An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/epappas/llmtrace

Zero-code LLM security & observability proxy. Real-time prompt injection detection, PII scanning, and cost control for OpenAI-compatible APIs. Built in Rust.

agentic ai-agents ai-infrastructure ai-security aiops chatgpt llm-inference llm-monitoring llm-security llm-security-compliance-prompt-injection llmops mlops observability openai pii-detection prompt-injection proxy rust security

Last synced: 19 Feb 2026

https://github.com/smed79/easylist-hosts

Unified EasyList hosts blacklist for use with DNS and domain blocking tools as pi-hole for the purpose of blocking bad domains used for serving ads, tracking, mining, malware and other nasty content.

adblock adblock-plus adguard blacklist blocklist dns dnsforge domains easylist easyprivacy hosts hosts-file malware nextdns personaldnsfilter phishing pi-hole privacy security ublock

Last synced: 24 Oct 2025

https://github.com/jessechale/halehound-cyd

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

bluetooth cc1101 cheap-yellow-display cyd esp32 esp32-diy hacking nrf24l01 offensive-security pentest security security-tools subghz wifi

Last synced: 12 Mar 2026

https://github.com/amadeusitgroup/starter-kit-for-internal-hacking-event

A kit to organize internal hacking events, improving product security and spreading security knowledge.

event fun security

Last synced: 13 Feb 2026

https://github.com/rohaquinlop/immunipy

A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust.

cli python python-library sca security vulnerability-detection vulnerability-scanners

Last synced: 17 Oct 2025

https://github.com/carlocorradini/graphql-auth-directive

GraphQL @auth directive that protects resources from unauthenticated and unauthorized access

auth authentication authorization graphql nodejs security typescript

Last synced: 16 Feb 2026

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/prompt-armor/prompt-armor

Open-source prompt injection detector — 5 layers, 91.7% F1, ~27ms, offline, Apache 2.0

ai-safety anomaly-detection cli faiss jailbreak llm llm-security mcp nlp offline onnx prompt-injection prompt-security python security

Last synced: 03 Jun 2026

https://github.com/99999g/ak47

AK47 是一款跨平台的漏洞利用与安全评估工具 | AK47 is a cross-platform vulnerability exploitation and security assessment tool

expr mcp pentest redteam security skills wails

Last synced: 10 Apr 2026

https://github.com/soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

dast penetration-testing security soos web-security

Last synced: 24 Feb 2026

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/zelon88/emotet_analysis-1

A quick & dirty look at an Emotet infection.

analysis botnet campaign emotet heodo malware-analysis opsec security trojan

Last synced: 09 Feb 2026

https://github.com/visualbean/hibp.net

A simple .NET wrapper for the HIBP (Have I been pwned?) Api

csharp haveibeenpwned hibp netcore nuget security

Last synced: 10 Oct 2025

https://github.com/dk26/strict-path-rs

Handle paths from external or unknown sources securely. Defends against 19+ real-world CVEs including symlinks, Windows 8.3 short names, and encoding tricks and exploits.

directory-traversal file-security filesystem-security path-traversal-prevention path-validation rust rust-crate security type-safety web-security

Last synced: 22 Apr 2026

https://github.com/Armaan29-09-2005/AI-OSINT-Security-Analyzer

AI OSINT Security Analyzer is an intelligent platform that leverages AI to perform autonomous investigations across various intelligence sources. With features like multi-source integration and real-time threat intelligence, it ensures comprehensive security assessments. 🛡️🔍

ai ai-agent analysis cohere cve cve-analysis cybersecurity ip ip-address osint osint-tool osint-tools python security security-analysis shodan streamlit vulnerability-assessment

Last synced: 06 Oct 2025

https://github.com/samouraiworld/sec-guidebook

The Ultimate Security Guide Book for new-cryptorich friends

exploits good-practices privacy protection security wallet

Last synced: 27 Jan 2026

https://github.com/anchore/s3c-workshops

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

containers devsecops fedramp k8s sbom security supply-chain-security vulnerability-scanners

Last synced: 09 Oct 2025

https://github.com/restorm-labs/nuxt-restream

Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.

