Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-02-06 00:29:49 UTC
- JSON Representation
https://github.com/deadbits/InsecureProgramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
c exploitation learning-exercise security security-vulnerability vulnerabilities
Last synced: 20 Mar 2025
https://github.com/paragonie/certainty
Automated cacert.pem management for PHP projects
cacert cert-bundles certainty certificate composer pem-management php security security-tools tls tls-certificate tls-certificates x509certificates
Last synced: 16 May 2025
https://github.com/autistic-symposium/blockchains-security-toolkit
👾 notes and resources on decentralized protocols (e.g. oracles, bridges, honeypots, cryptography, decompilers, static analysis, bug bounties)
aurora blockchain blockchain-security cypherpunk defi ethereum evm near rust security smart-contracts solidity
Last synced: 28 Feb 2025
https://github.com/0x4d31/salt-scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
devops devops-tools python salt saltstack security security-audit security-scanner security-tools vulnerability-scanners vulnerability-scanning
Last synced: 01 Oct 2025
https://github.com/aboutcode-org/aboutcode
AboutCode project: tools and data to uncover things about code: the provenance, origin, license, and more (packages, security, quality, etc.) of FOSS code. Get started at https://aboutcode.readthedocs.io/
aboutcode dejacode license purl sbom sca scancode security
Last synced: 28 Jan 2026
https://github.com/SPuerBRead/shovel
Docker容器逃逸工具(Docker Escape Tools)
capability container docker escape security security-tools
Last synced: 04 Apr 2025
https://github.com/mrwiora/NAMEinator
NAMEinator DNS Benchmark tool (namebench successor)
Last synced: 21 Mar 2025
https://github.com/panagiks/rspet
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
backdoor hacking pentesting plug-ins post-exploitation reverse-shell security security-audit udp-flood udp-spoof
Last synced: 06 Apr 2025
https://github.com/PeterMosmans/security-scripts
A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
nikto nmap python security security-scanner security-tools ssl testssl
Last synced: 08 Apr 2025
https://github.com/panagiks/RSPET
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
backdoor hacking pentesting plug-ins post-exploitation reverse-shell security security-audit udp-flood udp-spoof
Last synced: 15 May 2025
https://github.com/jollheef/appvm
Nix-based app VMs
isolation isolation-framework libvirt nix nixos security security-hardening virtualization
Last synced: 09 Apr 2025
https://github.com/cisagov/scubagoggles
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
cisa cybersecurity google google-workspace gws opa open-policy-agent open-source python scuba scubaconnect security security-automation
Last synced: 14 Oct 2025
https://github.com/Idov31/MrKaplan
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
attack cyber cybersecurity evasion infosec infosectools powershell red-team red-teaming security security-tools windows
Last synced: 21 Jul 2025
https://github.com/DegateCommunity/Degate
A modern and open-source cross-platform software for chips reverse engineering.
