An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/mikebionic/smart-iot

An IoT system tools with remote control rest-api and automation

arduino automation image-processing iot master-slave-architecture orangepi python raspberrypi rest-api security

Last synced: 09 Apr 2025

https://github.com/codingo/ctfs

Code and writeups for a variety of CTF challenges. Links to writeups included where available.

capture-the-flag penetration-testing python security writeups

Last synced: 12 Mar 2026

https://github.com/kliu128/staplechain

Signed, In-band Annotations for Language Model Outputs

gpt-4 openai security

Last synced: 01 Mar 2025

https://github.com/msdousti/owasp-java

A seriously flawed Java project for teaching "OWASP Top 10 - 2017" concepts.

css intellij-idea java javascript jsp maven mysql owasp-top-10 payara-server security servlet web

Last synced: 07 Oct 2025

https://github.com/pavanvaranasi02/ecommerce-website

"An e-commerce web app with user registration, login, responsive product listing, and a 'Buy Later' feature. Built using Java, Servlets, JSP, JDBC, and styled with CSS. Enhance your online shopping experience!"

java jdbc jsp security servlets

Last synced: 08 Oct 2025

https://github.com/gensecaihq/kubekavach

Developer-first K8s security scanner with instant pod replay. Debug prod issues locally in seconds. AI-powered explanations. CERT-IN compliant for Indian orgs.

cert-in container cybersecurity india kubernetes kubernetes-cluster security

Last synced: 09 Oct 2025

https://github.com/wikid82/charon

A lightweight, user-friendly web interface for managing Caddy as a reverse proxy. It simplifies SSL management and host routing for self-hosters who want the power of Caddy without the manual configuration.

caddy crowdsec docker docker-compose homelab proxy-manager reverse-proxy security self-hosted sso tailscale waf web-ui

Last synced: 02 May 2026

https://github.com/practicalparticle/sandblox

**EXPERIMENTAL SOFTWARE** SandBlox: A secure blockchain development platform using pre-built components called Blox & Particle's State Abstraction. Build dApps quickly and safely with React & TypeScript.

account-abstraction blockchain security smart-contracts web3

Last synced: 10 Oct 2025

https://github.com/lemonyte/safe-exec

Deobfuscate and inspect code passed into exec() and eval()

cybersecurity deobfuscation deobfuscator eval exec malware-detection python security

Last synced: 12 Oct 2025

https://github.com/darkstarbdx/cryptid2

Cryptid2 🐍💻 is a Python tool for educational HTTP/UDP flood attacks. It tests server/network resilience, aiding ethical hackers in security assessments. Customizable threads, attack durations, and targets make it ideal for controlled tests. Compatible with Linux/Termux.

ddos ethical-hacking security security-tools

Last synced: 30 Oct 2025

https://github.com/v-checha/openiframe

Build Iframe. Ignore X-Frame-Options, Content-Security-Policy, X-Content-Type-Options, X-Xss-Protection etc.

content-security-policy iframe iframe-api protection security security-policy x-content-security-policy x-content-type-options x-frame-options

Last synced: 13 Oct 2025

https://github.com/nemisolv/spring-ecommerce-microservices

This repository showcases Spring Boot microservices for eCommerce, each handling tasks like user authentication/authorization, product management, and order processing within a cohesive distributed architecture, ensuring scalability and efficiency.

distributed-system-architecture ecommerce java load-balancing microservices scalability security spring-cloud-gateway springboot springboot-microservices

Last synced: 28 Feb 2026

https://github.com/astrogilda/mcp-keyring-injector

Session-scoped MCP credential security - keys auto-injected at startup, auto-removed at exit, zero config file exposure

api-keys authentication claude-code credentials keyring mcp python security

Last synced: 17 Jun 2026

https://github.com/mablanco/docker-loki

Docker image for Loki, a Simple IOC Scanner

docker malware-detection security

Last synced: 02 Jun 2026

https://github.com/sultaniman/allowed_hosts

Elixir plug to protect your APIs from Host header attacks

allowedhosts elixir header-attack plug security

Last synced: 04 Jun 2026

https://github.com/martinpankraz/sap-hacker-in-a-day

Content supporting the DSAG workshop "SAP hacker in a day" 3rd December 2024

azure entra-id hands-on-lab identity mfa-bypass red-teaming sap sap-hack security

