An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/zahash/royalguard

Secure Ergonomic Command Line Password Manager. Free Forever. Made with ❤️ using 🦀

cli command-line-tool decrypt decryption encrypt encryption encryption-decryption password password-manager secure security

Last synced: 07 Oct 2025

https://github.com/saccofrancesco/lock

Secure local password manager with CustomTkinter UI and cross-platform support

cross-platform customtkinterr desktop-app encryption gui nord-theme open-source password-manger privacy python security tkinter

Last synced: 04 Apr 2026

https://github.com/ave-sergeev/omoikane

Blazing fast explicit proxy written in Rust for network accessibility research under DPI (Rust) (Q2:2026)

cli dns-over-https dns-over-tls dpi dpi-bypass dpi-evasion linux macos network-tools networking packet-manipulation proxy proxy-server rust security security-research tcp tls-handshake windows

Last synced: 19 Apr 2026

https://github.com/namuan/oauth2-proxy-httpbin

Secure applications using OAuth2 Proxy

docker docker-compose httpbin oauth2 security

Last synced: 19 Apr 2025

https://github.com/shenfe/function-sandbox

📦 Make a "sandbox" for a function.

function-sandbox security

Last synced: 07 Oct 2025

https://github.com/clay-good/enklayve-ai

Enklayve is a free, local, private, and secure personal AI desktop application, built with Tauri and llama.cpp/Qwen, that provides robust document intelligence capabilities using fast embeddings.

document-intelligence llm local-ai personal-ai privacy rust security tauri

Last synced: 30 May 2026

https://github.com/mawg0ud/cveforge

A tool to track & analyze Common Vulnerabilities and Exposures (CVEs).

automation cve cybersecurity detection exploit infosec malware pentesting python risk security vulnerability

Last synced: 04 Apr 2026

https://github.com/semgrep/skills

A collection of skills for AI coding agents from Semgrep

agents claude-code security skills

Last synced: 05 Mar 2026

https://github.com/canva-public/endpoint-vulnerability-management-samples

A companion repository to the Canva engineering blog post on how to do endpoint vulnerability management.

endpoint security sql vulnerability

Last synced: 31 Jan 2026

https://github.com/grcengineering/daily-findings

Daily Findings is a desktop GRC learning app with guided sessions, quizzes, progress tracking, and curated GRC news.

compliance desktop-app governance grc nextjs risk-management security tauri training

Last synced: 06 Mar 2026

https://github.com/aiven-open/aiven-pg-security

Aiven PostgreSQL® add-on for adding some DBaaS security

add-on postgresql security security-tools

Last synced: 29 Apr 2025

https://github.com/bl4ckstack/hedra

Hedra — Command-line tool to analyze HTTP security headers and detect missing protections like CSP, HSTS, and X-Frame-Options.

cli cybersecurity hedra http-headers information-security pentesting ruby rubygems security vulnerability-assessment web-security

Last synced: 04 Apr 2026

https://github.com/bcrowe/cakephp-encrypted-type

:lock_with_ink_pen: CakePHP plugin that provides field-level (column) encryption within the application layer before data is stored or transmitted to the database, supporting regulatory compliance, zero-trust security, end-to-end encryption, and contextual awareness.

cakephp cakephp-plugin data-encryption data-security database encryption end-to-end-encryption field-level-encryption field-level-security gdpr hipaa pci pci-compliance pci-dss php regulatory-compliance security zero-trust zero-trust-security

Last synced: 08 Mar 2026

https://github.com/yurukusa/cc-safe-setup

One command to make Claude Code safe for autonomous operation. 658 example hooks · 14,096 tests · 1,000+ installs/day

agent agentic-coding ai-safety anthropic automation autonomous bash claude claude-code cli coding-agent database-protection developer-tools hooks llm-tools owasp pretooluse safety security token-consumption

Last synced: 17 Apr 2026

https://github.com/celenityy/dove

Dove is a suite of configurations & advanced modifications for Mozilla Thunderbird, designed to put the user first - with a focus on privacy, security, freedom, & usability.

anti-tracking email gecko hardened hardening mozilla privacy private secure security settings thunderbird tracking user-js userjs

Last synced: 25 Feb 2026

https://github.com/rnurgaliyev/dnscrypt-proxy

Docker container for implementing secure DoH DNS server based on dnscrypt-proxy on Raspberry Pi.

