Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-07-02 00:27:53 UTC
- JSON Representation
https://github.com/openwall/owl
Openwall GNU/*/Linux (Owl) is a small security-enhanced Linux distribution for servers. Owl has effectively reached its end-of-life, but its legacy lives on in a few other distributions (most notably, ALT Linux) and upstream projects. This is a tentative export of the Owl CVS repository into Git, which will possibly be redone later.
hardening linux security userland
Last synced: 09 Apr 2025
https://github.com/sarathsp06/py2factor
Python two factor authenticator app for linux,experimental
2factor cli multifactor-authentication python security
Last synced: 28 Jul 2025
https://github.com/mjorgegulab/nestjs-cryptography
Secure NestJS cryptography module 🔐
cryptography javascript nest nestjs node security typescript
Last synced: 27 Jul 2025
https://github.com/soumyadip007/ga4gh-prototype-and-microservice-api-gsoc-proposal
Implement “Reference registry and contig alias search” for Global Alliance for Genomics and Health.
elasticsearch gsoc hibernate jpa jwt maven microservicers mysql restapi restful-webservices security spring springboot
Last synced: 27 Jul 2025
https://github.com/eqstlab/cve-2024-48914
Arbitrary File Read and DoS in vendure-ecommerce exploit
cve exploit poc proof-of-concept security typescript vulnerability
Last synced: 27 Jul 2025
https://github.com/Nearata/flarum-ext-twofactor
A Flarum extension. Allow your users to enable two factor authentication.
flarum flarum-extension security two-factor
Last synced: 28 Mar 2025
https://github.com/bocaletto-luca/bug-github-farms-points
Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially
bocaletto-luca bug farms github github-bug hack hacking points security yaml
Last synced: 27 Apr 2026
https://github.com/rarecoil/mqtt-packet-fuzzy
Radamsa-backed, hooked mqtt-packet for blind MQTT protocol fuzzing on Mac, Linux and Windows.
fuzzing mqtt mqtt-packet mqttjs radamsa security
Last synced: 01 Jul 2025
https://github.com/fivexl/terraform-aws-ssl-checker
Simple SSL check and expiring certificates reminder with additional DNS check and host availability check.
heartbleed lambda security ssl terraform terraform-module tls tls-certificate-checker tls-scan tls13
Last synced: 09 Apr 2025
https://github.com/its-ashu-otf/better-win-11
Its all about securing and making Windows 11 Better.
better betterwin11 betterwindows11 debloat debloat-script debloater debloatwindows oem oem-customization oeminfoeditor privacy securewindows security win11 windows windows-10 windows11 winutil winutils
Last synced: 27 Oct 2025
https://github.com/ivan-sincek/malware-apk
Are your bug bounty reports getting rejected because you don't use a "malicious" PoC app to exploit the vulnerabilities? I've got you covered!
android bug-bounty content-provider deep-link deep-link-hijacking ethical-hacking file-content-provider implicit-intent implicit-intent-injection intent-injection java malware mobile-penetration-testing offensive-security penetration-testing security shared-preferences sqlite sqlite-content-provider task-hijacking
Last synced: 26 Jan 2026
https://github.com/shaialon/express-csp-generator
Content Security Policy Generator, Powered by RapidSec
Last synced: 03 Sep 2025
https://github.com/windblaze/aegis
MITM protection for MacOS
arp-poisoning arp-spoofing guard macos man-in-the-middle mitm protection security
Last synced: 09 Jul 2025
https://github.com/cbrnrd/krypton
🔒 A CLI tool for easy cryptography
cli command-line-tool cryptography encryption ruby security
Last synced: 22 Apr 2025
https://github.com/adrianmoisey/sitescanners
A few services that scan websites and return useful information.