chips cpp cross-platform cybersecurity gui multi-platform reverse-engineering security security-tools verilog vhdl vlsi
Last synced: 12 May 2025
https://github.com/guardianproject/tor-android
Tor binary and library for Android
android anonymity firewall library onion-routing proxy security tor
Last synced: 11 Jan 2026
https://github.com/SkypLabs/probequest
Toolkit for Playing with Wi-Fi Probe Requests
dot11 monitoring network-attacks python python3 scapy security sniffer toolkit wifi wifi-security wireless
Last synced: 25 Mar 2025
https://github.com/sigstore/sigstore-python
A Sigstore client written in Python
codesigning python security supply-chain
Last synced: 26 Jan 2026
https://github.com/idov31/mrkaplan
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
attack cyber cybersecurity evasion infosec infosectools powershell red-team red-teaming security security-tools windows
Last synced: 09 Apr 2025
https://github.com/Esser50K/EvilTwinFramework
A framework for pentesters that facilitates evil twin attacks as well as exploiting other wifi vulnerabilities
evil-twin framework hacking pentesters security toolkit
Last synced: 02 Apr 2025
https://github.com/esser50k/eviltwinframework
A framework for pentesters that facilitates evil twin attacks as well as exploiting other wifi vulnerabilities
evil-twin framework hacking pentesters security toolkit
Last synced: 06 Apr 2025
https://github.com/alivx/cis-ubuntu-20.04-ansible
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
ansible ansible-role automation cis cis-aws-benchmark cis-benchmark cis-benchmarks cisecurity hardening owasp playbook-ansible security security-audit security-tools ubuntu ubuntu2004
Last synced: 05 Apr 2025
https://github.com/alivx/CIS-Ubuntu-20.04-Ansible
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
ansible ansible-role automation cis cis-aws-benchmark cis-benchmark cis-benchmarks cisecurity hardening owasp playbook-ansible security security-audit security-tools ubuntu ubuntu2004
Last synced: 26 Mar 2025
https://github.com/cuprate/cuprate
Cuprate, an upcoming experimental, modern & secure Monero node. Written in Rust
cryptocurrency monero monero-integrations monerod network network-programming peer-to-peer rust rust-lang security
Last synced: 23 Oct 2025
https://github.com/r3li4nt/wifi-hack
Herramienta automatizada para crackear redes WiFi con protección WPA2 y WPS.
aircrack hacking-tool linux python3 security wifi-hack wifi-hacking wifihack wpa2 wps
Last synced: 26 Mar 2025
https://github.com/passbolt/passbolt_browser_extension
Browser extensions (Firefox, Edge & Chrome) for Passbolt the open source password manager for teams
browser-extension manager passbolt password password-manager productivity security
Last synced: 21 Jan 2026
https://github.com/automorphic-ai/aegis
Self-hardening firewall for large language models
adversarial-attacks large-language-models llmops prompt-injection security
Last synced: 28 Mar 2025
https://github.com/rfc-st/humble
A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.
analysis checklist cybersecurity header-parser headers http infosec kali-linux owasp python3 security security-audit security-scanner security-tools
Last synced: 12 Jul 2025
https://github.com/moabukar/cks-exercises-certified-kubernetes-security-specialist
A set of curated exercises to help you prepare for the CKS exam
anchore apparmor audit-log cks containerd containers falco gvisor kube-bench kubernetes networkpolicies opa seccomp secrets-management security security-tools static-analysis sysdig trivy
Last synced: 06 Apr 2025
https://github.com/wstxda/clippy
Copy links from the sharing menu with automatic removal of shorteners and trackers
android android-application android-development application clipboard copy kotlin kotlin-android material-design material-ui mobile safety security security-tools share shortener trackers
Last synced: 12 Apr 2025
https://github.com/common-fate/iamzero
Identity & Access Management simplified and secure.
aws cloud cloud-security iam security security-tools
Last synced: 12 Jan 2026
https://github.com/custom-cards/surveillance-card
A custom component for displaying camera feeds in the style of a surveillance system.
camera home-assistant motion security
Last synced: 07 Apr 2025
https://github.com/phellipeandrade/rbac
Hierarchical Role-Based Access Control for Node.js
acl authorization hierarchical javascript nodejs permissions rbac role security
Last synced: 30 Mar 2025
https://github.com/en0th/ElectricRat
电气鼠靶场系统是一种带有漏洞的Web应用程序,旨在为Web安全渗透测试学习者提供学习和实践的机会。The Electrical Mouse Target Range System is a web application with vulnerabilities designed to provide learning and practice opportunities for web security penetration testing learners.
