Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-02-06 00:29:49 UTC
- JSON Representation
https://github.com/nairuzabulhul/r3d-buck3t
Penetration Testing, Vulnerability Assessment and Red Team Learning
activedirectory hacking infosec linux online-learning oscp penetration-testing pentesting pesntesting pluralsight python redteam security
Last synced: 05 Apr 2025
https://github.com/crissyfield/troll-a
Drill into WARC web archives
command-line-tool common-crawl internet-archive security security-tools warc
Last synced: 16 Jan 2026
https://github.com/cado-security/rip_raw
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
dfir dfir-automation forensic-analysis forensics memory-forensics security
Last synced: 12 Jul 2025
https://github.com/peterdavehello/url-shorteners
A comprehensive, high-quality URL shorteners domain list for whitelist/allowlist or blacklist/blocklist purposes, utilized by NextDNS, ControlD, RethinkDNS, dnslow.me, and other OSINT projects.
adguard-blocklist allowlist blacklist blocking blocklist cyber-security dns dnsbl domain hacktoberfest hosts malware osint phishing pihole privacy security threat-intelligence url-shortener whitelist
Last synced: 04 Apr 2025
https://github.com/skerkour/bloom-legacy
DEPRECATED - End-to-end encrypted Notes, Files, Calendar, Contacts... for Android, IOS, Linux & MacOS
bloom e2ee encryption end-to-end-encryption go golang rust security vue vuejs
Last synced: 30 Aug 2025
https://github.com/criteo/kerberos-docker
Run kerberos environment in docker containers
devops docker kerberos security
Last synced: 04 Apr 2025
https://github.com/moltenbit/how-to-secure-a-linux-server-with-ansible
Ansible playbooks of "How To Secure A Linux Server".
ansible ansible-playbook ansible-role ansible-roles hardening hardening-steps linux linux-server security security-hardening server
Last synced: 07 Jul 2025
https://github.com/xerohackcom/Chaya
Advance Image Steganography
aes cybersecurity flif image linux lps lsb privacy python security steganography
Last synced: 12 Jul 2025
https://github.com/enkomio/sojobo
A binary analysis framework
b2r2 dotnet fsharp malware-analysis malware-analyzer malware-research program-analysis reverse-engineering security security-framework security-tools
Last synced: 22 Apr 2025
https://github.com/kurtbrose/pyjks
a pure python Java KeyStore file parser, including private key decryption
cryptography jceks jks keystore pyasn1 python security ssl
Last synced: 04 Apr 2025
https://github.com/chocapikk/cve-2023-22515
CVE-2023-22515: Confluence Broken Access Control Exploit
broken-access-control confluence cve-2023-22515 exploit infosec privilege-escalation security vulnerability
Last synced: 11 Aug 2025
https://github.com/sief/play-guard
Play2 module for rate limiting, based on token bucket algorithm
failure-rate play-framework rate-limiting scala security
Last synced: 03 May 2025
https://github.com/IamHDT/Ecommerce-Website-Security-CheckList
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
bug-bounty ecomm ecommerce hacker hacking security
Last synced: 11 Jul 2025
https://github.com/szepeviktor/waf4wordpress
WAF for WordPress 🔥 with 60+ security checks and weekly updates
fail2ban firewall plugin security waf wordpress wordpress-security
Last synced: 08 Apr 2025
https://github.com/geekmasher/advanced-security-compliance
GitHub Advance Security Compliance Action
code-scanning devsecops ghas security security-automation
Last synced: 30 Mar 2025
https://github.com/mav8557/father
LD_PRELOAD rootkit
backdoor c ld-preload linux malware redteam rootkit security
Last synced: 17 Sep 2025
https://github.com/lukechilds/chest
Bash glue to encrypt and hide files
bash cli command-line cryptography encryption password-manager security
Last synced: 14 Apr 2025
https://github.com/kaansk/shomon
Shodan Monitoring integration for TheHive.
golang incident-management incident-response incident-response-tooling security security-tools shodan thehive
Last synced: 14 Jan 2026
https://github.com/ubernostrum/pwned-passwords-django
Utilities for working with the Pwned Passwords database from Django.
