An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/c0oki3s/veilgate

Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker.

ai-security deception golang honeypot ja3 ja4 llm-security pentest prompt-injection reverse-proxy security trapit

Last synced: 21 Jun 2026

https://github.com/dedene/claw-wrap

A secure credential proxy for CLI tools. Executes tools with secrets on behalf of sandboxed processes - credentials never enter the sandbox.

cli openclaw proxy security

Last synced: 21 Feb 2026

https://github.com/ph7software/secure-password-generator

πŸ” A simple way to generate random passwords. Compatible with PHP 5.6+

password password-generator php-password-generator php56 security simple-password-generator

Last synced: 09 Apr 2025

https://github.com/visible/noro

one-time secret sharing for env vars

cli encryption env env-vars one-time one-time-secret secrets security sharing

Last synced: 29 Jan 2026

https://github.com/assaf-r/aisir

Named after the beautiful loch Aisir in northen Scotland, Aisir is an Ebpf based tool that logs and filters connection to remote IP addresses

ebpf ebpf-programs firewall linux security security-tools

Last synced: 01 Apr 2026

https://github.com/edmartt/profilesaver

This is a password manager developed for fun and learning about MVC.

desktop-application java mvc-application password password-generator password-manager passwordmanager security

Last synced: 06 Jan 2026

https://github.com/sidhaler/jmsscanner

JmS network port scanner

network rust scanner security

Last synced: 25 Mar 2025

https://github.com/kimbeobwoo/nestjs-security

A package that provides a variety of security features applicable at the application level. It is basically designed to be compatible with the nestjs framework and can be applied to traditional business logic without any impact.

csrf ip nestjs nestjs-security rate-limiting security

Last synced: 23 Apr 2025

https://github.com/jenkinsci/signpath-plugin

Submits a build artifact to SignPath Code Integrity Platform for build integrity check and code signing.

code-signing security supply-chain-security

Last synced: 17 Jul 2025

https://github.com/bifrost-technologies/crystals

Crystals is a post-quantum verification protocol for Solana leveraging the power of Dilithium 2 & 3 -- achieving more than 128 bits of security against all known classical and quantum attacks.

blockchain crystals crystals-dilithium dilithium pqc quantum rust security smart-contract solana solana-program

Last synced: 23 Apr 2025

https://github.com/amusarra/liferay-portal-security-audit

This project implements some of the mechanisms of the Liferay Portal Security Framework and in particular of the Audit Framework section. Customized message processor audits have been implemented such as: CloudAMQP Audit Message Processor, Login Failure Message Processor and Syslog Audit Message Processor

audit audit-message audit-router audit-service liferay liferay7 message-processors osgi security

Last synced: 21 Jul 2025

https://github.com/seroperson/zio-http-pac4j

zio-http wrapper for pac4j, security framework to protect your web applications

jwt oauth2 pac4j security zio zio-http

Last synced: 04 Sep 2025

https://github.com/capelabs/threatmesh-feed

ThreatMesh is an integrated threat intelligence engine that connects malicious IPs, scripts, and open-source signals into a unified mesh for real-time detection and context-rich analysis.

dataset security security-tools threat threat-intelligence

Last synced: 04 Feb 2026

https://github.com/containerssh/images

The ContainerSSH container images

devsecops docker kubernetes security ssh

Last synced: 23 Apr 2025

https://github.com/donbarbos/i2p-jabber

🐧 Script to configure Jabber (a.k.a. XMPP) server inside i2p network

bash i2p i2pd jabber linux privacy prosody script security self-hosted shell xmpp

Last synced: 05 Feb 2026

https://github.com/localden/mcp-auth-servers

πŸ”’ Reference MCP servers that demo how authentication works with the current Model Context Protocol spec.

