Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-02-02 00:28:49 UTC
- JSON Representation
https://github.com/CervantesSec/cervantes
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
audit burpsuite collaboration collaboration-platform collaborative cve hacking nessus nmap penetration-testing penetration-testing-tools pentesters pentesting red-team red-teaming report reporting security vulnerability vulnerability-management
Last synced: 11 Jul 2025
https://github.com/danielroe/provenance-action
Fail CI when dependencies in your lockfile lose npm provenance or trusted publisher status
github-actions provenance security trusted-publishing
Last synced: 09 Oct 2025
https://github.com/dev-sec/ssh-baseline
DevSec SSH Baseline - InSpec Profile
audit baseline devsec hacktoberfest hardening inspec security ssh
Last synced: 04 Jul 2025
https://github.com/step-security/wait-for-secrets
Publish from GitHub Actions using multi-factor authentication
action actions github-actions mfa security
Last synced: 16 May 2025
https://github.com/capnspacehook/whalewall
Automate management of firewall rules for Docker containers
docker firewall golang security
Last synced: 05 Jul 2025
https://github.com/scille/parsec-cloud
Open source Dropbox-like file sharing with full client encryption !
cloud dropbox file-sharing privacy security sharing-data
Last synced: 31 Jan 2026
https://github.com/z0ph/aws-security-toolbox
AWS Security Tools (AST) in a simple Docker container. :package:
amazon-web-services assessments audit aws security
Last synced: 26 Mar 2025
https://github.com/chriskaliX/Hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
agent ebpf ebpf-programs ebpf-sec golang hids libbpf linux netlink runtime-security rust security
Last synced: 11 Jul 2025
https://github.com/joinmarket-webui/jam
Your sats. Your privacy. Your profit.
Last synced: 15 May 2025
https://github.com/inspektor-dev/inspektor
Inspektor is a protocol-aware proxy that is used to enforce access policies👮
access-control acl authorization go iam openpolicyagent permissions rbac rust security vuejs
Last synced: 03 Apr 2025
https://github.com/pashword/pashword
🔒 Pashword - Never forget passwords ever again! Free and Open Source Hashed Password Generator
pashword password password-generator password-manager security
Last synced: 04 Apr 2025
https://github.com/trailofbits/SecureEnclaveCrypto
Demonstration library for using the Secure Enclave on iOS
apple crypto ios keychain keypair macos secure-enclave-processor security swift
Last synced: 02 Aug 2025
https://github.com/slowmist/papers
SlowMist Vulnerability Research Advisories
advisories blockchain security vulnerability
Last synced: 11 Apr 2025
https://github.com/navikt/mock-oauth2-server
A scriptable/customizable web server for testing HTTP clients using OAuth2/OpenID Connect or applications with a dependency to a running OAuth2 server (i.e. APIs requiring signed JWTs from a known issuer)
authorization-server docker java junit5 jwt kotlin mock mock-oauth2-server nav-authnz oauth2 oidc openid-connect security token tokens
Last synced: 15 May 2025
https://github.com/zaproxy/action-full-scan
A GitHub Action for running the ZAP Full scan
actions dast devsecops github-actions security
Last synced: 23 Aug 2025
https://github.com/breard-r/libreauth
LibreAuth is a collection of tools for user authentication.
authentication hotp library oath password password-hash password-storage security totp
Last synced: 15 May 2025
https://github.com/leiweibau/Pi.Alert
Scan the devices connected to your WIFI / LAN and alert you the connection of unknown devices. It also warns if a "always connected" device disconnects. In addition, it is possible to check web services for availability. For this purpose HTTP status codes and the response time of the service are evaluated.
arp-scan intrusion-detection network-security pi-hole pialert security self-hosted
Last synced: 07 Apr 2025
https://github.com/projectdiscovery/dnsprobe
DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
bugbounty dns dns-utils dnsprobe retryabledns security subdomain
Last synced: 06 Apr 2025
https://github.com/madhuakula/hacker-container
The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.
container docker hacker-container hacking infosec kubernetes kubernetes-cluster pentest pentesting security security-tools tools
Last synced: 08 Oct 2025
https://github.com/avahowell/masterkey
secure interactive password manager with xchacha20poly1305, argon2id, and Go
cryptography interactive password-manager security unix vault
Last synced: 23 Jun 2025
https://github.com/tensult/cloud-reports
Scans your AWS cloud resources and generates reports. Check out free hosted version:
analyzer aws best-practices cloud cloud-computing html json pdf puppeteer reports scans security
Last synced: 16 May 2025
https://github.com/dhammon/ai-goat
Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.