dns-server dnscrypt-proxy docker-container doh privacy raspberry-pi security

Last synced: 14 Oct 2025

https://github.com/boschresearch/pq-wolfssl

Integration of selected post-quantum schemes into the embedded TLS library wolfSSL as part of our paper "Mixed Certificate Chains for the Transition to Post-Quantum Authentication in TLS 1.3"

cryptography pqc security tls

Last synced: 07 Oct 2025

https://github.com/philippnormann/sec-grep

🔎 Fast, local search across the security & privacy literature, with an expressive query language, an interactive TUI, and scriptable output.

academic cli dblp papers privacy research-tool rust security security-research tui

Last synced: 10 Jun 2026

https://github.com/djinn-soul/cytoscnpy

Fast Python static analysis powered by Rust. Detects dead code, security issues (including taint analysis), and code quality metrics like complexity, Halstead, maintainability, and nesting depth.

code-quality dead-code-detection python python-linter quality secret-detection security vscode-extension

Last synced: 18 Apr 2026

https://github.com/edyatl/passchek

Passchek is a simple cli tool, checks if your password has been compromised.

check cli compromise k-anonymity password pipeline pwnedpasswords security utility

Last synced: 28 Apr 2025

https://github.com/r3dhulk/bad-usb

bad usb also known as rubber ducky is a usb device to hack your target when you are in device's physical access

attack hacking security security-tools usb

Last synced: 13 Jun 2026

https://github.com/nour-karoui/encrypt-storage

NPM package that encrypts Local/Session Storage (available for TS & JS)

angular client-side encryption javascript localstorage reactjs security sessionstorage storage typescript

Last synced: 27 Oct 2025

https://github.com/italomaia/uri-faker

See how fonts can be used to create fake URIs

fonts html jquery pentest phishing security semantic-ui uri usability

Last synced: 28 Oct 2025

https://github.com/projectachilles/projectachilles

Continuous security testing and cyber-risk quantification for every organization

breach-a cyber-ri docker golang mitre purple-team security self-hosted typescript

Last synced: 03 Apr 2026

https://github.com/mostafahussein/kubernetes-sec-alert

Track Kubernetes CVEs by native GitHub notifications!

cve devops github-actions golang k8s kubernetes security

Last synced: 28 Oct 2025

https://github.com/tecnickcom/rndpwd

Web Service Random Password Generator written in GO

go golang password-generator security webservice

Last synced: 04 Mar 2026

https://github.com/crodjer/biip

Strip out PII before Sending Data

cli pii privacy prompt-engineering prompt-toolkit rust security

Last synced: 25 Apr 2026

https://github.com/djx-y-z/libsignal_dart

Wrapper for libsignal, implementing the Signal Protocol for end-to-end encryption. Features Double Ratchet, X3DH, Sealed Sender, Group Messaging (SenderKey), and Kyber post-quantum key exchange. Optimized for Flutter and cross-platform applications (Android, iOS, Linux, macOS, Windows). AGPL-3.0 Licensed.

cross-platform cryptography dart double-ratchet encryption end-to-end-encryption flutter flutter-rust-bridge frb libsignal messaging privacy rust sealed-sender security signal-protocol x3dh

Last synced: 01 May 2026

https://github.com/mondoohq/ansible-mondoo

Ansible Role for Mondoo cnquery and cnspec

ansible policy policy-as-code security security-as-code

Last synced: 29 Jan 2026

https://github.com/execveat/flawed

Static analysis engine for Python web-applications

security security-tools static-analysis taint-analysis

Last synced: 22 Jun 2026

https://github.com/qaware/cloudid-showcase

Cloud Native Identity Management Showcase.

cloud-native java jsa kubernetes security spiffe spire vault

Last synced: 08 Apr 2025

https://github.com/liangjfblue/go-keyserver

动态密钥服务器。带client端,server端使用demo

gin golang redis security

Last synced: 06 May 2025

https://github.com/mvladislav/vm-docker-collection

Collection of some useful docker container with composer and swarm setup with traefik support

collection docker docker-compose docker-swarm monitoring security swarm traefik

Last synced: 23 Apr 2025

https://github.com/sircryptic/poc

Proof-of-Concept Exploits Based On Known CVE's

cve cybersecurity educational proof-of-concept security

Last synced: 14 Apr 2025

https://github.com/lirantal/dependency-frost

Dependency Frost is an educational platform game to promote awareness of security in open source dependencies

appsec game game-development gamedev hacktoberfest kaboom-js security

Last synced: 06 May 2025

https://github.com/diabonas/arch-security-tracker-tools

Tools to make working with the Arch Linux Security Tracker easier

advisory archlinux cve security tracker

Last synced: 06 Apr 2025

https://github.com/robertdebock/ansible-role-ca

Install and configure a certificate authority on your system.