authentication authorization mcp model-context-protocol security

Last synced: 10 Apr 2025

https://github.com/guardrailsio/docker-phpcs-security-audit

Dockerized version of PHPCS-Security-Audit

devsecops php security security-tools

Last synced: 02 Apr 2025

https://github.com/rucas/shh

:see_no_evil: :hear_no_evil: :speak_no_evil: - AWS KMS Express Middleware

aws aws-kms express express-middleware security

Last synced: 17 Jan 2026

https://github.com/landlock-lsm/tuto-lighttpd

Landlock tutorial to patch lighttpd

landlock linux sandboxing security

Last synced: 09 Aug 2025

https://github.com/suzuki-shunsuke/deny-self-approve

CLI to deny self-approved GitHub Pull Requests

cli oss security

Last synced: 24 Apr 2025

https://github.com/craftzman7/pentest-mcp

Automated discovery and exploitation of security vulnerabilities using natural language and LLMs.

llm mcp pentesting security

Last synced: 14 Jul 2025

https://github.com/robertdebock/ansible-role-upgrade

Upgrade a package only if it is installed otherwise do nothing.

ansible molecule playbook security tox upgrade

Last synced: 02 Apr 2026

https://github.com/gordonzhang2024/xss-shield

A Python library to prevent your website from being attacked

python python-3 python-package python3 security web xss xss-attacks xss-scanner

Last synced: 24 Apr 2025

https://github.com/netanelc305/heimdall

Virtual Machine introspection tool

introspeciton kvm linux macos security vm windows xen

Last synced: 05 Sep 2025

https://github.com/open-turo/actions-security

GitHub Actions for security checks

action ci gha github security

Last synced: 16 Jan 2026

https://github.com/ariary/aravisfs

Encrypted filesystem πŸ” And a CLI to remotely and securely interact with (if you want to store encrypted private data on ☁️)

cloud encryption filesystem pentest-tool privacy security

Last synced: 26 Apr 2025

https://github.com/dajiaji/mkkey

Application-layer Key Generator supporting JWK (JSON Web Key) and PASERK (Platform-Agnostic Serialized Keys).

cryptography jose jwk jwt paserk paseto python security

Last synced: 14 Jan 2026

https://github.com/suzuki-shunsuke/trivy-config-action

GitHub Actions for trivy config

github-actions oss security

Last synced: 06 Jul 2025

https://github.com/geeklearningio/gl-ionic-secure-file-storage

A service using two encryption plugins to encrypt data on iOS and Android

cordova cryptography ionic security storage

Last synced: 28 Apr 2025

https://github.com/equk/ffox_profile_tools

🦊 linux firefox profiles with security presets & userchrome styles

firefox firefox-profiles mozilla mozilla-firefox namespaces prefs preset privacy security security-hardening userchrome

Last synced: 10 Apr 2025

https://github.com/badrap/docs.badrap.io

The docs.badrap.io experienceβ„’

documentation github-pages security vuepress

Last synced: 03 Jan 2026

https://github.com/dariomonopoli-dev/codegate-cli

Zero Trust Runtime for AI Agents. Isolates pip install in Firecracker MicroVMs to prevent slopsquatting and hallucinated package attacks.

devsecops llm malware-detection python security supply-chain

Last synced: 14 Jan 2026

https://github.com/wayandway/spa

πŸ‘Ύ STEALIEN SSL : Static Program Analysis for Black-Box Vulnerability Discovery

security static-analysis

Last synced: 17 Jan 2026

https://github.com/finleap-connect/vaultoperator

VaultOperator provides a CRD to interact securely and indirectly with secrets stored in Hashicorp Vault.

devops kubernetes secrets security vault

Last synced: 07 Oct 2025

https://github.com/ghr-actions/settings-check

Checks that a GitHub repo's settings line up with a specification

actions github-actions github-api security

Last synced: 16 Apr 2026

https://github.com/junzhengca/gitscanner

Automatically clone and scan all public GitHub repositories for a given organization.

github hacking pentesting recon scanner security

Last synced: 21 Jan 2026

https://github.com/okikio/broadcast-channel-security-vulnerablility

Vulnerability in Broadcast Channel allowing for Arbitrary Code Execution when using Eval (In-direct and with "use strict")

security

Last synced: 18 Jan 2026

https://github.com/divinemonk/hackers_n_devs

Collective resources for HACKERS and DEVELOPERS

dev developer github github-repos hackers repo security

Last synced: 09 Oct 2025

https://github.com/hhruszka/secrethunter

secretshunter is a penetration testing tool that uses regular expressions to search a filesystem for secrets (logins, passwords, API keys, hashes, ssh keys etc.).