Last synced: 06 Apr 2025
https://github.com/0x4d31/honeybits
A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
breadcrumbs deception go golang honeybits honeypot honeytoken honeytrap security trap
Last synced: 12 May 2025
https://github.com/duriantaco/skylos
Skylos is the watchdog for your repository. It maps your code's structure to hunt down dead logic, trace tainted data, and kill security rot
codequality python security securitytools
Last synced: 02 Feb 2026
https://github.com/alulsh/personal-security-checklist
Personal security checklist for securing your devices and accounts.
infosec personal-security security
Last synced: 25 Feb 2025
https://github.com/firefart/hijagger
Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
bugbounty golang hacking npm pypi security security-tools
Last synced: 07 Apr 2025
https://github.com/deadbits/insecureprogramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
c exploitation learning-exercise security security-vulnerability vulnerabilities
Last synced: 09 Apr 2025
https://github.com/0x4D31/honeybits
A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
breadcrumbs deception go golang honeybits honeypot honeytoken honeytrap security trap
Last synced: 11 Jul 2025
https://github.com/juice-shop/multi-juicer
Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
capture-the-flag ctf-platform hacking hacktoberfest juice-shop kubernetes owasp security
Last synced: 08 Apr 2025
https://github.com/edoardottt/missing-cve-nuclei-templates
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
automation bug-bounty bug-hunting bugbounty bugbounty-tool bugbountytips cve cve-scanning hacking nuclei nuclei-engine nuclei-templates penetration-testing pentesting projectdiscovery security security-tools vulnerability-detection vulnerability-scanners
Last synced: 09 Apr 2025
https://github.com/nairuzabulhul/.codebits
:books: List of resources for Algorithms and Data Structures in Python & other CS topics @2017
algorithm algorithms books c computer-science databases django-tutorial hackerrank interview interview-questions leetcode networking operating-system programming programming-tutorial python python-tutorial resources security tech-interviews
Last synced: 06 Apr 2025
https://github.com/envless/envless
OpenSource, frictionless and secure way to share and manage app secrets across teams.
aws azure cli coss e2ee e2ee-encryption env envless gcp good-first-issue javascript k8s nextjs openpgp opensource secrets security typescript vercel
Last synced: 15 May 2025
https://github.com/ivangabriele/clamav-desktop
Cross-platform Desktop GUI for ClamAV antivirus.
antivirus clamav clamav-client daemon debian desktop desktop-app desktop-client gui linux macos open-source react rust security sidecar tauri typescript ubuntu windows
Last synced: 12 Apr 2025
https://github.com/petermosmans/security-scripts
A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
nikto nmap python security security-scanner security-tools ssl testssl
Last synced: 07 Apr 2025
https://github.com/fbonalair/traefik-crowdsec-bouncer
A http service to verify request and bounce them according to decisions made by CrowdSec.
container-image crowdsec crowdsec-bouncer go golang security traefik traefik-v2 webapp
Last synced: 02 Apr 2025
https://github.com/yaseng/iot-security-wiki
IOT security wiki
iot iot-security security security-wiki wiki
Last synced: 03 May 2025
https://github.com/azat-io/actions-up
🌊 Interactive CLI tool to update GitHub Actions to latest versions with SHA pinning
actions cli dependencies github-actions security workflow
Last synced: 07 Oct 2025
https://github.com/iantrich/restriction-card
🔒 Apply restrictions to Lovelace cards
custom-card home-assistant lovelace security
Last synced: 26 Oct 2025
https://github.com/DontPanicO/jwtXploiter
A tool to test security of json web token
ctf ctf-tools jku jsonwebtoken jwks jwt jwt-cracker jwt-exploit jwt-security penetration-testing penetration-testing-tools pentest pentest-tool pentesting pentesting-tools security security-tools websecurity x5u-injection
Last synced: 13 May 2025
https://github.com/kevalpatel2106/PasscodeView
PasscodeView is an Android Library to easily and securely authenticate user with PIN code or using the fingerprint scanner.
android-library authentication fingerprint-authentication pattern-lock pincode security
Last synced: 21 Apr 2025
https://github.com/ThreatUnknown/jsubfinder
jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
bugbounty pentesting proxy security security-tools
Last synced: 19 Apr 2025
https://github.com/misp/misp-taxonomies
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
adversary classification enisa-threat-taxonomy government-classification-markings incident incident-classification incident-response incident-taxonomy information-exchange machine-tags malware misp-taxonomies misp-taxonomy security taxonomy
Last synced: 08 May 2025
https://github.com/pac4j/spring-security-pac4j
Bridge from the pac4j security library to Spring Security (reactive)
authentication authorization cas facebook java jwt ldap login logout mongodb oauth openid-connect saml security social-login spring-boot spring-security sql twitter
Last synced: 26 Mar 2025
https://github.com/dontpanico/jwtxploiter
A tool to test security of json web token
ctf ctf-tools jku jsonwebtoken jwks jwt jwt-cracker jwt-exploit jwt-security penetration-testing penetration-testing-tools pentest pentest-tool pentesting pentesting-tools security security-tools websecurity x5u-injection
Last synced: 05 Apr 2025
https://github.com/teemu-l/execution-trace-viewer
Tool for viewing and analyzing execution traces
pyqt5 python reverse-engineering security security-tools x64dbg
Last synced: 10 May 2025
https://github.com/oisf/suricata-update
The tool for updating your Suricata rules.
