets-management secrets-manager security

Last synced: 01 Jul 2024

https://github.com/SkipToTheEndpoint/OpenIntuneBaseline

Community-driven baseline to accelerate Intune adoption and learning.

device-config intune microsoft security

Last synced: 01 Jul 2024

https://github.com/ThuCCSLab/Awesome-LM-SSP

A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).

adversarial-attacks awesome-list diffusion-models jailbreak language-model llm nlp privacy safety security vlm

Last synced: 01 Jul 2024

https://github.com/miscreant/meta

Meta-repository for Miscreant: misuse-resistant symmetric encryption library with AES-SIV (RFC 5297) and AES-PMAC-SIV support

aead aes cryptography key-wrapping nonce-misuse-attacks security siv streaming-encryption

Last synced: 01 Jul 2024

https://github.com/atexio/mercure

Mercure is a tool for security managers who want to train their colleague to phishing.

campaign email hacking phishing python security

Last synced: 01 Jul 2024

https://github.com/fishing-cat/fishing-cat-server

Open-Source Phishing Campaign Toolkit

cat fishing-cat heroku phishing rails ruby security

Last synced: 01 Jul 2024

https://github.com/BeatSwitch/lock

A flexible, driver based Acl package for PHP 5.4+

acl permissions php security

Last synced: 30 Jun 2024

https://github.com/m-mizutani/octovy

Trivy based vulnerability management service

github-app golang security typescript vulnerability-scanners

Last synced: 30 Jun 2024

https://github.com/Foxboron/age-plugin-tpm

:key: TPM 2.0 plugin for age

age go-tpm golang security tpm tpm2

Last synced: 29 Jun 2024

https://github.com/linux-audit/audit-userspace

Linux audit userspace repository

linux logging security

Last synced: 29 Jun 2024

https://github.com/trailofbits/osquery-extensions

osquery extensions by Trail of Bits

intrusion-detection monitoring osquery security sql

Last synced: 29 Jun 2024

https://github.com/trailofbits/ebpfpub

ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.

bpf ebpf llvm monitoring security tracepoints tracing

Last synced: 29 Jun 2024

https://github.com/Bouke/SRP

Secure Remote Password (SRP) for Swift

authentication encryption password rfc-2945 rfc-5054 security srp srp-6a swift

Last synced: 29 Jun 2024

https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector

Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)

bytecode cve-2021-44228 log4j2 log4jshell log4shell scanner security

Last synced: 29 Jun 2024

https://github.com/wh0isdxk/Security-by-Design

Conceitos sobre Security-by-Design e alguns passos sobre como implementar isso no dia-a-dia.

information-security security security-by-design seguranca seguranca-da-informacao

Last synced: 29 Jun 2024

https://github.com/snyk-labs/awesome-log4shell

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

awesome awesome-list java log4j log4shell security vulnerability

Last synced: 29 Jun 2024

https://github.com/krol3/container-security-checklist

Checklist for container security - devsecops practices

containers devsecops security

Last synced: 29 Jun 2024

https://github.com/w5teams/w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效

automation devops hack hacker hacking python-script python3 security security-audit security-automation security-tools shuffle soar tools w5 w5soar walkoff

Last synced: 29 Jun 2024

https://github.com/lwindolf/lzone-cheat-sheets

A collection of SRE / DevOps / system architecture cheat sheets hosted on https://lzone.de

architecture automation cheatsheet cloud devops devsecops kubernetes linux security sre

Last synced: 28 Jun 2024

https://github.com/easybill/easypwned

offline haveibeenpwned HIBP check and downloader, rest api, easybill

haveibeenpwned hibp password security

Last synced: 28 Jun 2024

https://github.com/brittonhayes/pillager

Pillage filesystems for sensitive information with Go 🔍

cli gitleaks go golang hacking scanner security security-tools tool tui

Last synced: 28 Jun 2024

https://github.com/Safe3/uuWAF

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

api-gateway api-security application-security ddos http-flood modsecurity owasp security uuwaf waap waf web-application-firewall web-security-gateway

Last synced: 28 Jun 2024

https://github.com/Idov31/MrKaplan

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

attack cyber cybersecurity evasion infosec infosectools powershell red-team red-teaming security security-tools windows

Last synced: 28 Jun 2024

https://github.com/AmanoTeam/Unalix

Small, dependency-free, fast Python package for removing tracking fields from URLs.

internet python python3 security

Last synced: 28 Jun 2024

https://github.com/diversenok/TokenUniverse

An advanced tool for working with access tokens and Windows security policy.

access-tokens delphi native-api security security-tools windows windows-internals

Last synced: 27 Jun 2024

https://github.com/bricks-cloud/BricksLLM

🔒 Enterprise-grade API gateway that helps you monitor and impose cost or rate limits per API key. Get fine-grained access control and monitoring per user, application, or environment. Supports OpenAI, Azure OpenAI, Anthropic, vLLM, and open-source LLMs.