hacktoberfest http2 ipv6 readme security ssl webdev
Last synced: 16 Jan 2026
https://github.com/melardev/c_win32_bindshell_sync
BindShell written in C using Win32API and blocking sockets
bind-shell c networking pipe poc process-pipes reverse-shell security shell socket win32 win32api
Last synced: 13 Apr 2025
https://github.com/mercedes-benz/sechub-plugin-intellij
intellij plugin for sechub
ide intellij intellij-plugin plugin sechub security security-automation security-testing
Last synced: 22 Jun 2025
https://github.com/authress/authress-local
Local running version of an Authorization API in a container
api authentication authorization authress container offline sdk security
Last synced: 13 May 2025
https://github.com/youhaveme9/apkinfo
A python script to extract high level and critical informations from AndroidManifest.xml or apk
android decompiler reverse-engineering security
Last synced: 04 Sep 2025
https://github.com/ammarfaizi2/icecrypt
IceCrypt PHP Encryption
cryptography encryption encryption-algorithms key php security
Last synced: 03 Jul 2025
https://github.com/lilydjwg/httpseverywhereuserrules
My personal HTTPSEverywhere rules
configuration firefox https security
Last synced: 04 Feb 2026
https://github.com/derhansen/tobserver
tObserver TYPO3 extension required for the free TYPO3 monitoring service
monitoring security typo3 typo3-extension
Last synced: 19 Apr 2025
https://github.com/bongochong/waspscanner
A Basic Scanner for Vulnerabilities Related to HiddenWasp Malware on GNU/Linux
anti-malware bash hidden-wasp hiddenwasp script security shellscript
Last synced: 08 Apr 2025
https://github.com/sjinks/wp-login-logger
WordPress plugin to log login attempts
login security session session-management wordpress-plugin
Last synced: 10 Apr 2025
https://github.com/lirantal/security-report
Report a security vulnerability
Last synced: 21 Apr 2025
https://github.com/emilioforrer/go-stack
Production-ready Go scaffold template with clean architecture, lifecycle-managed dependency injection (samber/do), HTTP server (net/http + Huma/OpenAPI), CLI scaffolding, 45+ AI agent skills for Claude/Copilot/OpenCode, and built-in DevOps security tooling.
agentic-coding ai-agent ai-skills claude clean-architecture cli code-quality codex copilot dependency-injection go golang microservices openapi opencode production-ready security starter-kit template vertical-slice-architecture
Last synced: 30 May 2026
https://github.com/nikanique/spring-rest-framework
Spring REST Framework (SRF) is a powerful library for Spring applications that brings the simplicity and flexibility of Django's REST Framework to Spring. SRF streamlines API development with powerful serialization, flexible filters, and seamless integration.
api cqrs data-jpa dto filter generator rest-api security serialization spring spring-boot validation
Last synced: 14 Jan 2026
https://github.com/infineon/pkcs11-optiga-tpm
OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide
pkcs11 raspberry-pi security tpm2
Last synced: 06 Apr 2025
https://github.com/0xjonaseb11/dn404_marketplace.3.0
A DN404 Marketplace built on ERC404 token standard inspired by Pandora coin
auditing dn404 erc404 ethereum marketplaces nfts security smartcontracts solidity tokens
Last synced: 21 Apr 2026
https://github.com/liberzon/claude-hooks
Smart PreToolUse hook for Claude Code — decomposes compound bash commands and checks each sub-command against allow/deny permission patterns
bash claude-code claude-hooks cli security
Last synced: 20 Apr 2026
https://github.com/actalog/mongodump
🍃 GitHub Action for creating a binary export of a database's contents
actions backup database github-actions mongodb mongodump security
Last synced: 27 Feb 2026
https://github.com/adhar-io/adhar
ADHAR - The Open Cloud-Native Foundation
adhar adhar-patform ai analytics architecture cloud-native data developerexperience devops enterprise gitops governance helm idp k8s kubernetes microservices rapid-development security
Last synced: 25 Feb 2026
https://github.com/jef/gh-audit-org-keys
🔑 Provides list of public SSH keys of an organization
github-api john-the-ripper openssl security ssh
Last synced: 03 Apr 2026
https://github.com/kevinrabun/judges
MCP server with specialized judges to evaluate AI-generated code for security, cost, scalability, cloud readiness, and best practices.
ai-agent ai-code-review ai-generated-code code-quality code-review judge mcp mcp-server security software-architecture static-analysis typescript
Last synced: 05 Apr 2026
https://github.com/theruziev/security_interface
Simple API for authentication and authorization.
python-3-6 python-asyncio security
Last synced: 17 Mar 2026
https://github.com/tse-wei-chen/hs-sql-agent
A high-performance C# SQL Agent MCP that eliminates LLM hallucinations and security risks. Instead of letting the AI write raw SQL, it extracts parameters to generate deterministic, injection-free queries across 6 major databases—complete with a visual Admin UI and enterprise guardrails.
accuracy admin-panel ai-safety ai-safety-design anti-hallucination firebird mcp mcp-server mcp-servers mysql nl2sql oracle postgres postgresql security sql-agent sql-server sqlite
Last synced: 30 May 2026
https://github.com/marirs/unquarantine-rs
Unquarantine/extract/decrypt Quarantined files
antivirus av decrypt extract rust rust-crate rust-lang rust-library security security-tools unquarantine
Last synced: 22 Jun 2026
https://github.com/cipher-fox/nestjs-cryptography
Secure NestJS cryptography module 🔐
cryptography javascript nest nestjs node security typescript
Last synced: 25 Apr 2026
https://github.com/ddrimus/http-threat-blocklist
A daily-updated blocklist of IP addresses involved in malicious HTTP attacks that bypassed multiple security layers. Ideal for protecting web servers against probing, exploits, and bot traffic.