Last synced: 19 Apr 2026

https://github.com/stormsinbrewing/savvy-devsecops

GitHub native DevSecOps CI/CD best practices include automated security testing, code analysis, and policy enforcement using GitHub Actions, coupled with secure IaC and container security measures. This entails managing secrets, enforcing access control, and implementing incident response and monitoring, all while fostering continuous learning.

aws build codeql dependab devops devsecops docker github github-actions kubernetes nodejs renovate sast security

Last synced: 01 Jun 2026

https://github.com/raj-tyagi/nmap-ip-scanner-gui

This repository hosts Python code for an advanced IP scanning tool with a user-friendly graphical interface. Built using the nmap library, it provides efficient network scanning options including Ping Scan, Quick Scan, and Intense Scan, making it ideal for network administrators and cybersecurity professionals.

ip-address nmap python security tkinter

Last synced: 02 Mar 2026

https://github.com/chitinhq/shellforge

🔥 Forge local AI agents. Governed. Private. Unstoppable. — Ollama + AgentGuard + OpenShell + DefenseClaw

agentguard agentic-ai ai-agents apple-silicon defenseclaw governance local-llm ollama openshell security

Last synced: 19 Apr 2026

https://github.com/abhinandan-khurana/vulncon_2021

A fully-responsive website for the International Cyber Security Conference and a 24-hour Jeopardy-style CTF: VULNCON 2021, organised by the open source Cyber Security Community "N00B_4rMY" annually.

conference ctf cybersecurity infosec international security

Last synced: 14 Feb 2026

https://github.com/marc-shade/fraud-detection-mcp

Advanced fraud detection MCP server with behavioral biometrics, real-time anomaly detection, and explainable AI for comprehensive fraud prevention

anthropic behavioral-biometrics claude fraud-detection fraud-prevention fraudulent-transactions mcp model-context-protocol security

Last synced: 05 Apr 2026

https://github.com/rayhanadev/replit-token-dump

Secrets that were found by the Replit Token Scanner are dumped here for revocation.

replit secret-scanning security

Last synced: 28 Jan 2026

https://github.com/invariant-systems-ai/aiir

AI Integrity Receipts — generate, verify, and attest cryptographic receipts for commits with declared AI involvement. Release verification with SLSA-compatible VSA. Zero dependencies. Apache 2.0.

ai attestation audit compliance copilot cryptography eu-ai-act git github-actions in-toto mcp receipts security slsa supply-chain-security verification

Last synced: 17 Apr 2026

https://github.com/tonikelope/passport-trace-attack

Proof of concept of traceability attack against e-passport

epassport passport security traceability

Last synced: 23 Apr 2026

https://github.com/petritbahtiri123/leakguard

Local-only Chrome extension that detects and redacts secrets before prompts are sent to AI chat tools.

ai browser-extension chatgpt chrome-extension dlp infosec privacy redaction security

Last synced: 10 May 2026

https://github.com/indspl0it/blue-tap

Blue-Tap is a comprehensive Bluetooth and BLE penetration testing toolkit designed specifically for security assessments of automotive In-Vehicle Infotainment (IVI) systems. It provides a complete attack lifecycle — from passive device discovery through active exploitation, data extraction, and automated report generation.

ble bluetooth fuzzing ivi pentesting security vulnerability-research

Last synced: 17 Apr 2026

https://github.com/hammackj/kekkan

Kekkan is a parser for NIST Version 2 CVE and CPE XML files.

nvd2 ruby security xml-parser

Last synced: 17 Mar 2026

https://github.com/koki-develop/aws-masking

🕶️ Enhance your security by auto-hiding sensitive information on AWS Management Console.

aws chrome-extension security

Last synced: 27 Oct 2025

https://github.com/goafabric/callee-service

🌱 Very tiny SPRING Service without Persistence - Also includes a native image build

aspect native oidc openapi prometheus rest-api security spring-boot tracing

Last synced: 04 Mar 2026

https://github.com/vladlen-codes/llm-security-toolkit

Python library that sits between your app and the LLM client, adding security checks around every model call.