ai anthropic api artificial-intelligence azure docker generative-ai golang gpt llm open-source openai postgresql privacy rest-api security self-hosted vllm ycombinator

Last synced: 27 Jun 2024

https://github.com/eddiejibson/limitrr

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

authorization brute-force discriminator expiry express-middleware expressjs force ip light limiting maximum nodejs promise protection rate rate-limiter redis security security-tools

Last synced: 27 Jun 2024

https://github.com/HotCakeX/Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

1st-party-security applicationcontrol bitlocker defender encryption enterprise-security firewall-configuration harden module operation-system-security powershell powershell-script proactive security security-hardening tpm2 wdac windows windows11 windowsdefender

Last synced: 27 Jun 2024

https://github.com/FreshSupaSulley/Duochrome

Login through Duo Mobile in your browser

browser-extension duo duo-mobile security

Last synced: 27 Jun 2024

https://github.com/damienbod/AspNet6IdentityServer4AngularOidcFlows

OpenID Connect Code Flow PKCE / Implicit Flow with Angular and ASP.NET Core 6 IdentityServer4

angular aspnet-core aspnetcore authentication authorization identity identityserver4 oauth2 oidc openid security sqlite typescript

Last synced: 27 Jun 2024

https://github.com/CharlesPikachu/pytools

Pytools: Some useful tools written by pure python.

hubble music-player pyqt5 python3 qrcode security tools

Last synced: 27 Jun 2024

https://github.com/tensult/cloud-reports

Scans your AWS cloud resources and generates reports. Check out free hosted version:

analyzer aws best-practices cloud cloud-computing html json pdf puppeteer reports scans security

Last synced: 27 Jun 2024

https://github.com/Paul-Reed/cloudflare-ufw

Script to update UFW with Cloudflare IPs

cloudflare security ufw-firewall

Last synced: 27 Jun 2024

https://github.com/IridiumIdentity/iridium

An OIDC provider integrator. Choose your social providers without needing to write code.

customer-identity identity-management oauth2 openid-connect passwordless security webauthn

Last synced: 27 Jun 2024

https://github.com/mitre/aws-foundations-cis-baseline

InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark

aws aws-security cis cloud ia inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security

Last synced: 27 Jun 2024

https://github.com/optimajet/DWKit

DWKit is a Business Process Management System based on .NET Core and React

bpm csharp form-builder javascript jsx mssql net netcore2 postgresql react security webpack workflow workflow-designer

Last synced: 27 Jun 2024

https://github.com/dev-sec/cis-dil-benchmark

CIS Distribution Independent Linux Benchmark - InSpec Profile

audit baseline devsec hardening inspec linux security

Last synced: 27 Jun 2024

https://github.com/joshlarsen/aws-recon

Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.

aws cli collection inventory scanner security

Last synced: 27 Jun 2024

https://github.com/OpenCSPM/opencspm

Open Cloud Security Posture Management Engine

aws cloud cspm gcp kubernetes security security-audit

Last synced: 27 Jun 2024

https://github.com/alienzhou/frontend-tech-list

📝 Frontend Tech List for Developers 💡

css frontend html javascript list pwa security tech

Last synced: 27 Jun 2024

https://github.com/Gui774ume/network-security-probe

A process level network security monitoring and enforcement project for Kubernetes, using eBPF

ebpf enforcement kubernetes linux network-security profile security

Last synced: 27 Jun 2024

https://github.com/Netflix-Skunkworks/historical

A serverless, event-driven AWS configuration collection service with configuration versioning.

aws cloudtrail dynamodb events lambda python s3 security securitygroups serverless

Last synced: 27 Jun 2024

https://github.com/trackit/s3-acl-viewer

Tool to generate a report about AWS S3 bucket permissions. CSV, Excel and Google Spreadsheet output available.

aws aws-s3 security

Last synced: 27 Jun 2024

https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection

Example detection of compromise credentials in AWS

security

Last synced: 27 Jun 2024

https://github.com/nozaq/amazon-linux-cis

Bootstrap script for Amazon Linux to comply CIS Amazon Linux Benchmark v2.0.0

amazon-linux aws cis hardening security

Last synced: 27 Jun 2024

https://github.com/mablanco/docker-rapidscan

Docker image for Rapidscan, a multi-tool web vulnerability scanner

docker pentesting security

Last synced: 27 Jun 2024

https://github.com/alextanhongpin/go-microservice-architecture

Sample microservice architecture to demonstrate how each pieces are linked together

cache key-value-store load-balancer logging security service storage telemetry visualization

Last synced: 27 Jun 2024

https://github.com/nielsfaber/alarmo-card

Home Assistant card for controlling the Alarmo component

alarm alarmo assistant card home home-assistant lovelace security

Last synced: 27 Jun 2024

https://github.com/authorizerdev/authorizer

Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box.

2fa auth authentication authorization docker golang graphdb graphql hacktoberfest magic-link microservice nosql oauth2 role-based-access-control security social-logins sql typescript user-privileges

Last synced: 27 Jun 2024