firebase firebase-storage nuxt nuxt-module nuxt3 security vue3

Last synced: 09 Oct 2025

https://github.com/boogy/iam-policy-validator

⚡ Stop IAM misconfigurations before they become breaches — Catch overprivileged permissions, dangerous wildcards, and policy errors before deployment.

aws iam security

Last synced: 12 Feb 2026

https://github.com/demon1a/bounties-uwu

Chrome extension uses the HackerOne API to reveal hidden rewarded bounties on HackerOne

bugbounty hackerone javascript security tools

Last synced: 14 Oct 2025

https://github.com/bisonai/flutter-machine-learning-security

Protect your Machine Learning model in your Flutter application.

edge-machine-learning encoder-decoder mobile-ai security xor-cipher

Last synced: 18 Oct 2025

https://github.com/radoslaw-sz/guardio

The most flexible control plane for AI Agent systems

ai ai-agent ai-agents control-plane framework guard mcp security

Last synced: 01 Apr 2026

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026

https://github.com/enquo/cretrit

Comparison-Revealing Encryption primitives

cryptography encryption enquo hacktoberfest order-revealing-encryption ore rust security

Last synced: 05 Apr 2026

https://github.com/neuralegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

appsec brightsec e2e pentesting qa security test testing typescript

Last synced: 17 Mar 2026

https://github.com/jaybrown/application-launch-monitor-alm-

Extend macOS Gatekeeper functionality by verifying applications at every launch

anti-malware anti-virus antimalware antivirus codesign gatekeeper macos malware privacy security

Last synced: 03 Mar 2026

https://github.com/always-further/runseal

Sealed execution environment for GitHub Actions.

actions isolation sandbox security supply-chain-security

Last synced: 05 Jun 2026

https://github.com/IBM/simrun

Attack Simulation Platform (ASP) for detection testing

attack-simulation cloud-security detection-engineering security security-automation threat-detection

Last synced: 26 Jun 2026

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/seznam/jailoc

🔒 Jail your AI agents — sandboxed Docker environments with network isolation for Opencode agents

ai-agents cli devtools docker docker-compose golang network-isolation opencode sandbox security

Last synced: 04 Apr 2026

https://github.com/venkatas/vikramaditya

Autonomous VAPT platform. Give it a target (FQDN, IP, CIDR) — it hunts, it reports. Inspired by the Obsidian Order.

ai-security autonomous-agent bash bug-bounty penetration-testing python recon security vapt vulnerability-scanner

Last synced: 30 Apr 2026

https://github.com/orijtech/tickeryzer

Check missing (*time.Ticker).Stop() call, which can cause resources leak.

golang security static-analysis

Last synced: 09 Feb 2026

https://github.com/cisco-open/go-lanai

go-lanai is an application frameworks and a set of modules that make writing applications easy

microservice oauth2 openid-connect saml security spring-boot spring-cloud webapp

Last synced: 18 Mar 2025

https://github.com/maybethisisru/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 12 Apr 2025

https://github.com/accuknox/secret-scan-action

AccuKnox Secret Scan GitHub Action

secret security sensitive-data

Last synced: 06 Mar 2026

https://github.com/globaltradingtechnologies/crypt-bundle

Provides symfony encryptor/decryptor services based on various cryptographic components

aes bundle decryptor encryption encryptor rsa security symfony-bundle

Last synced: 10 Apr 2025

https://github.com/crytic/vscode-starknet-explorer

StarkNet support extension for VSCode. Visualize StarkNet contracts: view storage variables, external and view functions, and events.

auditing cairo review security starknet

Last synced: 01 May 2025

https://github.com/dynonguyen/hospital-management-system

Safety and security of information systems project.

oracle reactjs security

Last synced: 12 Apr 2025

https://github.com/vv198x/go2ban

Protect your servers

firewall go golang open-source security

Last synced: 20 Jan 2026

https://github.com/hayesall/maliciousportableexecutabledetection

Determining whether a portable executable file (.exe) is malicious or benign with comparative results for multiple ML algorithms: AdaBoost, DT, GNB, GradientBoosting, KNN, RF.

classification machine-learning security

Last synced: 28 Oct 2025

https://github.com/bitforger/thegreatersuspender

Fork of popular extension The Great Suspender made more privacy respecting.

