An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/docker/portcullis

A tiny Go library to detect and redact API tokens, cloud credentials, and other secret material in arbitrary text.

ai secrets-detection security

Last synced: 23 May 2026

https://github.com/influxdata/sedg

Tools for tracking security issues flexibly in version control

cve-tracking cve-triage security vulnerability-tracking

Last synced: 03 Feb 2026

https://github.com/contributte/oauth2-server

🔒 OAuth2 server for Nette Framework

contributte nette outh2 security

Last synced: 13 Aug 2025

https://github.com/davidmoremad/azure-security-templates

Useful templates of security policies, roles and runbooks to protect your Azure account

azure cloud-security security

Last synced: 24 Sep 2025

https://github.com/BansheeTech/AgnosticWipe

AgnosticWipe is a utility function that safely removes all child nodes of a given DOM element, avoiding the use of innerHTML to clear content. It includes configurable debugging capabilities (log and warn), similar to other Agnostic modules, to assist with troubleshooting during development.

agnostic-wipe agnosticwipe clean dom dom-manipulation firstchild innerhtml javascript removechild security targetselector vanilla-javascript vanilla-js wipe xss

Last synced: 11 May 2025

https://github.com/aayushiahlawat/shield-chat-android-app

Shield Chat is an Android messaging application developed using Java and Firebase technologies

android android-application authentication chatting-app firebase java security

Last synced: 08 May 2026

https://github.com/Otsmane-Ahmed/KEIP

Kernel-Enforced Install-Time Policies (KEIP): An eBPF/LSM based security tool that detects and blocks malicious network activity during pip install.Kernel-Enforced Install-Time Policies (KEIP): An eBPF/LSM based security tool that detects and blocks malicious network activity during pip install

cybersecurity ebpf linux lsm malware-analysis python security supply-chain-security

Last synced: 07 Apr 2026

https://github.com/eth-sri/insec

Reproduction Package for "Black-Box Adversarial Attacks on LLM-Based Code Completion" [ICML 2025]

adverserial-attack code-completion llm security

Last synced: 23 Jul 2025

https://github.com/icantmakethings/nicetotp

Full offline (except configuration) TOTP Hardware key, using the nRF52840.

2fa 2factor nrf52 nrf52840 offline security sha-1 totp

Last synced: 13 Oct 2025

https://github.com/edmartt/profilesaver

This is a password manager developed for fun and learning about MVC.

desktop-application java mvc-application password password-generator password-manager passwordmanager security

Last synced: 06 Jan 2026

https://github.com/skipmcgee/host_security

Red Hat Enterprise Linux 6 & 7 security tool for enumerating security and IT operations-relevant information on a host and forwarding to a SIEM or enterprise syslog server in key='value' format.

cyber cybersecurity linux python3 rhel6 rhel7 security security-tools syslog

Last synced: 12 Jul 2025

https://github.com/assaf-r/aisir

Named after the beautiful loch Aisir in northen Scotland, Aisir is an Ebpf based tool that logs and filters connection to remote IP addresses

ebpf ebpf-programs firewall linux security security-tools

Last synced: 01 Apr 2026

https://github.com/qtsolv/laravel-auditors

Record created by, updated by and deleted by on Eloquent models automatically.

eloquent laravel php security

Last synced: 12 Apr 2025

https://github.com/hollobit/wg3_tcm

a matrix to provide the clarified definition and relationship information of trustworthiness characteristics between in the AI/ML standards

accountability ai bias consistency controllability effectiveness explainability integrity ml quality reliability risk robustness security testing traceability transparency trust trustworthiness vulnerability

Last synced: 29 May 2026

https://github.com/oefenweb/ansible-apparmor

Ansible role to remove apparmor in Debian-like systems

ansible apparmor debian security ubuntu

Last synced: 13 Jul 2025

https://github.com/tomoyamachi/falco-on-distroless-fargate

trace an application activity, in distroless:static image. this image also work on ECS Fargate.