ai ai-security llm-inference security

Last synced: 04 Apr 2026

https://github.com/kukoboris/ubuntu-security-setup

Скрипт для автоматизированной настройки безопасности и оптимизации серверов Ubuntu

bash-script hardening security server-setup ubuntu

Last synced: 29 Apr 2026

https://github.com/bootstrapsp/miu

Developing with Hyperledger Indy made easy.

blockchain-technology golang grpc-python hyperledger-indy iot-application security

Last synced: 04 Apr 2026

https://github.com/mahaloz/mahaloz.re

My hacking blog: https://mahaloz.re

decompilers security vuln-analysis

Last synced: 08 Feb 2026

https://github.com/mauricelambert/entropyanalysis

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

cybersecurity disk-analysis entropy entropy-analysis file-analysis forensic malware-analysis security

Last synced: 04 Jun 2026

https://github.com/discourse/ruby-landlock

Landlock bindings for Ruby

landlock linux sandbox security

Last synced: 25 Jun 2026

https://github.com/appsechq/skill-scanner-test

Skill Scanner - An automated security scanning pipeline for AI agent SKILL.md and Agent plugins in popular public skills directories.

appsec security security-tools skills

Last synced: 04 Jun 2026

https://github.com/cy7su/cysu

Modern educational platform built with Flask, featuring enterprise-grade security, automated CI/CD, and beautiful Material Design UI. Deploy in 30 seconds with Docker or run locally with Python 3.11+.

authentication bootstrap ci-cd docker educational-platform enterprise-grade flask github-actions material-design modern-ui production-ready python python3 responsive-design security sqlalchemy sqlite telegrambot web-application

Last synced: 28 Feb 2026

https://github.com/swissjake/seampass-generator

A comprehensive password generation solution with web app, browser extension, and CLI package. Generate secure random and memorable passwords with strength analysis.

chrome-extension cli cybersecurity monorepo nextjs password-generator password-strength react security tailwindcss typescript

Last synced: 05 Apr 2026

https://github.com/martin-ger/esp_nacl

NaCl crypto lib for the ESP8266

crypto esp8266 security

Last synced: 10 May 2026

https://github.com/ree-verse/rexor

Cross-platform Rust library with CLI app implementing XOR encryption/decryption

cli decryption encryption security xor

Last synced: 04 Apr 2026

https://github.com/rohansx/nullbox

immutable, minimal Linux OS purpose-built for AI agents. No SSH, no shell, no systemd - just microVMs, default-deny networking, and shared agent memory

agent-os ai-agent immutable-infrastucture immutable-os libkrun linux microvms os rust security

Last synced: 04 Apr 2026

https://github.com/jwplayer/github-vul

:octocat: Enable GitHub vulnerability alerts for all repositories

github security security-fix vulnerability-alerts vulnerability-management

Last synced: 24 Apr 2026

https://github.com/wgtechlabs/container-build-flow-action

Intelligent docker container build automation for modern development workflows.

docker ghcr security workflow-automation

Last synced: 28 Feb 2026

https://github.com/pjbgf/beargrabz

Monitor Kubernetes Clusters for authorisation tokens being passed in clear-text.

bearer-tokens devsecops kubernetes network-security security security-audit security-tools

Last synced: 24 Apr 2026

https://github.com/bluet/express-pwnd-pw

Express.js security middleware for checking user password safety with Have I Been Pwned (HIBP) API

express express-middleware expressjs hacktoberfest hibp middleware node nodejs password password-safety security

Last synced: 14 Feb 2026

https://github.com/thetallprogrammer/password-generator

Falkenberg's Password Generator is a secure and customizable tool designed to generate strong passwords with ease. Adjust complexity and length, exclude specific symbols, and copy your password with one click. This standalone generator is part of a larger password manager project currently in development.

cpp desktop-app desktop-application password-generator password-generator-cpp privacy qt security tool tools user-interface