scaning secrets secrets-detection security

Last synced: 14 Jan 2026

https://github.com/winterpuma/bmstu_security

bmstu, IU7-7, Π—Π°Ρ‰ΠΈΡ‚Π° Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΠΈ (2020)

7term bmstu data-protection information-security iu7 security

Last synced: 10 Oct 2025

https://github.com/mozilla-services/audit-filter

Filter for npm audit results

audit npm security

Last synced: 11 Oct 2025

https://github.com/joocer/fides

Fides - helping you keep secrets secret

action information-leakage passwords scanner security

Last synced: 12 Oct 2025

https://github.com/johnny-morrice/sensephreak

Sensephreak: Single-exe outgoing port block scanner for the web

golang network security

Last synced: 12 Oct 2025

https://github.com/robertdebock/ansible-role-vault_agent

Install and configure HashiCorp Vault Agent on your system.

ansible application cloud infrastructure linux molecule playbook security system tools tox vaultagent

Last synced: 13 Mar 2026

https://github.com/chalbersma/manowar

Jellyfish opensourced, a tool for profiling servers.

security

Last synced: 22 Jan 2026

https://github.com/wultra/powerauth-cmd-tool

Command-line utility for PowerAuth Reference Client

authentication authorization mobile-security security testing-tools

Last synced: 21 Jan 2026

https://github.com/luckman212/dstat

CLI tool to query the screen sleep or lock status

displays macos screen security shell-scripting utility

Last synced: 16 Oct 2025

https://github.com/openwall/popa3d

Tiny POP3 daemon designed with security as the primary goal

daemon pop3 security server

Last synced: 16 Oct 2025

https://github.com/saed-gpr/file-deleter

this tool can delete all file (or just .psd file or another)!! you can open the "file deleter.py" with vscode and edit it how you like!

file-deleter python python-virus python3 saed-gpr security security-tools simple-virus tools virus

Last synced: 24 Feb 2026

https://github.com/k1low/oshka

oshka is a tool for extracting nested CI/CD supply chains and executing commands.

github-actions security supply-chain

Last synced: 18 Oct 2025

https://github.com/roptat/hayha

Verifying CloudFormation deployments for intra-update sniping vulnerabilities

security

Last synced: 15 Mar 2026

https://github.com/petemcw/ansible-role-security-updates

Automatic Security Updates Role for Ansible

ansible ansible-role security unattended-upgrades yum-cron

Last synced: 26 Oct 2025

https://github.com/javiorfo/go-microservice-mongo

Go, MongoDB, Tracing, Auditory, Swagger and Keycloak

api-rest fiber go golang keycloak mongodb security web

Last synced: 24 Jan 2026

https://github.com/lasseh/nginx-conf

Production-ready nginx configuration with HTTP/3, security hardening, and performance optimization. Enterprise-grade setup for modern web deployments.

api-gateway configuration devops docker http3 kubernetes nginx performance production reverse-proxy security server ssl sysadmin tls web-server

Last synced: 30 Jan 2026

https://github.com/localzet/lwt

Localzet LWT is a library for working with Localzet Web Tokens, which are based on JWT (JSON Web Tokens). It provides functionality for creating, verifying, and handling tokens using modern technologies and standards.

library security

Last synced: 09 Feb 2026

https://github.com/4m3rr0r/cve-2011-2523-poc

Python exploit for CVE-2011-2523 (VSFTPD 2.3.4 Backdoor Command Execution)

cve cve-2011-2523 exploit python security vsftpd-exploit

Last synced: 11 Feb 2026

https://github.com/motikan2010/serverless-goat-python

Python version of the deliberately vulnerable serverless application Serverless-Goat from

security

Last synced: 27 Feb 2026

https://github.com/alexw00/secured-env

Utility script to source environment variables from 1Password.