container fargate go security

Last synced: 25 Mar 2025

https://github.com/jenkinsci/signpath-plugin

Submits a build artifact to SignPath Code Integrity Platform for build integrity check and code signing.

code-signing security supply-chain-security

Last synced: 17 Jul 2025

https://github.com/amusarra/liferay-portal-security-audit

This project implements some of the mechanisms of the Liferay Portal Security Framework and in particular of the Audit Framework section. Customized message processor audits have been implemented such as: CloudAMQP Audit Message Processor, Login Failure Message Processor and Syslog Audit Message Processor

audit audit-message audit-router audit-service liferay liferay7 message-processors osgi security

Last synced: 21 Jul 2025

https://github.com/wnikk/laravel-access-ui

Permissions Package with User Interface for ACR (Access Control Rules) on Laravel.

acl acr grud laravel manager permissions rbac rbac-management roles roles-management rules security ui vue3 wnikk

Last synced: 28 Feb 2025

https://github.com/cppalliance/crypt

A C++20 module of cryptographic utilities for CPU and GPU

cpp20 cuda security

Last synced: 23 Apr 2025

https://github.com/containerssh/images

The ContainerSSH container images

devsecops docker kubernetes security ssh

Last synced: 23 Apr 2025

https://github.com/rucas/shh

:see_no_evil: :hear_no_evil: :speak_no_evil: - AWS KMS Express Middleware

aws aws-kms express express-middleware security

Last synced: 17 Jan 2026

https://github.com/suzuki-shunsuke/deny-self-approve

CLI to deny self-approved GitHub Pull Requests

cli oss security

Last synced: 24 Apr 2025

https://github.com/craftzman7/pentest-mcp

Automated discovery and exploitation of security vulnerabilities using natural language and LLMs.

llm mcp pentesting security

Last synced: 14 Jul 2025

https://github.com/robertdebock/ansible-role-upgrade

Upgrade a package only if it is installed otherwise do nothing.

ansible molecule playbook security tox upgrade

Last synced: 02 Apr 2026

https://github.com/gordonzhang2024/xss-shield

A Python library to prevent your website from being attacked

python python-3 python-package python3 security web xss xss-attacks xss-scanner

Last synced: 24 Apr 2025

https://github.com/kicksecure/apparmor-profile-thunderbird

AppArmor profile for Thunderbird - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor debian security thunderbird

Last synced: 19 Apr 2025

https://github.com/open-turo/actions-security

GitHub Actions for security checks

action ci gha github security

Last synced: 16 Jan 2026

https://github.com/instantwebp2p/scoap

Securing COAP with UDP without DTLS

coap iot mqtt security

Last synced: 10 Jun 2025

https://github.com/ariary/aravisfs

Encrypted filesystem 🔐 And a CLI to remotely and securely interact with (if you want to store encrypted private data on ☁️)

cloud encryption filesystem pentest-tool privacy security

Last synced: 26 Apr 2025

https://github.com/dina-heidar/saml2-authentication

A dotnet tool used to authenticate and logout using SAML2. It implements SAML Web SSO (HTTPGet, HTTPPost, Artifact), Logout (HTTPGet, HTTPost) profile message flows and bindings.

aspnetcore authentication dotnet identity netcore netstandard saml2 security slo sso

Last synced: 14 Jan 2026

https://github.com/trendmicro/v1-cloud-community

About Collection of Trend Micro Open Source Community Projects related to Trend Vision One

automation demo security trendmicro trendvisionone visionone

Last synced: 15 Apr 2025

https://github.com/telefonicaid/fiware-keystone-spassword

Keystone SPASSWORD is an OpenStack Keystone extension that enables some extra security checks over user passwords, as force the usage of strong passwords, expiration time for a password, number of bad login attempts before user account became temporarily blocked, a recover procedure password, second factor authentication (2FA), etc.

keystone ldap openstack-keystone-extension security

Last synced: 19 Apr 2025

https://github.com/dajiaji/mkkey

Application-layer Key Generator supporting JWK (JSON Web Key) and PASERK (Platform-Agnostic Serialized Keys).