Last synced: 24 Jan 2026

https://github.com/rhinobase/hono-under-pressure

Measure process load with automatic handling of "Service Unavailable" plugin for Hono Nodejs runtime.

api hono honojs middleware nodejs optimization security server web

Last synced: 04 Mar 2026

https://github.com/atani/mysh

MySQL connection manager with SSH tunnel support. Auto-masks sensitive data for AI/non-TTY environments. Supports MySQL 4.x+.

ai-safety cli connection-manager data-masking database golang mysql mysql-client security ssh-tunnel

Last synced: 03 Jun 2026

https://github.com/osiris-unnefer/advanced_mac_spoofer_for_windows

mac spoofer with a lot of OUI, mac computer spoofing, asus spoofing, printings spoofing and other for windows only

address cybersecurity mac oui security spoofing windows

Last synced: 31 Jan 2026

https://github.com/bouke/clibsodium

Swift overlay for libsodium

encryption libsodium security

Last synced: 13 May 2026

https://github.com/phamlongh230-lgtm/yamtam-engine

Personal Agent OS for Claude Code — 42 hooks, 3,432 skills, 93 agents. Blocks rm -rf, prompt injection, pipe-to-shell at runtime. Apache 2.0.

agent-os agents agentskills agi ai-safety aider claude-code cursor deepseek gemini hooks llm-safety prompt-injection runtime-hooks security

Last synced: 13 Jun 2026

https://github.com/dinanathdash/envault

Auditable .env secret manager featuring aggressive CLI safeguards and GitHub JIT access.

cli developer-tools devsecops dotenv jit-access secret-manager secrets-management security

Last synced: 20 Apr 2026

https://github.com/isaacpeel/solesonic-mcp-server

An enterprise-grade MCP server with built-in federated identity support for SSO across providers and secure, scalable access management.

ai identity java mcp mcp-security mcp-server mcp-tools security spring-boot-ai

Last synced: 01 Mar 2026

https://github.com/erwinkramer/running-a-container-securely-in-azure

Considerations for choosing an Azure container service for secure use cases.

azure container-apps container-instances security web-app-for-containers

Last synced: 09 Feb 2026

https://github.com/excalibra/scripts

Platform: Windows/Mac/Linux. Scripting: Various, no restrictions; customized as needed. Tasks: Desktop checks, software cracking, AV evasion, privilege execution, firmware read/write, password checks, Wi-Fi scans, cloud security, log analysis, NLP, and data analysis in humanities/social sciences.

automation ban-ip clawer linux macos security spiders update wi-fi windows

Last synced: 04 Mar 2026

https://github.com/edoverflow/slides

Slides from my past talks.

infosec security slides talks

Last synced: 02 Mar 2026

https://github.com/idthings/idengine

Open sourced project for the core engine used in idThings.

arduino arduino-nano containers iot iot-device microservices security things

Last synced: 25 Apr 2026

https://github.com/aadrianleo/python-login-system

Login system application is use for login page for desktop application it registers the users id and password and use it for logging in to the system.

login python security

Last synced: 03 May 2026

https://github.com/lucadibello/virtualsafe

🔒 Crypt your directories and make your files completely unreadable!

cryptography fernet privacy-tools python security security-tool

Last synced: 06 Jun 2026

https://github.com/tillson/pgctf-problems

Porter-Gaud CTF 2017 Problem Set

ctf ctf-writeups highschool porter-gaud security

Last synced: 12 Feb 2026

https://github.com/turbot/steampipe-mod-terraform-oci-compliance

Run compliance and security controls to detect Terraform OCI resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

compliance hacktoberfest oci oracle-cloud oracle-cloud-infrastructure powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 12 Feb 2026

https://github.com/geeknik/mempool-partyline

Anarcho-ephemeral Mempool Messaging System with TUI

bitcoin chat encryption infosec mempool messaging privacy security

Last synced: 30 Apr 2026

https://github.com/jeckel/eloquent-signature

Add signature check on your Eloquent models

eloquent laravel security signature

Last synced: 21 Apr 2026

https://github.com/devinbarry/longline

A safety hook for Claude Code that parses Bash commands and enforces configurable security policies