blocklist cybersecurity firewall malware security threat-intelligence
Last synced: 31 Jan 2026
https://github.com/heycupola/relic
Manage and share secrets. Encrypted on your device, never exposed to anyone else.
cli encrypted gdpr-compliant project-management secret-manager secrets security tui typescript zero-knowledge
Last synced: 01 Apr 2026
https://github.com/itcmsgr/nftban
NFTBan is an open-source Linux Intrusion Prevention System (IPS) and firewall manager built on nftables, designed to integrate cleanly with modern Linux security stacks.
ai-security almalinux centos debian fail2ban firewall firewall-management intrusion-prevention ips linux nftables red-hat rocky rocky-linux rockylinux security suricata ubuntu zabbix
Last synced: 04 Jul 2026
https://github.com/dragonbe/poc-webapp-vault
A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault
database mysql php proof-of-concept security vault webapp
Last synced: 16 Mar 2026
https://github.com/divd-nl/cna-bot
GitHub action to validate and submit CVE entries using cvelib, cvelint and cve service.
Last synced: 01 Mar 2026
https://github.com/protokol/guardian
Transaction Based Permission Management (Users and Group) OnChain
ark blockchain configurable permissions security user-management
Last synced: 19 Oct 2025
https://github.com/katosh/agent_sandbox
Sandbox AI agents on HPC systems with slurm.
ai-agents bubblewrap firejail hpc landlock sandbox security slurm
Last synced: 05 May 2026
https://github.com/lambda2/breezer
🔒 Lock your Gemfile dependencies to safe versions
Last synced: 18 Jan 2026
https://github.com/codeconut-ltd/wordpress-plugin-default-config
WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.
composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings
Last synced: 08 Oct 2025
https://github.com/kumuluz/kumuluzee-security
KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.
cloud-native java javaee kumuluzee microservices oauth2 openid-connect security
Last synced: 17 Oct 2025
https://github.com/ivan-sincek/pre-master-secret-key
Set up all you need to capture pre-master secret keys to decrypt SSL in Wireshark.
batch decrypt-ssl decrypt-tls defensive-security environment-variables ethical-hacking incident-response offensive-security secret-keys security threat-hunting wireshark
Last synced: 16 Oct 2025
https://github.com/picobaz/pybruteforge
PyBruteForge: A powerful Python brute-force login tester for ethical security audits. Forge attacks with smart password patterns and CSV logging via a modular API-driven design. Strengthen your defenses—test ethically!
bruteforce cybersecurity ethical-hacking login-tester password-audit penetration-testing python security web-security
Last synced: 23 Oct 2025
https://github.com/yandex-cloud-examples/yc-mk8s-copy-fail-mitigation
DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)
kubernetes mk8s security yandex-cloud yandexcloud
Last synced: 25 Jun 2026
https://github.com/anuran-roy/mapsec_server
MapSec Backend Server prototype (built on FastAPI)
api backend cybersecurity fastapi internet-of-things iot mapsec open-source opensource python python3 rest-api scanner security tinydb
Last synced: 02 May 2026
https://github.com/tangle-network/eigensdk-rs
Eigenlayer SDK for building AVS
avs blockchain cryptography eigenlayer eigenlayer-avs restaking security
Last synced: 26 Oct 2025
https://github.com/onzack/kube-defcon
A tool to visualize network policy information from the Kubernetes Master API
docker kubernetes network-policy security visualization
Last synced: 26 Oct 2025
https://github.com/sadhasivamx/boar-hunting-yolov8
YoloV8-based boar detection system with Arduino-triggered buzzer for enhanced security.
arduino artificial-intelligence computer-vision custom machinelearning security yolov8
Last synced: 07 Oct 2025
https://github.com/luisschwab/smaug
smaug 🐉 guards your coins and sends you an email if they move
Last synced: 24 Jan 2026
https://github.com/suuhm/log4shell4shell
Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell
checker hacking linux log4j log4j2 log4shell macos patch penetration-testing pentesting proof-of-concept scanner security tomcat vulnerability-scanners windows
Last synced: 03 May 2026
https://github.com/lauslim12/attendance
🔐 Secure full-stack + REST API implementation of 2FA in the form of an attendance system
api authentication authorization express full-stack multi-factor-authentication nextjs owasp production security totp typescript
Last synced: 10 May 2026
https://github.com/venura9/manage-nsg
GitHub Action to Manage NSG Rules allowing public running deployment to resources secured by Azure NSGs
Last synced: 06 Feb 2026
https://github.com/beenuar/shieldapp-android
All-in-one Android security suite — deepfake detection, antivirus, Tor VPN, breach monitoring, phishing scanner, and 50+ security tools. On-device, no API keys, open source.
