An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/andreacioni/keelink

Keepass2Android QR Plug-In Utility

android encryption keepass keepass2android-qr-plug plugin security

Last synced: 21 Mar 2025

https://github.com/benjitrapp/project-makalu

Penetration testing challenge => Test the broken "Session Handling" in the new shop of the "anna group"

burpsuite ctf-challenges docker flask hacking-simulator python3 security

Last synced: 14 Apr 2025

https://github.com/divineomega/php-password-cracker

PHP package to crack passwords

password password-cracker php security

Last synced: 25 Jul 2025

https://github.com/simeononsecurity/Apache-Web-Server-Hardening

An collection of example configurations and scripts to aid administrators in configuring a hardened Apache Web Server

apache encryption hardening security ssl-certificates

Last synced: 17 Aug 2025

https://github.com/houssemdellai/kubernetes-allowed-registries-policy

Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.

aks-kubernetes-cluster container-registry container-security policy security

Last synced: 03 Jan 2026

https://github.com/ayemunhossain/python-for-security

This is a repository is about implementing security concept with python.

devsecops python python3 security

Last synced: 25 Jul 2025

https://github.com/veil-services/veil-go

The sensitive data firewall for AI. Detect and mask PII (Emails, Credit Cards, CPFs) locally with zero-latency before sending prompts to LLMs. Thread-safe & Production ready.

cybersecurity dlp golang llm openai pii-masking privacy security

Last synced: 13 Jan 2026

https://github.com/barandev/firebase-authentication-template

A template repository for implementing Firebase Authentication with Flask and JavaScript. This template provides a basic setup for integrating Firebase Authentication into web applications using Flask as the backend framework. It includes functionalities for user signup, signin, signout, and session management.

firebase firebase-auth firebase-webapp flask html-css-javascript javascript modal-design password-hashing python responsive-design security session-management signin-signup template user-management userauthentication web-template webdevelopment

Last synced: 19 Feb 2026

https://github.com/lanshuns/wintorproxy

A batch script that enabling Tor and Privoxy as a SOCKS5 proxy, providing enhanced privacy and anonymity for internet traffic.

batch privacy proxy security socks tor

Last synced: 25 Feb 2026

https://github.com/trvswgnr/crab-snitch

Get an alert on macOS if an application accesses your microphone or webcam.

macos personal security

Last synced: 08 Sep 2025

https://github.com/ezshine/carefullyopenurl

A Chrome extension that helps users browse the web more safely by adding confirmation steps before opening any links.

chrome-extension security

Last synced: 01 Sep 2025

https://github.com/oliverbebber/comptia-sy0-601-study-notes

CompTIA SY0-601 Study Notes

comptia-security security

Last synced: 09 Mar 2026

https://github.com/zelon88/accessibility-tools-utilmon-defender

A Windows 7-10 startup script for detecting and preventing "Ease Of Access" attacks.

accessibility admin-tools anti-hacking defender security

Last synced: 31 Oct 2025

https://github.com/bonedaddy/web3-super-user

deployment, and configuration guidelines for self-hosting web3 services in a secure manner.

ethereum-staking security self-hosting web3

Last synced: 08 May 2025

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/ayushn21/bridgetown-content-security-policy

A Bridgetown plugin to add a Content Security Policy in a meta tag

bridgetown bridgetown-plugin content-security-policy security

Last synced: 14 Apr 2025

https://github.com/cristalhq/ipfilterware

Go HTTP middleware to filter clients by IP address

filtering firewall go golang http ip ipv4 ipv6 middleware security

Last synced: 08 Apr 2025

https://github.com/buession/buession-security

Buession 安全框架,整合了 spring security、shiro、pac4j;封装了极验等行为验证产品 SDK。

desensitization geetest java mcrypt pac4j security shiro spring

Last synced: 14 Apr 2025

https://github.com/murphysecurity/murphysec-jenkins-tools

将墨菲安全的代码检测能力集成到 Jenkins 中,提高线上代码安全质量

jenkinsfile scanner security

Last synced: 25 Apr 2025

https://github.com/kovart/forta-spam-detector

Advanced spam detector powered by Forta Network

blockchain detector erc1155 erc20 erc721 ethereum forta phishing scam security spam token