bash claude-code cli hook rust safety security tree-sitter

Last synced: 30 May 2026

https://github.com/ogrodev/fsociety

Multi-plugin marketplace for Claude Code offensive security plugins

claude-code claude-code-plugin offensive-security pentesting security

Last synced: 30 Apr 2026

https://github.com/netcode/oauthgoat

Vulnerable dockerized environment designed to test OAuth vulnerabilities

oauth-client oauth2 oauth2-server security security-labs vulnerability

Last synced: 14 Feb 2026

https://github.com/turbot/flowpipe-mod-opsgenie

Opsgenie pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect Opsgenie to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code opsgenie opsgenie-api orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 30 Jan 2026

https://github.com/gdatasoftwareag/nextcloud-gdata-antivirus

This nextcloud app aims to provide an additional layer of security to your Nextcloud instance by enabling automatic and manual scanning of files for malicious content powered by G DATA Verdict-as-a-Service.

cloud it-security malware malware-detection nextcloud nextcloud-apps security

Last synced: 05 Mar 2026

https://github.com/camjac251/tool-gates

Intelligent tool permission gate for AI coding assistants. Bash AST parsing, file guards, configurable tool blocking

ai-tools claude-code cli gemini-cli hooks permissions rust security tree-sitter

Last synced: 30 Apr 2026

https://github.com/rsc-dev/cve_db

Common Vulnerabilities and Exposures DB and Python API

cve database security

Last synced: 13 Feb 2026

https://github.com/jefftrojan/robopotato

Lightweight inter-agent trust, coordinatination and shared state server for AI agent swarms

agent-framework agentic-ai agents ai-agents axum collaborate github hmac key-value-store llm multi-agent rust security tokio websocket

Last synced: 01 Apr 2026

https://github.com/dineshkrishna9999/firsttoknow

🔔 Stop being the last to know. AI agent that tracks YOUR stack and briefs you like a CTO.

ai ai-agent automation cli cve-scanner developer-tools hacker-news llm npm pypi python security tech-news vulnerability-scanner

Last synced: 05 Apr 2026

https://github.com/alex5402/enc-tool

kotlin based encription for strings

encryption encryption-decryption kotlin-android security

Last synced: 26 Feb 2026

https://github.com/tdmalone/cloudfront-security-headers

A quick Lambda@Edge function to add security headers to AWS CloudFront responses.

aws cloudfront headers lambda lambda-edge node-js security

Last synced: 10 May 2026

https://github.com/vhscom/birdcage

Secure remote access for personal AI

acme go remote-access reverse-proxy security self-hosted single-user wireguard

Last synced: 04 Jun 2026

https://github.com/adhit-r/aran

Aran API Sentinel: Your AI-Powered API Security & Governance Platform

ai api cybersecurity ml security

Last synced: 09 Apr 2026

https://github.com/visible/noro

one-time secret sharing for env vars

cli encryption env env-vars one-time one-time-secret secrets security sharing

Last synced: 29 Jan 2026

https://github.com/kimbeobwoo/nestjs-security

A package that provides a variety of security features applicable at the application level. It is basically designed to be compatible with the nestjs framework and can be applied to traditional business logic without any impact.

csrf ip nestjs nestjs-security rate-limiting security

Last synced: 23 Apr 2025

https://github.com/robertdebock/ansible-role-collectd

Install and configure collectd on your system.

ansible collectd molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/ghr-actions/settings-check

Checks that a GitHub repo's settings line up with a specification

actions github-actions github-api security

Last synced: 16 Apr 2026

https://github.com/meinto/anonymous-api-auth-provider

Prevent unauthorised access of public endpoints by for example bots or bad clients.

auth authorization public-api security session-token

Last synced: 29 Mar 2025

https://github.com/zebbern/reconx

🕷️ | ReconX is a Live-Website Crawler made to gather critical information with an option to take a picture of each site crawled!

crawler hacking information-gathering information-retrieval information-security livedata opsec osint osint-tool pentest python python-crawler search-engine security security-tools website website-crawler website-scraper website-security

Last synced: 03 Jul 2025