ids ips network-monitoring nsm security suricata
Last synced: 15 May 2025
https://github.com/lazywinadmin/Monitor-ADGroupMembership
PowerShell script to monitor Active Directory groups and send an email when someone is changing the membership
active-directory hacktoberfest monitoring powershell reporting security
Last synced: 10 Apr 2025
https://github.com/pavanw3b/sh00t
Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
django penetration-testing python security
Last synced: 02 Apr 2025
https://github.com/skyplabs/probequest
Toolkit for Playing with Wi-Fi Probe Requests
dot11 monitoring network-attacks python python3 scapy security sniffer toolkit wifi wifi-security wireless
Last synced: 15 May 2025
https://github.com/ibm/audit-ci
Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
audit audit-ci bun ci github-actions npm pnpm security yarn
Last synced: 13 Apr 2025
https://github.com/Attacks-on-Tor/Attacks-on-Tor
Thirteen Years of Tor Attacks
cyber-security hidden-services onion onion-routing security tor tor-network tor-traffic
Last synced: 27 Sep 2025
https://github.com/saasform/saasform
Add signup & payments to your SaaS in minutes.
authentication payments saas security
Last synced: 15 Mar 2025
https://github.com/lazywinadmin/monitor-adgroupmembership
PowerShell script to monitor Active Directory groups and send an email when someone is changing the membership
active-directory hacktoberfest monitoring powershell reporting security
Last synced: 26 Jun 2025
https://github.com/Scille/parsec-cloud
Open source Dropbox-like file sharing with full client encryption !
cloud dropbox file-sharing privacy security sharing-data
Last synced: 14 Mar 2025
https://github.com/OISF/suricata-update
The tool for updating your Suricata rules.
ids ips network-monitoring nsm security suricata
Last synced: 10 May 2025
https://github.com/kstenerud/concise-encoding
The secure data format for a modern world
data-structures data-visualization datastructures documentation encoding json parsing security specification xml
Last synced: 12 Sep 2025
https://github.com/badkeys/badkeys
Tool to find common vulnerabilities in cryptographic public keys
cryptography publickey rsa security
Last synced: 03 Jan 2026
https://github.com/redpwn/rctf
redpwn's CTF platform
ctf ctf-framework ctf-platform ctf-scoreboard ctf-tools ctfd ctftime education rctf security
Last synced: 02 Apr 2025
https://github.com/lucasfaudman/apkscan
Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).
android apktool cfr concurrency decompiler decompiler-java enjarify fernflower jadx java krakatau mobile penetration-testing procyon secret-scanner secret-scanning security security-tools
Last synced: 05 Apr 2025
https://github.com/edoverflow/contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
bugbounty infosec osint security
Last synced: 06 Apr 2025
https://github.com/IBM/audit-ci
Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
audit audit-ci bun ci github-actions npm pnpm security yarn
Last synced: 25 Mar 2025
https://github.com/synwall/synwall
A zero-configuration (IoT) firewall
c driver firewall linux-kernel security
Last synced: 09 Apr 2025
https://github.com/mrwiora/nameinator
NAMEinator DNS Benchmark tool (namebench successor)
Last synced: 14 Jan 2026
https://github.com/EdOverflow/contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
bugbounty infosec osint security
Last synced: 12 Jul 2025
https://github.com/etherdream/js-port-knocking
Web 端口敲门的奇思妙想
ddos-mitigation javascript portknocking security
Last synced: 08 May 2025
https://github.com/R3LI4NT/Wifi-Hack
Herramienta automatizada para crackear redes WiFi con protección WPA2 y WPS.