Last synced: 15 Apr 2025

https://github.com/louib/challenge-response

Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust.

authentication challenge-response encryption hmac hmac-sha1 nitrokey onlykey otp security yubico yubikey

Last synced: 24 Mar 2025

https://github.com/hcl-tech-software/appscan-sast-action

Integrate static security testing with HCL AppScan on Cloud using GitHub Actions

action appscan github github-actions sast scanning security security-automation security-scanner security-testing security-tools

Last synced: 31 Aug 2025

https://github.com/aaearon/mcp-privilege-cloud

A production-ready Model Context Protocol (MCP) server for CyberArk Privilege Cloud integration. Enables AI assistants and MCP clients to securely interact with privileged account management, safe operations, and platform configurations through 8 comprehensive tools.

ai-integration claude-desktop cyberark cyberark-api cybersecurity fastmcp identity-management mcp mcp-server model-context-protocol oauth-authentication oauth2 pam password-vault platform-management privilege-cloud privileged-access-management privileged-accounts python security

Last synced: 18 Feb 2026

https://github.com/trstringer/kubernetes-aad-msi

Authenticate Kubernetes applications to cloud resources with Azure Active Directory

azure azure-active-directory kubernetes security

Last synced: 08 May 2025

https://github.com/aw-junaid/golang-web-security

Secure Golang web app with best practices: authentication, authorization, input validation, CSRF protection, and secure headers. Example code for secure development.

golang penetration-testing security websecurity

Last synced: 14 Apr 2025

https://github.com/eftec/securityonemysql

It is a library

mysql php php7 security

Last synced: 07 Mar 2026

https://github.com/eqstlab/cve-2024-53677

File upload logic flaw in Apache Struts2 exploit

cve-2024-53677 java jsp proof-of-concept security struts2 vulnerability

Last synced: 16 Sep 2025

https://github.com/lreimer/secure-devex22

Demo repository for my talk at the Heise Developer Experience 2022 conference.

checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api

Last synced: 02 Aug 2025

https://github.com/geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/jpmcb/pwnkit-go

Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go

cybersecurity infosec security

Last synced: 09 Aug 2025

https://github.com/iwpnd/fiber-key-auth

fiber api key authentication middleware

api gofiber golang security

Last synced: 20 Mar 2025

https://github.com/matricali/kaker-scripts

Compilation of files recovered from compromised hosts. This collection contains various scripts and tools used by the attackers.

attacker backdoors compilation files-recovered hacker-scripts kaker-scripts phishing-attacks scanners scripts security shell

Last synced: 15 Apr 2025

https://github.com/mrtazz/certcal

provide an iCal web feed for certificate expiration

calendar certificates golang security ssl tls

Last synced: 15 Apr 2025

https://github.com/authress/authress-sdk.cs

The Authress SDK for C# provides authorization as a service with fully compatible REST apis.

authentication authorization authorization-backend authorization-framework authorization-middleware authorization-server authress nuget security

Last synced: 13 May 2025

https://github.com/ghostofgoes/ui-prccdc

Scripts, Guides, Tools, and what-not for the University of Idaho PRCCDC team.

ccdc hardening prccdc python scripts security uidaho vyos

Last synced: 22 Apr 2025

https://github.com/rattleycooper/warble

Steganography tool that can embed files into the pixel data of images, or the data chunk of a wav file.

obfuscation pentesting security steganography

Last synced: 31 Aug 2025

https://github.com/fractaslabs/silverstripe-security-layouts

SilverStripe module for fancier security layouts (login, logout, lost password etc.)