android android-app android-security antivirus breach-detection cybersecurity deepfake-detection jetpack-compose kotlin malware-detection material-design network-security open-source phishing-detection privacy security tensorflow-lite threat-intelligence tor vpn
Last synced: 11 May 2026
https://github.com/happyhackingspace/privacy-policy-analyzer
A command-line tool that automatically fetches, analyzes, and scores website privacy policies using AI to highlight strengths, risks, and recommendations.
Last synced: 13 Oct 2025
https://github.com/zabojeb/phpgp
phPGP - tool to store your PGP keys on the physical storage (USB, flash drive etc.)
cryptography cybersecurity encoding gnupg gpg pgp pypi python security usb
Last synced: 29 Jan 2026
https://github.com/sap-samples/btp-sac-forecast
This scenario is primarily intended to empower data driven decisions through analytics forecast using SAP Analytics Cloud, BTP extension application and SAP Build Work Zone, standard edition.
cloud-foundry sample sample-code sap-analytics-cloud sap-btp sap-build-work-zone-standard-edition sap-cap sap-hana-cloud security story
Last synced: 06 Feb 2026
https://github.com/sowoi/check-nextcloud-security
Check the security level of your Nextcloud instance with the Nextcloud Security API
icinga icinga2 icinga2-plugin nagios-checks nagios-plugin nextcloud nextcloud-server python3 scan security
Last synced: 11 Jun 2026
https://github.com/rulilg/litic
JS library to perform technical SEO and best practices analysis to your projects.
accessibility best-practices security seo technical-seo web-development
Last synced: 13 Oct 2025
https://github.com/robcyberlab/caesar-cipher-tool
🔑Caesar Cipher Tool🔐
caesar-cipher caesar-cipher-algorithm cryptography cybersecurity cybersecurity-projects decryption-algorithms encryption-algorithms encryption-decryption html-css-javascript security
Last synced: 08 Oct 2025
https://github.com/rad-security/clawkeeper
Open-source security scanner for AI agent hosts. Audits macOS and Linux machines for misconfigurations, credential exposure, and network hardening — 42 checks across 5 phases with auto-fix.
ai-agents bash devsecops hardening linux macos openclaw scanner security
Last synced: 12 Jun 2026
https://github.com/getarcis/arcis
Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.
bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss
Last synced: 06 Jun 2026
https://github.com/qualixar/skillfortify
First formal security scanner for AI agent skills & plugins. Static analysis, supply chain verification, SBOM generation. 22 frameworks supported including MCP, LangChain, CrewAI.
agent-skills ai-agents cyclonedx formal-methods mcp sbom security static-analysis supply-chain-security
Last synced: 27 Mar 2026
https://github.com/edsoncelio/ctf-guide
Information guide about CTF: https://edsoncelio.github.io/ctf-guide/
computer-engineering criptography pentest security
Last synced: 06 Feb 2026
https://github.com/5GSEC/security-intents
Repository to hold security intents in standard template format.
5g blueprints intents k8s kubernetes o-ran security
Last synced: 16 Jun 2026
https://github.com/richbl/motion-surveillance
Ruby-based video security surveillance system using Motion (a software motion detector)
email image iot motion motion-detection motion-detector motion-surveillance ruby security surveillance video video-surveillance
Last synced: 10 Oct 2025
https://github.com/piecioshka/is-responding
🛠 A tool to find active endpoint use an enumeration strategy
Last synced: 17 Jun 2026
https://github.com/rsclarke/terraform-cloudflare-fastmail-email
MX, SPF, DKIM and DMARC records with MTA-STS policy for email hosted by Fastmail
cloudflare dkim dmarc email mta-sts mx security spam-protection spf terraform
Last synced: 04 Apr 2026
https://github.com/mablanco/docker-rapidscan
Docker image for Rapidscan, a multi-tool web vulnerability scanner
Last synced: 02 Jun 2026
https://github.com/0xbitx/dedsec_shred
DEDSEC_SHRED is a Linux-based tool for securely erasing files and directories
delete encryption-decryption file-shredder files linux-tool remove security
Last synced: 08 Feb 2026
https://github.com/solomonkassa/nginx-automation
🚀 NGINX Automation Framework A comprehensive, enterprise-grade NGINX automation framework designed for high-availability, security-focused, and scalable web infrastructure deployment.