django password-strength passwords pwned-passwords python security
Last synced: 16 May 2025
https://github.com/googlecloudplatform/inspec-gcp-cis-benchmark
GCP CIS 1.1.0 Benchmark InSpec Profile
auditing cis-benchmark cloud compliance gcp inspec security
Last synced: 09 May 2025
https://github.com/gicmo/bolt
⚡🐧 - Thunderbolt 3 device manager | This is a MIRROR of bolt from fd.o
daemon linux security thunderbolt
Last synced: 27 Jul 2025
https://github.com/cybrota/whispr
A multi-vault secret injection tool for safely injecting secrets into app environment
aws-secrets-manager azure-keyvault command-line-tool cybersecurity developer-experience devops-tools devsecops gcp-secrets-manager hashicorp-vault python secure-coding secure-software-development security security-tools
Last synced: 14 Dec 2025
https://github.com/CX330Blake/Black-Hat-Zig
This project provides some code examples of Zig for malwares, hacking, and red teaming. ⚡
hacking hacking-tool malware malware-research offensive-security red-teaming security zig
Last synced: 05 Jul 2025
https://github.com/WaTF-Team/WaTF-Bank
WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
android ios mobile-app pentesting security
Last synced: 07 May 2025
https://github.com/P1sec/SigFW
Open Source Signaling Firewall for SS7, Diameter filtering, antispoof and antisniff
diameter encryption firewall security signalling sigtran ss7 telecom
Last synced: 25 Mar 2025
https://github.com/digitalautonomy/wahay
an easy-to-use, secure and decentralized conference call application (this repository is a mirror of an internal work repository)
autonomy calling conference-calls decentralization hidden-services mumble onion-services privacy security tor voip
Last synced: 18 Jan 2026
https://github.com/microsoft/security-devops-action
Microsoft Security DevOps for GitHub Actions.
Last synced: 16 May 2025
https://github.com/mhaskar/Bughound
Static code analysis tool based on Elasticsearch
code-anaysis security security-vulnerability
Last synced: 12 Jul 2025
https://github.com/WhyNotHugo/totp-cli
A cli-based pass-backed TOTP app.
2fa authentication cli command-line otp pass python rfc6238 security token totp
Last synced: 30 Apr 2025
https://github.com/KaanSK/shomon
Shodan Monitoring integration for TheHive.
golang incident-management incident-response incident-response-tooling security security-tools shodan thehive
Last synced: 10 May 2025
https://github.com/jenkinsci/dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
appsec component-analysis devops jenkins-plugin nvd owasp owasp-dependencycheck security software-security visibility vulnerabilities
Last synced: 07 Apr 2025
https://github.com/iamhdt/ecommerce-website-security-checklist
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
bug-bounty ecomm ecommerce hacker hacking security
Last synced: 13 May 2025
https://github.com/wollomatic/socket-proxy
A secure-by-design and flexible unix socket proxy. No external dependencies. Needs no shell or interpreter in a container. Written in Go (memory safe). Can replace tecnativa/docker-socket-proxy or linuxserver/docker-socket-proxy. Most flexible configuration with regular expressions
container docker docker-socket docker-socket-proxy firewall proxy security unix-socket
Last synced: 18 Jan 2026
https://github.com/DragonBe/hibp
A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.
breach composer-package haveibeenpwned hibp password php security verify
Last synced: 25 Mar 2025
https://github.com/TooonyChen/AuthInbox
Auth Inbox 📬 is a self-hosted, open-source platform for receiving multiple email verification codes and real-time notifications, built using Cloudflare's free services. | Auth Inbox 📬 是一个自建的开源多邮箱验证码的接码平台,基于 Cloudflare 的免费服务。
2fa cloudflare cloudflare-email cloudflare-email-routing cloudflare-workers email mail multiple-emails open-source security verfication
Last synced: 22 Jul 2025
https://github.com/dragonbe/hibp
A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.