security silverstripe silverstripe-4 silverstripe-module silverstripe-theme

Last synced: 15 Jan 2026

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/rezen/openvas-up

Levels up scripting OpenVAS

openvas python security vulnerability-scanners

Last synced: 10 Jun 2025

https://github.com/casbin/mux-authz

gorilla/mux's RBAC & ABAC Authorization middleware based on Casbin

abac acl authz casbin gorilla-mux middleware mux plugin rbac security

Last synced: 22 Apr 2025

https://github.com/stephenhaunts/text-shredder

A simple tool that applies very strong encryption over text for use with chat or email applications. Use this if you want to add another level of privacy and security that you can control.

cryptography encryption encyption-support privacy privacy-enhancing-technologies privacy-protection security security-tools

Last synced: 11 Apr 2025

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/dumbjs/foronce

The OTP Library

crypto node otp security totp

Last synced: 06 Mar 2026

https://github.com/mdeous/dnscheck

Subdomain takeover assessment tool.

dns security subdomain-takeover

Last synced: 11 Apr 2026

https://github.com/badr-1/steganography-cryptography

Console App That Uses Cryptography And Steganography To Embed/Extract Secret Message In/From an Image

encryption kotlin lsb-steganography security xor-encryption

Last synced: 13 Apr 2025

https://github.com/infineon/ek-based-onboarding-optiga-tpm

Guide for Setting Up and Operating Device Onboarding with OPTIGA™ TPM Endorsement Key (EK)

raspberry-pi security tpm2

Last synced: 11 Jul 2025

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/akmalovaa/crowdsec-blocklist

Crowdsec Blacklist mirror - allows you to create a local HTTP service with an up-to-date list of harmful IP addresses

blocklist crowdsec docker docker-compose firewall security

Last synced: 19 Apr 2025

https://github.com/rix4uni/portmap

portmap is a fast portscan tool, uses shodan public data for port scan used internetdb.shodan.io and api.shodan.io/shodan/host

bug-bounty bugbounty bugbountytips hacking infosec internetdb osint osint-resources penetration-testing pentest-tool pentesting port-enumeration portscanner recon reconnaissance scan-ports security security-tools shodan threat-intelligence

Last synced: 28 Aug 2025

https://github.com/dynonguyen/hospital-management-system

Safety and security of information systems project.

oracle reactjs security

Last synced: 12 Apr 2025

https://github.com/mychewcents/e2e-encryption

An npm module to allow for easier E2E encryption and decryption. Works on 'tweetnacl' npm package.

e2e-encryption encryption encryption-decryption encryption-tool end-to-end-encryption npm npm-package privacy privacy-protection security

Last synced: 17 Jan 2026

https://github.com/mahmudnibir/hiddenmessage

⚕️ HiddenMessage is a Python script that uses LSB steganography to hide and extract secret text in images. It encrypts the message with AES before embedding, ensuring both privacy and invisibility.

data-hiding digital-forensics encoding encryption encryption-decryption image-processing lsb message-hiding password pil python security steganography

Last synced: 21 Jul 2025

https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 07 Nov 2025

https://github.com/fvinas/tf_aws_lambda_ip_whitelist

An AWS Lambda-based mechanism to allow temporary IP whitelisting via security groups

aws-ec2 aws-lambda aws-security-group infrastructure lambda-functions security terraform-module whitelist

Last synced: 14 Apr 2025

https://github.com/gatomod/path_trav

🤨🔎 A simple path traversal checker made with Rust. Useful for APIs that serve dynamic files.

fs path path-traversal rust security

Last synced: 13 Apr 2025

https://github.com/line/webauthndemo-kotlin

WebAuthnDemo Kotlin is a sample application demonstrating the integration of the webauthn-kotlin SDK for secure, password-less authentication in Android apps. It showcases the use of biometric and device credential authenticators, along with examples for registering and authenticating credentials.

authenticator demo fido2 kotlin passwordless security webauthn

Last synced: 02 Sep 2025

https://github.com/jochasinga/firma

Simple Merkle tree implementation based on the Bitcoin white paper.

bitcoin blockchain firma hashtree merkle ocaml security

Last synced: 17 Nov 2025

https://github.com/offsh/offsh

Xonsh-powered pentesting framework.