cryptography jose jwk jwt paserk paseto python security

Last synced: 14 Jan 2026

https://github.com/birddevelper/gomologin

Gomologin is Golang (Go) login manager working with RDBMS Databases

authentication authorization go golang gomologin login login-manager login-system role security session sql

Last synced: 28 Apr 2025

https://github.com/kicksecure/apparmor-profile-hexchat

AppArmor profile for HexChat IRC - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor hexchat irc profile security

Last synced: 10 Mar 2025

https://github.com/ayemunhossain/secure-session-based-jwt-authentication

🔒 Introducing an authentication project crafted with Node.js, featuring session-based JWT token authentication and fortified with CSRF protection. Elevate your security measures while enjoying the seamless user experience provided by this robust solution.

ayemunhossain csrf-protection jwt jwt-token jwt-vs-session security session session-management token

Last synced: 24 Mar 2025

https://github.com/benjaminxscott/awesome-threats

A curated list of security threats and how to mitigate them

infosec security security-professionals

Last synced: 08 Jan 2026

https://github.com/suzuki-shunsuke/trivy-config-action

GitHub Actions for trivy config

github-actions oss security

Last synced: 06 Jul 2025

https://github.com/eptllc/brs

Modular toolkit for professional network analysis and security auditing.

bash brabus cybersecurity easyprotech linux network network-security penetration-testing pentest reconnaissance security toolkit

Last synced: 06 Jul 2025

https://github.com/magnetikonline/cloudfront-edge-secgroup-update

Lambda function to synchronize a set of EC2 security groups allowing ingress only from CloudFront edge locations.

cloudfront ingress lambda security

Last synced: 02 Sep 2025

https://github.com/arpihomesecurity/arpi_webapplication

ArPI home security system - webapplication

angular home-security raspberrypi security

Last synced: 10 Feb 2026

https://github.com/fevra-dev/gitexpose

Exposure intelligence for AI and dev infrastructure. Detects exposed credentials, AI-tool configs, supply-chain risk, framework vulns, and invisible Unicode attacks. OWASP LLM + MITRE ATLAS tagged.

ai-security asyncio cli credential-scanner git-security llm-security mcp mitre-atlas ml-security offensive-security owasp-llm pentesting python react2shell secret-detection security security-scanner supply-chain-security vulnerability-scanner

Last synced: 31 May 2026

https://github.com/jacksingleton/dast-pipeline

Notes on the current state of DAST tooling in automated delivery pipelines

automated-delivery-pipelines burp security zap

Last synced: 25 Mar 2025

https://github.com/geeknik/scada-scanner

A high-performance, asynchronous SCADA/ICS scanner

bug-bounty bugbounty ics infosec scada scanner security

Last synced: 28 Apr 2025

https://github.com/malikmaky/keemanager

KeeManager is a secure password and data management desktop application designed to help users securely store, manage, and access sensitive information.

encryption-decryption hash javascript key-der rust security svelte tailwindcss tauri tauri-app

Last synced: 11 Apr 2026

https://github.com/binorassocies/bro-scripts

Bro IDS useful scripts

bro-ids security smtp x509

Last synced: 04 Feb 2026

https://github.com/geeklearningio/gl-ionic-secure-file-storage

A service using two encryption plugins to encrypt data on iOS and Android

cordova cryptography ionic security storage

Last synced: 28 Apr 2025

https://github.com/equk/ffox_profile_tools

🦊 linux firefox profiles with security presets & userchrome styles

firefox firefox-profiles mozilla mozilla-firefox namespaces prefs preset privacy security security-hardening userchrome

Last synced: 10 Apr 2025

https://github.com/cihatsolak/netcore-security

How we take precautions against attacks from malicious users is exemplified. Net core projects have default security measures. We can use the IDataprotector interface to encrypt data. We must also be protected against xss attacks such as Reflected or Stored. For this, we must pay attention to the use of Html.Raw().