breach composer-package haveibeenpwned hibp password php security verify
Last synced: 06 Apr 2025
https://github.com/google/minions
Distributed filesystem scanner
security security-scanner vulnerabiity-detection vulnerability-assessment
Last synced: 09 Jul 2025
https://github.com/Freaky/tarssh
A simple SSH tarpit inspired by endlessh
daemon security ssh ssh-server tarpit
Last synced: 16 Jul 2025
https://github.com/freaky/tarssh
A simple SSH tarpit inspired by endlessh
daemon security ssh ssh-server tarpit
Last synced: 23 Oct 2025
https://github.com/electroniccats/bombercat
BomberCat is the latest security tool that combines the most common card technologies: NFC technology (Near Field Communication) and magnetic stripe technology used in access control, identification, and banking cards. Specially created to audit banking terminals, and identify NFC readers and sniffing tools, with this tool you can audit
arduino ble bluetooth magspoof nfc nfc-card-reader rp2040 security security-tools wifi wifinina
Last synced: 04 Apr 2025
https://github.com/sensepost/go-out
☄️ go-out - A Golang egress buster.
buster egress-filtering network scanner security
Last synced: 07 May 2025
https://github.com/r-richter/hyenae-ng
Hyenae NG is an advanced cross-platform network packet generator and the successor of Hyenae. It features full network layer spoofing, pattern based address randomization and flood detection breaking mechanisms.
arp-cache-poisoning c-plus-plus console-application cross-platform denial-of-service flooding hyenae linux mitm networking npcap packet-generator pcap pentesting security smurf-attack spoofing stress-testing syn-flood windows
Last synced: 11 Jul 2025
https://github.com/mozilla-lockwise/lockbox-extension
Experimental Firefox extension for login management experiences, not being actively developed
cryptography extension firefox firefox-extension lockbox mozilla passwords security
Last synced: 21 Apr 2025
https://github.com/powerdns/weakforced
Anti-Abuse for servers at authentication time
anti-bot attack-prevention c-plus-plus gplv3 hacktoberfest intrusion-detection intrusion-prevention linux macos security
Last synced: 28 Apr 2025
https://github.com/pac4j/vertx-pac4j
Security library for Vert.x: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
authentication authorization cas facebook java jwt ldap login logout mongodb oauth openid-connect saml security social-login sql twitter vertx
Last synced: 04 Apr 2025
https://github.com/syss-research/outis
outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
agent dns powershell rat security security-tools tool
Last synced: 10 Apr 2025
https://github.com/aszx87410/beyond-xss
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
Last synced: 05 Apr 2025
https://github.com/itpropro/nuxt-oidc-auth
OIDC (OpenID connect) focused auth module for Nuxt
authentication hacktoberfest nuxt nuxtjs oauth oauth2 openid-connect security vue
Last synced: 02 Jan 2026
https://github.com/fportantier/vulpy
Vulnerable Python Application To Learn Secure Development
flask python security sqlite vulnerable web
Last synced: 22 Jan 2026
https://github.com/aydinnyunus/PassDetective
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
bash bugbounty bugbounty-tool bugbountytips golang hacking kali kali-linux kali-linux-hacking linux red-team security security-tools shell shell-script zsh
Last synced: 06 Apr 2025
https://github.com/gui774ume/ebpfkit-monitor
ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits
ebpf kernel linux linux-kernel linux-kernel-hacking rootkit runtime-security security
Last synced: 30 Oct 2025
https://github.com/kubescape/regolibrary
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
compliance kubernetes kubescape opa security
Last synced: 15 May 2025
https://github.com/localh0t/backfuzz
protocol fuzzing toolkit
fuzzing-framework infosec protocols python reversing security security-tools
Last synced: 10 Jan 2026
https://github.com/d-rickyy-b/certstream-server-go
This project aims to be a drop-in replacement for the certstream server by Calidog. This tool aggregates, parses, and streams certificate data from multiple certificate transparency logs via websocket connections to the clients.
certificate certificate-transparency certificates certstream go golang osint phishing reconnaissance rfc6962 security tls tls-certificate x509
Last synced: 13 May 2025
https://github.com/apg-intel/ipv6tools
IPv6Tools is a robust modular framework that enables the ability to visually audit an IPv6 enabled network.