ansible ci-cd doker kubernetes nginx nginx-docker prometheus script security shell-script
Last synced: 03 Apr 2026
https://github.com/mondoohq/terraform-provider-mondoo
Terraform Mondoo provider
Last synced: 02 Apr 2026
https://github.com/richonn/shieldci
GitHub Action that auto-generates hardened CI/CD DevSecOps pipelines — lint, tests, Trivy, Gitleaks, SAST and more — and opens a PR with the generated workflows.
automation ci-cd devops devsecops github-actions gitleaks golang pipeline sast security trivy
Last synced: 30 May 2026
https://github.com/picobaz/pyformblaster
PyFormBlaster: A sleek Python web form fuzzer for ethical security audits. Blast forms with random and malicious inputs to uncover XSS, SQL Injection, and more. Features auto-field detection, CSV logging, and modular config. Test responsibly!
cybersecurity ethical-hacking form-fuzzer fuzzing penetration-testing python security web-security
Last synced: 09 Oct 2025
https://github.com/kostasereksonas/tp-link-tl-wr841n-security-analysis
Security analysis of a TP Link tl-wr841n router.
cybersecurity nmap router security security-analysis security-vulnerability tp-link tp-link-wr841n vulnerability wr841n
Last synced: 28 Feb 2026
https://github.com/iris-eval/mcp-server
The agent eval standard for MCP — score output quality, catch safety failures, enforce cost budgets
agent-evaluation ai-agent claude eval evaluation llm mcp mcp-server model-context-protocol observability security tracing
Last synced: 07 May 2026
https://github.com/0xhunterr/hack_map
A Collection of InfoSec Mind Maps
ejpt-notes ejpt-study mindmap security
Last synced: 14 Feb 2026
https://github.com/jcsec-security/cosmwasm-security-spotlight
Posts and labs to learn CosmWasm smart contract security vulnerabilities and audit
audit blockchain bug bugbounty contract cosmos cosmossdk cosmwasm ctf dapp defi hacking rust security smart smartcontract vulnerabilities
Last synced: 26 Oct 2025
https://github.com/havendv/namedpipeserverstream.netframeworkversion
.NET Standard version of NamedPipeServerStream that contains PipeSecurity constructor.
access-control csharp dotnet ipc namedpipeserverstream netstandard netstandard20 pipes pipesecurity security serverstream system windows
Last synced: 19 Apr 2025
https://github.com/picobaz/nexusbrute
NexusBrute: A modular Node.js brute-force login tester for ethical security audits. Simulate password attacks with smart patterns, auto-CSRF handling, and CSV logging. Harden your systems—use with permission only!
bruteforce cybersecurity ethical-hacking login-tester nodejs password-audit penetration-testing security web-security
Last synced: 06 Jan 2026
https://github.com/k3rnel-dev/katanaframework
Katana-Framework это фреймворк для энтузиастов по тестированию на проникновение на данный момент еще находится в разработке.
framework hack hacking malware metasploit pentest pentesting post-exploitation security
Last synced: 28 Jun 2025
https://github.com/bl4ck44/ctf-desafios
CTF Retos de Captura la bandera resueltos.
ctf ctf-challenges exploit hacking hackthebox hard kali kali-linux pentesting security vulnhub
Last synced: 31 Jul 2025
https://github.com/nolze/imagesteg
A simple image steganalysis (steganography analysis) tool in Python with web-based GUI
ctf security steganalysis steganography
Last synced: 13 Aug 2025
https://github.com/righettod/code-snippets-security-utils
Provides different utilities methods to apply processing from a security perspective.
appsecurity code-snippets java security
Last synced: 31 Aug 2025
https://github.com/goblgobl/authen
Add 2FA to an existing authentication flow
authentication go microservice security self-hosted
Last synced: 16 Jan 2026
https://github.com/certwatch-app/cw-agent
SSL/TLS certificate monitoring agent for Kubernetes and on-prem infrastructure. Scan certificates, detect expiration, validate chains, and sync to CertWatch cloud.
certificate cli cloud-native devops golang kubernetes monitoring security sre ssl tls
Last synced: 13 Jan 2026
https://github.com/jmaczan/ktotu
Identify devices in your network and monitor it against intruders
linux monitoring netsec netsecurity network network-monitoring network-security python security
Last synced: 02 Aug 2025
https://github.com/z3ntl3/ddos-denier
DDOS-Denier is a tool designed to evaluate incoming server attacks based on CPU load and automatically take countermeasures. Intended for Cloudflare websites.
api bot cloudflare ddos security
Last synced: 16 Aug 2025