cors cross-site-scripting dataprotection hsts https-client ipcontrol secret-management security

Last synced: 20 Jul 2025

https://github.com/kaiiyer/emailrep

This is a go library for interacting with the EmailRep service

api email emailrep golang json-api security

Last synced: 16 Jan 2026

https://github.com/vt-alt/ipt-so

Селектор меток безопасности для iptables

cipso ipso iptables kernel-module rfc1108 security

Last synced: 05 Oct 2025

https://github.com/dariomonopoli-dev/codegate-cli

Zero Trust Runtime for AI Agents. Isolates pip install in Firecracker MicroVMs to prevent slopsquatting and hallucinated package attacks.

devsecops llm malware-detection python security supply-chain

Last synced: 14 Jan 2026

https://github.com/wayandway/spa

👾 STEALIEN SSL : Static Program Analysis for Black-Box Vulnerability Discovery

security static-analysis

Last synced: 17 Jan 2026

https://github.com/skyf0l/sveltekit-helmet

Important security headers for SvelteKit

csp headers helmet hsts http-headers security sveltekit

Last synced: 11 Apr 2025

https://github.com/xiosec/leakguard

LeakGuard is a project to prevent the use of leaked passwords.

active-directory hardening ldap leak leakguard lsa lsass security windows windows-internals

Last synced: 03 May 2026

https://github.com/monke443/cve-2023-40028

Arbitrary file read in Ghost-CMS allows an attacker to upload a malicious ZIP file with a symlink.

cve cve-2023-40028 exploit ghost-cms github pentesting security vulnerability

Last synced: 07 May 2025

https://github.com/sofianehamlaoui/cybersecuritycare

CyberSecCare : A python Twitter that retweets all Security-Related tweets

bot cyber-security cybersecurity cysecbot-user hacking python python-twitter security sofianehamlaoui twitter-bot

Last synced: 06 Oct 2025

https://github.com/nikogura/keymaster

A tool for configuring Hashicorp Vault for Managed Secrets

security

Last synced: 14 Jan 2026

https://github.com/finleap-connect/vaultoperator

VaultOperator provides a CRD to interact securely and indirectly with secrets stored in Hashicorp Vault.

devops kubernetes secrets security vault

Last synced: 07 Oct 2025

https://github.com/tpritc/verboten_keys

Verboten Keys is a last line of defense to help prevent you and your team from accidentally leaking private information via your APIs.

rack rails ruby security

Last synced: 08 Oct 2025

https://github.com/vdjagilev/owasp-risk-calculator

An attempt to create a basic OWASP Risk Calculator

calculator owasp risk risk-assessment security

Last synced: 12 Mar 2026

https://github.com/contrast-security-oss/integration-verify-github-action

GitHub Action to verify an application by determining whether the application violates a job outcome policy or threshold of open vulnerabilities

assess contrast github-actions security verify

Last synced: 08 Oct 2025

https://github.com/junzhengca/gitscanner

Automatically clone and scan all public GitHub repositories for a given organization.

github hacking pentesting recon scanner security

Last synced: 21 Jan 2026

https://github.com/someaspy/fuckie

Fuck Internet Explorer, Redirect users to a page explaining why its bad.

internet-explorer security website-development

Last synced: 09 Oct 2025

https://github.com/okikio/broadcast-channel-security-vulnerablility

Vulnerability in Broadcast Channel allowing for Arbitrary Code Execution when using Eval (In-direct and with "use strict")

security

Last synced: 18 Jan 2026

https://github.com/divinemonk/hackers_n_devs

Collective resources for HACKERS and DEVELOPERS

dev developer github github-repos hackers repo security

Last synced: 09 Oct 2025

https://github.com/winterpuma/bmstu_security

bmstu, IU7-7, Защита Информации (2020)

7term bmstu data-protection information-security iu7 security

Last synced: 10 Oct 2025

https://github.com/brave-experiments/defi-privacy-measurements

Code and data supporting our research projects on security and privacy issues in DeFi sites.