framework free icmpv6 ipv6 ipv6-framework llmnr multicast networking open-source python python-scapy scapy security
Last synced: 01 Aug 2025
https://github.com/mikeroyal/parrot-security-guide
Parrot Security OS Guide
Last synced: 28 Apr 2025
https://github.com/eacdy/light-security
Light Security是一个基于jwt的权限控制框架,支持与Spring Boot配合使用,支持Spring MVC与WebFlux
role-based-access-control security spring-mvc webflux
Last synced: 21 Aug 2025
https://github.com/Probely/security_checklist
Web Application Security Checklist
checklist prevention security vulnerability web websecurity
Last synced: 20 Sep 2025
https://github.com/ariary/volana
🌒 Shell command obfuscation to avoid detection systems
exploitation infosec obfuscator pentest pentest-tool redteam security shell-obfuscate
Last synced: 26 Apr 2025
https://github.com/authzed/zed
Official command-line tool for managing SpiceDB
authorization authzed authzed-client command-line-tool database-management fine-grained-access-control fine-grained-authorization go golang permissions production sdk security security-tools spicedb spicedb-client zanzibar
Last synced: 05 Apr 2025
https://github.com/mirego/elixir-security-advisories
🛡 Public database of Elixir security advisories pulled from GitHub Advisory Database
advisories elixir erlang security vulnerabilities
Last synced: 13 Oct 2025
https://github.com/orlyjamie/asnrecon
ASN reconnaissance script
asn bugbounty enumeration reconnaissance redteam security
Last synced: 17 Oct 2025
https://github.com/humbug/file_get_contents
Secure wrapper for accessing HTTPS resources with file_get_contents() for PHP 5.3+.
Last synced: 27 Apr 2025
https://github.com/breakpointhq/chrome-bandit
Programmatically extract saved passwords from Chromium based browsers.
credentials-gathering google-chrome macos microsoft-edge opera-browser readteaming redteam-tools security
Last synced: 19 Oct 2025
https://github.com/ajinabraham/libsast
Generic SAST Library
appsec codeanalysis genericsast libsast patternmatch regex sast security semanticgrep semgrep static-analyzer staticanalysis
Last synced: 05 Apr 2025
https://github.com/brycx/checkpwn
Check Have I Been Pwned and see if it's time for you to change passwords.
data-breach haveibeenpwned hibp password security
Last synced: 16 May 2025
https://github.com/polaris64/syswall
Work in progress firewall for Linux syscalls, written in Rust
linux rust security security-tools syscall syscalls
Last synced: 16 May 2025
https://github.com/lawndoc/advancedhuntingqueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
cyber-security cybersecurity defender defender-atp defender-for-endpoint detection detection-engineering hunting kql kusto microsoft microsoft365 security threat-hunting xdr
Last synced: 15 Oct 2025
https://github.com/CLincat/vulcat
vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞
cnvd cnvd-2021-28277 cve cve-2018-7602 cve-2019-15642 cve-2020-10204 cve-2020-9483 cve-2021-21234 cve-2021-22205 cve-2021-3223 cve-2021-35042 cve-2021-42013 cve-2021-43798 cve-2022-1388 cve-2022-26134 exp poc scanner security vulnerability
Last synced: 12 Jul 2025
https://github.com/CERT-Polska/mailgoose
A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.
dkim dmarc security security-tools spf webapp
Last synced: 05 May 2025
https://github.com/dylibso/modsurfer
Devtools to validate, audit and investigate WebAssembly binaries.
binary-scan cli debug diagnostics observability security system-of-record wasm webassembly
Last synced: 20 Aug 2025
https://github.com/ifeilong/feilong
让Java开发更简便的工具库
aes httpclient java-library java8 json-parser md5 security velocity xml-parser zip
Last synced: 21 Aug 2025
https://github.com/rsmusllp/eapeak
Analysis Suite For EAP Enabled Wireless Networks
Last synced: 29 Aug 2025
https://github.com/tlkh/prowler
Distributed Network Vulnerability Scanner
cluster-computing jupyter-notebook linux python raspberry-pi security
Last synced: 14 Jul 2025
https://github.com/microsoft/sca-fuzzer
Revizor - a fuzzer to search for microarchitectural leaks in CPUs
fuzzing meltdown security side-channel spectre-vulnerability
Last synced: 12 Apr 2025
https://github.com/sap-samples/btp-cap-multitenant-saas
Sample project that demonstrates how to setup a multitenant application for a Software-as-a-Service scenario, leveraging the Kyma and Cloud Foundry Runtimes of the SAP Business Technology Platform. Developers learn how to implement their own CAP (mtxs) based SaaS app including an SaaS API and integration with various essential SAP BTP service of...