aircrack hacking-tool linux python3 security wifi-hack wifi-hacking wifihack wpa2 wps
Last synced: 18 Jul 2025
https://github.com/makenowjust-labs/recheck
The trustworthy ReDoS checker
eslint-plugin javascript redos redos-checker scala security vulnerability
Last synced: 15 May 2025
https://github.com/chrispetrou/FDsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
directory-traversal directory-traversal-vulnerability enumeration exploitation file-include fuzzing hacking inclusion lfi lfi-shells lfi-vulnerability oscp owasp path-traversal penetration-testing pentesting rfi security security-tools web-security
Last synced: 02 Apr 2025
https://github.com/gradle/wrapper-validation-action
Gradle Wrapper Validation Action
github-action gradle gradle-bt gradle-bt-core-runtime gradle-wrapper security
Last synced: 28 Feb 2025
https://github.com/googlecloudplatform/jit-groups
JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.
gcp google-cloud iam privileged-access-management security
Last synced: 16 May 2025
https://github.com/tinyclub/elinux
嵌入式 Linux 知识库 (elinux.org) 中文翻译计划;本项目发起人发布了《360° 剖析 Linux ELF》视频课程,欢迎订阅:https://www.cctalk.com/m/group/88089283
android boards bootloader chinese-translation debugging drivers embedded-linux fastboot firmware hardware linux multimedia network profiling realtime security toolchain tracing
Last synced: 09 Apr 2025
https://github.com/securityfirst/Umbrella_android
Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.
activism advice crypto encryption hacking human-rights-defenders infosec journalism lessons opensource protest risk security snowden travel umbrella
Last synced: 11 Jul 2025
https://github.com/zeek/spicy
C++ parser generator for dissecting protocols & files.
Last synced: 13 Jun 2025
https://github.com/gremwell/o365enum
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
office365 security user-enumeration
Last synced: 07 Apr 2025
https://github.com/bolunwang/backdoor
Code implementation of the paper "Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks", at IEEE Security and Privacy 2019.
backdoor-attacks deep-learning keras python security trojan
Last synced: 27 Jul 2025
https://github.com/enygma/expose
An Intrusion Detection System library loosely based on PHP IDS
intrusion-detection php phpids security
Last synced: 08 Oct 2025
https://github.com/destiner/blocksmith
Bitcoin/Ethereum key manipulation
bitcoin cryptocurrency cryptography ethereum security
Last synced: 20 Oct 2025
https://github.com/HugoRCD/shelve
Open-source secret & environment management. Secure, simple, collaborative. CLI & Github Sync
cli collaboration developer-experience developer-tools env environment-variables github open-source secrets secrets-management security self-hosted workflow
Last synced: 09 Jul 2025
https://github.com/mrexodia/perfect-dll-proxy
Perfect DLL Proxying using forwards with absolute paths.
dll-hijacking redteam-tools reverse-engineering security windows
Last synced: 13 Apr 2025
https://github.com/yingtongdou/care-gnn
Code for CIKM 2020 paper Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters
datamining deep-learning fraud-detection fraud-prevention graphneuralnetwork machine-learning reinforcement-learning security
Last synced: 09 Apr 2025
https://github.com/geeknik/the-nuclei-templates
Nuclei templates written by us.
fuzzing hacking infosec nuclei open-source oss security templates
Last synced: 07 Aug 2025
https://github.com/YingtongDou/CARE-GNN
Code for CIKM 2020 paper Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters
datamining deep-learning fraud-detection fraud-prevention graphneuralnetwork machine-learning reinforcement-learning security
Last synced: 11 May 2025
https://github.com/albuch/sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
appsec cve devops devsecops infosec nvd owasp owasp-dependencycheck sbt sbt-plugin scala security security-audit security-automation software-composition-analysis software-security static-analysis vulnerabilities vulnerability-scanners
Last synced: 12 Jan 2026
https://github.com/trailofbits/osquery-extensions
osquery extensions by Trail of Bits
intrusion-detection monitoring osquery security sql
Last synced: 27 Oct 2025
https://github.com/paragonie/certainty
Automated cacert.pem management for PHP projects
cacert cert-bundles certainty certificate composer pem-management php security security-tools tls tls-certificate tls-certificates x509certificates
Last synced: 16 May 2025
https://github.com/deadbits/InsecureProgramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
c exploitation learning-exercise security security-vulnerability vulnerabilities
Last synced: 20 Mar 2025
https://github.com/bridgecrewio/checkov-action
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
bridgecrew compliance devsecops hacktoberfest marketplace scanning security static-analysis terraform
Last synced: 14 May 2025
https://github.com/0x4D31/salt-scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
devops devops-tools python salt saltstack security security-audit security-scanner security-tools vulnerability-scanners vulnerability-scanning
Last synced: 22 Mar 2025
https://github.com/project-dalec/dalec
📦 Produce secure packages and containers with declarative configurations
almalinux azure-linux build-tools buildkit cloud-native containers debian debian-packages declarative devops golang kubernetes linux package-manager packages rockylinux security security-tools ubuntu ubuntu-packages
Last synced: 17 Jan 2026