Last synced: 07 Sep 2025
https://github.com/jettchent/scan-for-webcams
scan for webcams on the internet
clarifai python scraping security shodan shodan-python webcam webcams
Last synced: 13 Aug 2025
https://github.com/remind101/ssm-env
Expand env variables from AWS Parameter Store
Last synced: 04 Feb 2026
https://github.com/StringCare/AndroidLibrary
Android library to reveal or obfuscate strings and assets at runtime
android android-library android-reverse android-security assets assets-management encrypt encrypted-data encrypted-strings encryption gradle obfuscate-strings obfuscation reverse-engineering security security-tools string string-conversion string-encoding string-manipulation
Last synced: 11 Jul 2025
https://github.com/stamparm/blackbook
Blackbook of malware domains
domains intrusion-detection malware-detection network-forensics network-monitoring security threats
Last synced: 02 Feb 2026
https://github.com/joinmarket-webui/joinmarket-webui
Your sats. Your privacy. Your profit.
Last synced: 25 Mar 2025
https://github.com/werf/trdl
The universal solution for delivering your software updates securely from a trusted The Update Framework (TUF) repository.
continuous-delivery security tuf update werf
Last synced: 08 Apr 2025
https://github.com/pirate/webrtcchat
:lock_with_ink_pen: Pure Browser To Browser Chat (STUN & ICE Servers optional)
chat-application ice-servers javascript security stun webrtc webrtc-demos
Last synced: 24 Mar 2025
https://github.com/rsmusllp/termineter
Smart Meter Security Testing Framework
Last synced: 07 Apr 2025
https://github.com/Pkcs11Interop/Pkcs11Interop
Managed .NET wrapper for unmanaged PKCS#11 libraries
crypto cryptography hsm pkcs pkcs11 security smartcard
Last synced: 14 Mar 2025
https://github.com/stringcare/androidlibrary
Android library to reveal or obfuscate strings and assets at runtime
android android-library android-reverse android-security assets assets-management encrypt encrypted-data encrypted-strings encryption gradle obfuscate-strings obfuscation reverse-engineering security security-tools string string-conversion string-encoding string-manipulation
Last synced: 07 May 2025
https://github.com/cado-security/varc
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security
Last synced: 08 May 2025
https://github.com/semmle/securityexploits
This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits
exploits ql security vulnerabilities
Last synced: 02 Apr 2025
https://github.com/presidentbeef/inject-some-sql
Have fun injecting SQL into a Ruby on Rails application!
rails ruby ruby-on-rails security sql-injection sqli
Last synced: 07 Apr 2025
https://github.com/eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
azure azure-sentinel cloudsecurity hunting incident-response ir microsoft microsoft-sentinel secops security siem soc threat-hunting threat-intelligence
Last synced: 26 Apr 2025
https://github.com/codecentric/gopass-ui
gopass CLI + UI = visual cross-platform password manager for teams
git gopass gpg pass password-manager password-store security ui
Last synced: 09 Apr 2025
https://github.com/monzo/egress-operator
A Kubernetes operator to produce egress gateway Envoy pods and control access to them with network policies
egress envoy kubernetes networking operator security
Last synced: 12 Apr 2025
https://github.com/cogolabs/beyond
BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust
Last synced: 09 Apr 2025
https://github.com/cogolabs/transcend
BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust
Last synced: 19 Mar 2025
https://github.com/botherder/androidqf
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
android forensics malware-research security
Last synced: 16 Jan 2026
https://github.com/bongochong/CombinedPrivacyBlockLists
Ad-blocking hosts files, IP block lists, PAC filters, ABP / uBO / ADG subscriptions, and a whole lot more. All merged from multiple reputable sources, combined with my own research. Also, script-based utilities to help you create such things yourself. Updated at least once every two weeks, usually more frequently. Since 2017.