chrome chrome-extension javascript privacy security suspender thegreatsuspender

Last synced: 07 May 2025

https://github.com/benoitchantre/wp-composer-auto-updates

WordPress MU-Plugin to enable maintenance and security updates when the site uses version control and DISALLOW_FILE_MODS.

auto-update security wordpress wordpress-mu-plugin

Last synced: 30 Apr 2025

https://github.com/getdatakick/blackholebots

Free module for prestashop and thirtybees platforms that will automagically ban bots that don't follow robots.txt instructions

blacklist module prestashop prestashop-free-module prestashop-module robot security thirtybees

Last synced: 18 Mar 2025

https://github.com/5GSEC/MobiFlow-Auditor

An O-RAN compliant xApp supporting fine-grained and security-aware statistics monitoring over 5G RAN and UEs

5g o-ran security visibility xapp

Last synced: 14 May 2026

https://github.com/elastic/dac-reference

DaC Repo to store the reference documentation and detection-rules management with Elastic rules.

automation dac elastic security

Last synced: 15 Jun 2025

https://github.com/geniuszly/cve-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/etf1/ip2proxy

IP2Location.com Proxy database parser for Golang

golang golang-library golang-package iplocation proxy security tor

Last synced: 17 Jan 2026

https://github.com/shivamsaraswat/certify

Certify is a python tool designed to check the security of SSL/TLS certificates.

certificate-authority certify python security security-automation ssl-certificate tls tls-certificate

Last synced: 10 Apr 2025

https://github.com/nathanjepson/wdac-framework

Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.

application-control applicationcontrol defender enterprise-security operation-system-security powershell powershell-script security sqlite sqlite-database wdac windows windows-defender windows-defender-application-control windowsdefender winrm zero-trust

Last synced: 21 Jun 2025

https://github.com/mattjegan/wtfuzz

A pip-installable tool used for checking the existence of different types of web resources

cli fuzzing python security security-scanner security-tools

Last synced: 30 Dec 2025

https://github.com/inverse/cert-host-scraper

Query the certificate transparency log

certificate scraper security

Last synced: 19 Jan 2026

https://github.com/thedvlprguy/cyberorgs

A site for viewing and analyzing the info of the cybersecurity related organizations participating in Google Summer of Code.

archlinux blackarch-linux cybersecurity googlesu gsoc honeynet kali-linux linux linux-app linux-kernel owasp parrot-os parrotsec security

Last synced: 30 Apr 2025

https://github.com/brittonhayes/citadel

A family of Security Operations micro services built with go-kit

golang microservice secops security

Last synced: 27 Mar 2025

https://github.com/didntchooseaname/altered-security-reporting

A generic sysreptor template to write on-premise related Altered Security's certifications reports of compromission.

altered security sysreptor template

Last synced: 11 Jan 2026

https://github.com/volkansah/modsecurity-rule-to-block-sql-injection-attacks-in-php

Example: ModSecurity rule to block SQL injection attacks in PHP

php security waf

Last synced: 11 Apr 2025

https://github.com/cloudposse/terraform-aws-macie

Use AI/ML and pattern matching to identify and protect sensitive data in AWS

aws compliance machine-lerning macie privacy security terraform terraform-modules

Last synced: 29 Apr 2025

https://github.com/demimarie/sliprock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 18 Jun 2025

https://github.com/bocaletto-luca/super-info

Super Info is a comprehensive, text-based utility for system administrators on Ubuntu and other Debian-based distributions. It provides essential security, monitoring and system checks via a custom ASCII interface with colors (when supported). By Bocaletto Luca

bash cli debian linux security shell-script sysadmin system-info system-monitoring ubuntu

Last synced: 18 Jun 2025

https://github.com/parazyd/git-restrict

Simple utility for git repository permission management

chroot git minimal permission-management security static

Last synced: 29 Oct 2025

https://github.com/umair9747/leakygpt

The one-stop DLP browser extension to stop users from sharing sensitive information with chatGPT.

ai artificial-intelligence chatgpt compliance cybersecurity data-leakage-prevention dlp gpt llm openai openai-chatgpt security security-compliance

Last synced: 03 May 2026

https://github.com/Octogonapus/RegistryScanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 06 Apr 2026

https://github.com/chen-keinan/openshift-ordeal

Open Source runtime scanner for OpenShift cluster and perform security audit checks based on CIS RedHat OpenShift Benchmark specification

audit-checks cis-benchmark cis-security kube kubernetes linux openshift openshift-ordeal openshift-scrutiny redhat scan security