pentesting security wazuh xonsh xxh

Last synced: 12 Mar 2025

https://github.com/mitre/apache-tomcat-8-cis-baseline

(WIP) (Alpha) InSpec profile for CIS Apache Tomcat v8 Benchmark

apache inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat

Last synced: 21 Apr 2025

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/seznam/jailoc

🔒 Jail your AI agents — sandboxed Docker environments with network isolation for Opencode agents

ai-agents cli devtools docker docker-compose golang network-isolation opencode sandbox security

Last synced: 04 Apr 2026

https://github.com/99999g/ak47

AK47 是一款跨平台的漏洞利用与安全评估工具 | AK47 is a cross-platform vulnerability exploitation and security assessment tool

expr mcp pentest redteam security skills wails

Last synced: 10 Apr 2026

https://github.com/donedeal0/deepvault

DeepVault allows you to store data in the browser with AES encryption.

aes aes-256 aes-gcm cryptography encryption encryption-decryption gcm local-storage localstorage security

Last synced: 07 Oct 2025

https://github.com/visualbean/hibp.net

A simple .NET wrapper for the HIBP (Have I been pwned?) Api

csharp haveibeenpwned hibp netcore nuget security

Last synced: 10 Oct 2025

https://github.com/samouraiworld/sec-guidebook

The Ultimate Security Guide Book for new-cryptorich friends

exploits good-practices privacy protection security wallet

Last synced: 27 Jan 2026

https://github.com/aligent/magento2-bypass-2fa

Magento module allowing two-factor authentication (2FA) to be bypassed for development purposes.

development magento2 security

Last synced: 11 Apr 2025

https://github.com/heartsucker/rust-secure-session

Signed, encrypted session cookies for Iron

cryptography http iron rust security session

Last synced: 13 May 2025

https://github.com/venkatas/vikramaditya

Autonomous VAPT platform. Give it a target (FQDN, IP, CIDR) — it hunts, it reports. Inspired by the Obsidian Order.

ai-security autonomous-agent bash bug-bounty penetration-testing python recon security vapt vulnerability-scanner

Last synced: 30 Apr 2026

https://github.com/vulnsphere/ai_infra_vuln_pocs

This is the PoC repository of LLM service. Updating...

exploit llm ml nuclei nuclei-templates poc security vulnerability

Last synced: 27 Jan 2026

https://github.com/snehmehta/smartotp

making otp smarter

flask innovation otp python security webapp

Last synced: 14 Aug 2025

https://github.com/always-further/runseal

Sealed execution environment for GitHub Actions.

actions isolation sandbox security supply-chain-security

Last synced: 05 Jun 2026

https://github.com/bandarlabs/cveingest

Convert CVEs into LLMs friendly input with multi level crawling

audio cve llm security

Last synced: 03 Jul 2025

https://github.com/nwtgck/aes128gcm-stream-npm

🛡128-bit AES-GCM Encryption Stream for Web Browsers

aes-gcm browser encryption javascript security stream streams-api

Last synced: 01 Apr 2025

https://github.com/saadbazaz/crackhead

A simple, smart & distributed password-cracking algorithm

algorithm password-cracker security

Last synced: 13 Jun 2025

https://github.com/dajiaji/flask-paseto-extended

PASETO (Platform-Agnostic Security Token) for Flask applications.

flask flask-extension jose jwt paseto past python security token

Last synced: 23 Apr 2025

https://github.com/logchange/eir

🐛🗡️👩‍⚕️ eir is a tool to report system vulnerabilities 👩‍⚕️🗡️🐛

docker gitlab graalvm java micronaut report security security-tools vulnerabilities

Last synced: 05 Jul 2025

https://github.com/zopefoundation/zope.security

Zope Security Framework

maintained proxy python security zope

Last synced: 10 Oct 2025

https://github.com/anchore/s3c-workshops

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

containers devsecops fedramp k8s sbom security supply-chain-security vulnerability-scanners

Last synced: 09 Oct 2025