ad-blocking ancient-truths bash bittorrent blocklists bromite cygwin dns file-sharing foss freedom gnu hosts linux mac p2p pihole privacy security shell-scripting
Last synced: 30 Apr 2025
https://github.com/sandworm-hq/sandworm-guard-js
Easy auditing & sandboxing for your JavaScript dependencies 🪱
audit compartments compliance dependencies dependency-analysis dynamic-analysis hardening intercept lockdown permission permissions sandbox security security-audit security-tools ses supply-chain vulnerability-scanners zero-trust
Last synced: 08 Apr 2025
https://github.com/omergunal/PoT
Phishing on Twitter
phishing security social-engineering
Last synced: 27 Jul 2025
https://github.com/intel/tsffs
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Last synced: 13 May 2025
https://github.com/alanvivona/pwnshop
Exploit Development, Reverse Engineering & Cryptography
arm buffer-overflow c crackme crypto cryptography exploit-development format-string-attack go golang infosec python reverse-engineering rop security shellcode writeup x64 x86
Last synced: 17 Mar 2025
https://github.com/ksg97031/frida-gadget
Automated tool for patching APKs to enable the use of Frida gadget by downloading the library and injecting code into the main activity.
android apk frida frida-gadget pentest reversing security
Last synced: 05 Oct 2025
https://github.com/dopplerhq/cli
The official CLI for interacting with your Doppler secrets and configuration.
cli doppler doppler-cli environment-variables secret-management secrets secrets-management secrets-manager security
Last synced: 28 Jan 2026
https://github.com/activecm/passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
capturing-packets dns docker-command gplv3 hacktoberfest linux macosx network-monitoring packet-analyzer packet-sniffer packets passer pcap pcap-analyzer python python-2 scapy security sniffer
Last synced: 09 Apr 2025
https://github.com/trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
bugbounty bugbountytips enumeration infosec infosectools penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security security-tools subdomain subdomain-enumeration subdomain-finder subdomain-scanner
Last synced: 24 Dec 2025
https://github.com/reveng007/reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
antirootkit-bypass backdoor c hacking-tool hacktoberfest kernel-mode-rootkit linux linux-device-driver linux-kernel linux-kernel-module malware post-exploitation-toolkit redteam redteam-tools ring0 rkhunter-antirootkit security security-tools
Last synced: 09 Apr 2025
https://github.com/JettChenT/scan-for-webcams
scan for webcams on the internet
clarifai python scraping security shodan shodan-python webcam webcams
Last synced: 12 Jul 2025
https://github.com/macmade/filevaultcracker
macOS FileVault cracking tool
brute-force corestorage crack cracking filevault hacking macos password security wordlist
Last synced: 19 Apr 2025
https://github.com/jarryshaw/pypcapkit
Python-based Comprehensive Network Packet Analysis Library
computer-networking network network-security network-tools packet-analyser packet-analysis packet-analyzer packet-crafting pcap pcap-analyzer pcap-parser python python3 security security-tools
Last synced: 10 Jun 2025
https://github.com/alegrey91/systemd-service-hardening
Basic guide to harden systemd services
hardening linux security systemd
Last synced: 20 Aug 2025
https://github.com/chrispetrou/hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
ethical-hacking flask hacking http-reverse https https-server injection metasploit oscp penetration-testing pentesting post-exploitation red-team reverse-shell security shellcode-injection shellcode-injector tls tls-support tornado
Last synced: 11 May 2025
https://github.com/GitHubSecurityLab/actions-permissions
GitHub token permissions Monitor and Advisor actions
Last synced: 08 Apr 2025
https://github.com/chrispetrou/HRShell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
ethical-hacking flask hacking http-reverse https https-server injection metasploit oscp penetration-testing pentesting post-exploitation red-team reverse-shell security shellcode-injection shellcode-injector tls tls-support tornado
Last synced: 30 Mar 2025
https://github.com/xuanxuan0/TiEtwAgent
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
detection edr injection memory-scanning security
Last synced: 11 Jul 2025
https://github.com/Ziconius/FudgeC2
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
c2 command-and-control cybersecurity implant offensive-security post-exploitation powershell purpleteam python3 readteaming redteam security security-tools
Last synced: 24 Mar 2025
https://github.com/reconmap/pentest-reports-static
Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
hacktoberfest infosec oscp-prep penetration-testing pentest-report pentest-reports pentesting security
Last synced: 26 Feb 2025
https://github.com/lucasfrag/kali-linux-tools-interface
Graphical Web interface developed to facilitate the use of security information tools.