ansible authority ca certificate molecule openssl playbook security tox

Last synced: 09 Mar 2026

https://github.com/francescodisalesgithub/signal-proxy-setup

Guide about how to set a signal proxy for Signal app

proxy security signal signal-app signal-application

Last synced: 18 Apr 2026

https://github.com/ivision-research/inzure

Azure security configuration automation tool and library

automation azure security vulnerability-detection

Last synced: 23 Jul 2025

https://github.com/dyne/redroom

Zenroom crypto module for Redis

crypto cryptography password redis redis-module security

Last synced: 16 Jul 2025

https://github.com/operatorequals/gitsign-action

Verify Sigstore Gitsign commit signatures

cicd pgp security signatures sigstore

Last synced: 16 Jan 2026

https://github.com/cipherstash/cipherstash-proxy-playground

A playground to experiment with CipherStash and our data security capabilities.

aws-dynamodb data-security dynamodb encryption postgres postgresql searchable-encryption security security-tools

Last synced: 07 May 2025

https://github.com/captainhook-git/secrets

Some useful functionality to detect secrets

git git-hooks secret-detection security

Last synced: 13 Apr 2025

https://github.com/mkmik/getsum

Abuse the gosum database to store verifiable hashes about any binary file

go hack security transparency

Last synced: 17 Aug 2025

https://github.com/grapheneos-archive/device_google_coral-kernel

Pixel 4 and 4 XL kernel prebuilts.

android grapheneos privacy security

Last synced: 13 Aug 2025

https://github.com/c0m4r/paranoya

Simple IOC and YARA scanner for Linux®

malware-detector paranoya python security security-tool yara yara-scanner

Last synced: 25 Jul 2025

https://github.com/timkuijsten/node-mongo-escape

Escape variables to prevent NoSQL injection in MongoDB

mongodb security

Last synced: 01 Aug 2025

https://github.com/sethvargo/go-malice

A malicious package to demonstrate the importance of software supply chain security.

dont-use-this-no-really security software-supply-chain

Last synced: 08 May 2025

https://github.com/kyoshidajp/dep-doctor

Diagnose whether your software dependency libraries are maintained.

dart dependencies elixir erlang golang javascript php python ruby rust security swift

Last synced: 09 Jul 2025

https://github.com/davidmoremad/awspice

Awspice is a wrapper tool of Boto3 library to list inventory and manage your AWS infrastructure The objective of the wrapper is to abstract the use of AWS, being able to dig through all the data of our account

aws boto3 cloud region security wrapper

Last synced: 12 Apr 2025

https://github.com/csfelix/csharp-fermat-method-rsa-attack

👥 Just to education goals, please, doesn't use it to bad purposes!! 👥 (🔑 KeyWords: C#, C Sharp, RSA Algorithm, Fermat's Method 🔑)

cipher csharp rsa security

Last synced: 28 Apr 2025

https://github.com/imranismail/cloudcreds

Secure access to your organization's AWS accounts for both programmatic and console use-case via federated identity and short-lived credentials

aws federated-identity google oauth oidc security

Last synced: 22 Apr 2025

https://github.com/billyJoePiano/TenaPull

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk

java nessus security splunk

Last synced: 11 Jul 2025

https://github.com/osirislab/fork-sentry

GitHub Action for detecting and alerting on suspicious forks of your repository

github-actions security

Last synced: 18 Jul 2025

https://github.com/alessiodionisi/setup-age-action

This action sets up age and adds it to the PATH.

age github-actions security

Last synced: 11 Mar 2026

https://github.com/reverseapple/analysissuite

Utilities for reverse engineering Apple binaries

apple binary-analysis research reverse-engineering security tools

Last synced: 09 Apr 2025

https://github.com/evansims/openfga-php

Stop writing authorization logic. Start asking questions. OpenFGA high performance relationship-based access control for PHP.

abac authorization entitlements fga fine-grained-access-control fine-grained-authorization openfga pbac permissions php rbac rebac sdk security zanzibar

Last synced: 20 Sep 2025

https://github.com/pozil/apex-security-update-summer21

Helper script for Salesforce Summer '21 Apex security update

apex salesforce security summer21 update

Last synced: 14 May 2025

https://github.com/mprpic/cvelint

CLI tool to validate CVE v5 JSON records.