4064 api-management btp-use-case-factory ci-cd cloud-foundry kyma logging monitoring mtxs multitenancy odatav4 saas sample sample-code sap-btp sap-cap sap-fiori sap-fiori-elements sap-hana-cloud security
Last synced: 05 Apr 2025
https://github.com/alphasoc/nfr
A lightweight tool to score network traffic and flag anomalies
bro-ids intrusion-detection malware-analysis monitoring security suricata
Last synced: 10 Oct 2025
https://github.com/d-Rickyy-b/certstream-server-go
This project aims to be a drop-in replacement for the certstream server by Calidog. This tool aggregates, parses, and streams certificate data from multiple certificate transparency logs via websocket connections to the clients.
certificate certificate-transparency certificates certstream go golang osint phishing reconnaissance rfc6962 security tls tls-certificate x509
Last synced: 12 May 2025
https://github.com/Netflix-Skunkworks/aws-credential-compromise-detection
Example detection of compromise credentials in AWS
Last synced: 16 May 2025
https://github.com/honmashironeko/icpscan
用于快速查询IP、域名资产备案信息及权重的工具。欢迎关注微信公众号加群反馈问题~
cyber-security cyber-security-tool icp security security-tools
Last synced: 07 Sep 2025
https://github.com/nitrokey/nitrokey-pro-firmware
Firmware for the Nitrokey Pro device
firmware nitrokey open-source security usb-stick
Last synced: 28 Jul 2025
https://github.com/shaozi/ldap-authentication
🔐🔐🔐 A simple Nodejs Async LDAP authentication library
authentication ldap ldap-authentication ldap-filter ldap-search nodejs passport-ldap security
Last synced: 27 Jan 2026
https://github.com/landlock-lsm/rust-landlock
A Rust library for the Linux Landlock sandboxing feature
landlock linux sandboxing security
Last synced: 15 May 2025
https://github.com/IridiumIdentity/iridium
An OIDC provider integrator. Choose your social providers without needing to write code.
customer-identity identity-management oauth2 openid-connect passwordless security webauthn
Last synced: 22 Jul 2025
https://github.com/safe-graph/dgfraud-tf2
A Deep Graph-based Toolbox for Fraud Detection in TensorFlow 2.X
anomaly-detection datamining datascience dblp-dataset financial-engineering fraud-detection fraud-prevention graph-algorithms graphneuralnetwork machine-learning opensource outlier-detection security security-tools spam-detection toolkit yelp-dataset
Last synced: 27 Apr 2025
https://github.com/skiff-org/skiff-windows-app
Skiff's Windows app for privacy-first, end-to-end encrypted Mail, Drive, Calendar, and Pages.
encryption privacy productivity security windows wpf
Last synced: 15 May 2025
https://github.com/aydinnyunus/passdetective
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
bash bugbounty bugbounty-tool bugbountytips golang hacking kali kali-linux kali-linux-hacking linux red-team security security-tools shell shell-script zsh
Last synced: 04 Aug 2025
https://github.com/yingtongdou/nash-detect
Code for KDD 2020 paper Robust Spammer Detection by Nash Reinforcement Learning
fraud-detection game-theory machine-learning reinforcement-learning security spam-detection
Last synced: 14 Apr 2025
https://github.com/withsecurelabs/modulestomping
https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/
countercept module-stomping security
Last synced: 25 Jun 2025
https://github.com/YingtongDou/Nash-Detect
Code for KDD 2020 paper Robust Spammer Detection by Nash Reinforcement Learning
fraud-detection game-theory machine-learning reinforcement-learning security spam-detection
Last synced: 11 May 2025