blockchain defi erc20 ethereum privacy security

Last synced: 07 Apr 2025

https://github.com/glowyphp/csrf

Csrf Package provides Cross Site Request Forgery protection by comparing provided token with session token to ensure request validity.

csrf glowy glowyphp package php php-package security

Last synced: 02 May 2025

https://github.com/edunatalec/encrypt-env

Generate encrypted files to secure sensitive configuration data. Encrypt YAML files and streamline the protection of sensitive information in Flutter applications.

encryption environment security

Last synced: 23 Feb 2026

https://github.com/isabellaalstrom/nd-motionsnapshot

Takes snapshots of your cameras and sends to discord

automation camera cameras discord hacs home-assistant netdaemon security snapshot

Last synced: 15 Apr 2026

https://github.com/mozilla-services/audit-filter

Filter for npm audit results

audit npm security

Last synced: 11 Oct 2025

https://github.com/16patsle/wordpress-csp-manager

WordPress plugin for configuring Content Security Policy headers for your site. Allows different CSP headers for admin, logged inn frontend and regular visitors.

content-security-policy csp hacktoberfest security wordpress wordpress-plugin

Last synced: 11 Oct 2025

https://github.com/wandapeter/hardened-ubuntu-server-dokku

🐋 hardened ubuntu server dokku | This repository contains scripts, configuration templates, and documentation used for the initial setup of a hardened Ubuntu 22.04 LTS server using the Dokku service to host websites in a secure production environment.

aide certbot cis-benchmark cis-level2 devops docker hardened hosting modsecurity modsecurity-nginx nginx security ubuntu-server vps

Last synced: 14 Apr 2026

https://github.com/joocer/fides

Fides - helping you keep secrets secret

action information-leakage passwords scanner security

Last synced: 12 Oct 2025

https://github.com/johnny-morrice/sensephreak

Sensephreak: Single-exe outgoing port block scanner for the web

golang network security

Last synced: 12 Oct 2025

https://github.com/electroniccats/pawprotector

Protects your mobile data from being accidentally shared, stolen, or infected with malware

security security-tools usb usb-charger usb-condom usb-devices

Last synced: 23 Feb 2026

https://github.com/c0oki3s/veilgate

Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker.

ai-security deception golang honeypot ja3 ja4 llm-security pentest prompt-injection reverse-proxy security trapit

Last synced: 21 Jun 2026

https://github.com/motikan2010/serverless-goat-python

Python version of the deliberately vulnerable serverless application Serverless-Goat from

security

Last synced: 27 Feb 2026

https://github.com/netcode/oauthgoat

Vulnerable dockerized environment designed to test OAuth vulnerabilities

oauth-client oauth2 oauth2-server security security-labs vulnerability

Last synced: 14 Feb 2026

https://github.com/tillson/pgctf-problems

Porter-Gaud CTF 2017 Problem Set

ctf ctf-writeups highschool porter-gaud security

Last synced: 12 Feb 2026

https://github.com/samuelquinones/password-generator

Generate secure, hard to guess passwords with the click of a button!

cra create-react-app password progressive-web-app pwa react react-hook-form reactjs security tailwindcss typescript

Last synced: 15 Apr 2026

https://github.com/rakibulhossain/tlsstuff

Learning stuff for TLS.

certificate https security ssl tls

Last synced: 19 Mar 2026

https://github.com/grimdork/awsec

Store secrets in AWS Parameter Store.

aws cli cross-platform secrets security security-tools

Last synced: 01 Apr 2026

https://github.com/thirdkeyai/symbiont-sdk-python

Python DSK for Symbiont DSL and agent framework.

agent agents ai python sdk security symbiont

Last synced: 22 Apr 2026

https://github.com/lasseh/nginx-conf

Production-ready nginx configuration with HTTP/3, security hardening, and performance optimization. Enterprise-grade setup for modern web deployments.

api-gateway configuration devops docker http3 kubernetes nginx performance production reverse-proxy security server ssl sysadmin tls web-server

Last synced: 30 Jan 2026