cve linter security

Last synced: 12 Apr 2025

https://github.com/artem-smotrakov/java-dns-tunneling

Here is an example which shows an idea how DNS tunneling can be implemented in Java.

dns-tunneling java java-dns security

Last synced: 16 Jul 2025

https://github.com/grapheneos/tls-pinning

Utilities for setting up TLS key pinning for Android app network security configuration. We pin the keys of trusted roots and backup keys in order to avoid needing to rotate the pinned keys. Backup keys are never intended to be used unless the roots stop being available and then only need to be used until the pins expire or get updated.

https privacy security tls

Last synced: 13 Apr 2025

https://github.com/tawfik-s/spring-security-tasks-solution

Master Spring Security by practice. spring security tasks and solutions. you can find tasks description at the README file. freely use, modify, and distribute the code.

bycrypt csrf github-oauth2 google-oauth2 java jwt jwt-authentication method-level-authorization method-level-security oauth oauth2 oauth2-client preauthorize security spring spring-boot spring-security spring-security-oauth2 tasks

Last synced: 30 Jun 2025

https://github.com/scipag/phputilities

PHPUtilities provides various utility scripts.

commands exploitation penetration-testing php security shell

Last synced: 05 Oct 2025

https://github.com/ebkalderon/bastille

Process sandboxing library written in Rust

cross-platform namespace rust sandbox security

Last synced: 23 Apr 2025

https://github.com/benavlabs/crudauth

Batteries-included, transport-agnostic authentication for FastAPI.

auth authentication backend fastapi security sqlalchemy

Last synced: 24 Jun 2026

https://github.com/henriquetourinho/brhttp

Um servidor estático em Go, superpoderoso. Oferece Live Reload, mas também automação de build com webhooks, proxy reverso e uma API de controle completa.

automation binario debian dev-server frontend go golang linux live-reload minimalist no-dependencies open-source performance reverse-proxy security spa static-server zero-config

Last synced: 04 May 2026

https://github.com/pelock/radio-code-calculator-php

Radio Code Calculator is an online service along with Web API & SDK for generating car radio unlock codes for popular vehicle brands.

anti-theft car car-hacking navigation php radio radio-code radio-codes security unlock vehicle

Last synced: 13 Jun 2025

https://github.com/ubernostrum/django-flashpolicies

Flash cross-domain policies for Django.

django flash python security

Last synced: 26 Oct 2025

https://github.com/dionyziz/hackme

The website describing my bounty hunt game.

bounty security

Last synced: 24 Jan 2026

https://github.com/simpleclub/firebase-rules-helper

A collection of packages aimed to make working with Firebase rules easier.

code-generation coverage coverage-report firebase firebase-firestore firebase-storage firestore security

Last synced: 22 Feb 2026

https://github.com/brittonhayes/notion-stix

Integrate Threat Intelligence into your Notion workspace with notion-stix 🛡️

golang mitre mitre-attack notion security stix stix2 threat-intelligence

Last synced: 08 Oct 2025

https://github.com/felixfriedrich/dnsmonitor

Monitor domain names for DNS changes

dns golang security

Last synced: 14 Jan 2026

https://github.com/xewdy444/netgrave

A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)

camera exploit netwave security vulnerability

Last synced: 11 Mar 2026

https://github.com/egorsmkv/npm-audit-to-report

A simple Go program that converts `security-audit.json` to `security-audit.md` so you can use it in CI pipeline.

ci cve go npm security yarn

Last synced: 25 Oct 2025

https://github.com/infothrill/ansible-role-lynis

An Ansible role to install Lynis, an open source security auditing tool.

ansible ansible-role audit lynis security

Last synced: 11 Feb 2026

https://github.com/elijahhx/dead1ock-h4ck

"Dead1ock-h4ck" is an open-source project dedicated to exploring cybersecurity and ethical hacking techniques. The project aims to provide resources and tools for learning about network security, cryptography, and penetration testing.

cyber-defense cybersecurity cybersecurity-research dead1ock-h4ck exploit github hacking hacktivism infosec malware pentesting programming ransomware security technology vulnerability

Last synced: 23 Apr 2025

https://github.com/jonhadfield/ipscout

Host threat aggregator for network administrators and security analysts.

cli ip ip-reputation netsec netsec-tools network security

Last synced: 07 Feb 2026