Last synced: 11 Apr 2025

https://github.com/zuazo/chef-encrypted-attributes

Chef plugin to add Node encrypted attributes support using client keys.

chef credentials devops encrypted-attributes encryption gcm keys passwords pki plugin secrets security

Last synced: 13 Apr 2025

https://github.com/sheepreaper/yk-csr-generator

YubiKey CSR Generator: A robust CLI tool that enables users to produce Certificate Signing Requests (CSRs) leveraging YubiKey devices. Comes with enhanced attributes configuration, broad hash algorithm support, and versatile output options. Aimed at providing a seamless, secure, and efficient experience for CSR creation.

authentication certificate cli-tool csharp csr digital-signature dotnet encryption hardware-token open-source piv pki security yubikey

Last synced: 20 Mar 2025

https://github.com/anthonyharrison/sbom-manager

Manage collection of SBOMs (Software Bill of Materials)

cyclonedx devsecops sbom sbom-repository sbom-tool security spdx vulnerabilities

Last synced: 11 Apr 2025

https://github.com/3ndg4me/gortscanner

Simple port scanner rewritten in go

golang hacking hacktoberfest portscanner security

Last synced: 16 Dec 2025

https://github.com/passmarked/ssl

Rules that relate to checking the SSL configuration of each individual resolved server from the domain to ensure locked down config with the broadest compatibility

attack certificate chain cipher compatibility passmarked root-certificate security ssl ssl2 ssl3 standards tls tlsv1 vulnerability

Last synced: 09 Jul 2025

https://github.com/alexkander/loopback-socket

Loopback module for create Socket.io connections and allow call methods and make subscriptions

auth events express expressjs io loopback realtime security socket strongloop subscription websocket

Last synced: 14 Oct 2025

https://github.com/jwilk/getenvy

LD_PRELOAD library to snoop on getenv() calls

security

Last synced: 12 Apr 2025

https://github.com/cnmenghan/quietdirtozipfile

Silently save a directory as a zip file using the Console.

audit backup compress convenient file-management network-security package-files security

Last synced: 07 May 2025

https://github.com/tempehs/the_unsecure_pwa

An unsecure by-design PWA that students can analyse with a suite of tools and support to build their understanding of web-based secure software architecture.

2fa api content-security-policy csp csrf cybersecurity cybersecurity-education encryption form-validation learning-by-doing learning-cybersecurity learning-project penetration-testing race-conditions security session-management sql-injection sqlite3 testing-practices xss

Last synced: 13 Apr 2025

https://github.com/dumbjs/foronce

The OTP Library

crypto node otp security totp

Last synced: 06 Mar 2026

https://github.com/fortio/safecast

Go, safe from accidental overflow, number type conversions

conversions golang golang-library security

Last synced: 17 Jun 2025

https://github.com/bmedicke/reed

notes about 🔍 Reverse Engineering and 🔥 Exploit Development

debugging exploit-development reverse-engineering security

Last synced: 09 Oct 2025

https://github.com/bandarlabs/cveingest

Convert CVEs into LLMs friendly input with multi level crawling

audio cve llm security

Last synced: 03 Jul 2025

https://github.com/topscoder/subgomain

A high-performance tool for identifying domain takeovers with support for custom fingerprints and resolver lists.

bugbounty bugbounty-tool domain-takeover infosec infosectools security security-tools subdomain-takeover

Last synced: 04 Jul 2025

https://github.com/sierrasoftworks/honeypot

A service designed to track malicious SSH login attempts

honeypot security ssh-server

Last synced: 09 Apr 2025

https://github.com/stephenhaunts/text-shredder

A simple tool that applies very strong encryption over text for use with chat or email applications. Use this if you want to add another level of privacy and security that you can control.

cryptography encryption encyption-support privacy privacy-enhancing-technologies privacy-protection security security-tools

Last synced: 11 Apr 2025

https://github.com/flutterguard/flutterguard-cli

Know and see everything an attacker can extract and get from your published Flutter app

android apk cli dart exploit flutter opensource reverse-engineering security static-analysis

Last synced: 13 Jan 2026