analysis attack bootstrap cybersecurity education hacking hacking-tools kali-linux pentesting php7 security ssh whitehat
Last synced: 03 Apr 2025
https://github.com/geeksonsecurity/vuln-web-apps
A curated list of vulnerable web applications.
security security-scanner vulnerabilities vulnerability-scanners
Last synced: 13 May 2025
https://github.com/projectmatris/antimalwareapp
Anti-malware for Android using machine learning
android android-application android-development anti-malware antivirus foss hacktoberfest libre-av libreav machine-learning malware-detection matris project projectmatris security
Last synced: 02 Apr 2025
https://github.com/GoogleCloudPlatform/jit-groups
JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.
gcp google-cloud iam privileged-access-management security
Last synced: 22 Mar 2025
https://github.com/joychou93/sks
Security Knowledge Structure(安全知识汇总)
deserialize java nginx-lua php python security waf webshell xxe
Last synced: 10 May 2025
https://github.com/NodeSecure/js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
ast ast-analysis javascript nodejs sast security security-audit security-tools supply-chain-security
Last synced: 09 May 2025
https://github.com/alechilczenko/spidex
Continuous reconnaissance network scanner designed for large-scale scans, collecting information on all Internet assets.
banner-grabbing censys command-line-tool internet-of-things iot pentesting port-scanner port-scanning python3 scraping search-engine security security-tools shodan zoomeye
Last synced: 12 Jul 2025
https://github.com/SimplyBuilt/SimonSays
💂 Simple, declarative, role-based access control system for Rails and Ruby
authorization authorizer declarative rails role-based-access-control ruby security
Last synced: 16 Jul 2025
https://github.com/simplybuilt/simonsays
💂 Simple, declarative, role-based access control system for Rails and Ruby
authorization authorizer declarative rails role-based-access-control ruby security
Last synced: 05 Apr 2025
https://github.com/nodesecure/js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
ast ast-analysis javascript nodejs sast security security-audit security-tools supply-chain-security
Last synced: 26 Jan 2026
https://github.com/berryalen02/PECracker
针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.
Last synced: 07 Sep 2025
https://github.com/pralab/secml_malware
Create adversarial attacks against machine learning Windows malware detectors
adversarial-machine-learning attack infosec machine-learning python security
Last synced: 14 Jan 2026
https://github.com/tink-crypto/tink-java
Java implementation of Tink
crypto cryptography java security
Last synced: 14 Jan 2026
https://github.com/JoyChou93/sks
Security Knowledge Structure(安全知识汇总)
deserialize java nginx-lua php python security waf webshell xxe
Last synced: 13 Mar 2025
https://github.com/onur-ozkan/nestjs-rate-limiter
Highly configurable and extensible rate limiter library
guard nestjs rate-limiter request-limiter security
Last synced: 01 Oct 2025
https://github.com/ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
401 403 broken-access-controls brute-force bug-bounty bypass curl ethical-hacking fuzzing offensive-security open-redirect owasp-top-10 penetration-testing pycurl python python-requests red-team-engagement security web web-penetration-testing
Last synced: 15 May 2025
https://github.com/karimhabush/cyberowl
A daily updated summary of the most frequent types of security advisories currently being reported from different sources.
cisa cve security security-alerts vulnerability
Last synced: 16 Apr 2025
https://github.com/qoomon/aws-ssm-ssh-proxy-command
AWS SSM SSH Proxy Command
aws aws-cli aws-ssm ec2 managed-instance proxy-command security ssh ssh-proxy-command
Last synced: 16 May 2025