1password environment environment-variables op security

Last synced: 13 Feb 2026

https://github.com/micchickenburger/cryptotools

A versatile cryptographic tool for data hashing, encryption, decryption, digital signing, password security, and secure random number generation, entirely in the browser.

aes argon2 bcrypt crypto cryptography cryptography-tools cybersecurity digest encryption encryption-decryption hashing pake pki rsa security security-tools sha

Last synced: 13 Feb 2026

https://github.com/ddspringle/pwnedpasswords_cfml

I implement the Have I Been Pwned Passwords API in CFML (ColdFusion)

cfml coldfusion coldfusion-library security security-hardening security-vulnerability

Last synced: 13 Feb 2026

https://github.com/radareorg/r2sarif

Load, manage and create SARIF documents with radare2

radare2 reports sarif security

Last synced: 14 Feb 2026

https://github.com/netcode/oauthgoat

Vulnerable dockerized environment designed to test OAuth vulnerabilities

oauth-client oauth2 oauth2-server security security-labs vulnerability

Last synced: 14 Feb 2026

https://github.com/turbot/flowpipe-mod-teams

Microsoft Teams pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect Microsoft Teams to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code microsoft-teams orchestration pipelines security teams workflow workflow-automation workflow-engine

Last synced: 28 Feb 2026

https://github.com/timgrossmann/securitycat

Conent and PoC of my security testing automation thesis

policy security security-rat security-tools thesis

Last synced: 16 Feb 2026

https://github.com/turbot/flowpipe-mod-entra

Microsoft Entra ID pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect Microsoft Entra ID to the people, systems and data that matters.

automation cloud devops entra flowpipe flowpipe-mod hacktoberfest integrations low-code microsoft-entra orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 01 Mar 2026

https://github.com/jpcertcc/yamagoya

Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA

security sigma threat-hunting yara

Last synced: 02 Mar 2026

https://github.com/jaegertracing/security-audits

Jaeger security audits

cncf security

Last synced: 02 Mar 2026

https://github.com/clagentic/clagentic-lite

A personal coding harness with serious gates. POSIX shell, two SQLite files, no server.

ai-tooling claude-code code-review developer-tools posix-shell security

Last synced: 02 Jun 2026

https://github.com/karakun/encrypted-filechannel

Transparent encryption for java.nio.channels.FileChannel

crypto cryptography java nio security tink

Last synced: 05 Mar 2026

https://github.com/falc0ntech/sarifcourier

A GitHub Action to render SARIF Security Reports right into your Pull Requests. Without the need for GHAS support!

cli github-actions sarif security

Last synced: 18 Apr 2026

https://github.com/rohansx/nullbox

immutable, minimal Linux OS purpose-built for AI agents. No SSH, no shell, no systemd - just microVMs, default-deny networking, and shared agent memory

agent-os ai-agent immutable-infrastucture immutable-os libkrun linux microvms os rust security

Last synced: 04 Apr 2026

https://github.com/dredozubov/hazmat

macOS containment for AI agents β€” user isolation, kernel sandbox, pf firewall, DNS blocklist, backup/rollback. TLA+ verified.

ai-agents claude-code cli containment developer-tools formal-verification go macos pf-firewall sandbox seatbelt security tla-plus

Last synced: 10 Apr 2026

https://github.com/dineshkrishna9999/firsttoknow

πŸ”” Stop being the last to know. AI agent that tracks YOUR stack and briefs you like a CTO.

ai ai-agent automation cli cve-scanner developer-tools hacker-news llm npm pypi python security tech-news vulnerability-scanner

Last synced: 05 Apr 2026

https://github.com/tdmalone/cloudfront-security-headers

A quick Lambda@Edge function to add security headers to AWS CloudFront responses.

aws cloudfront headers lambda lambda-edge node-js security

Last synced: 10 May 2026

https://github.com/dinanathdash/envault

Auditable .env secret manager featuring aggressive CLI safeguards and GitHub JIT access.

cli developer-tools devsecops dotenv jit-access secret-manager secrets-management security

Last synced: 20 Apr 2026

https://github.com/devinbarry/longline

A safety hook for Claude Code that parses Bash commands and enforces configurable security policies

bash claude-code cli hook rust safety security tree-sitter

Last synced: 30 May 2026

https://github.com/idthings/idengine

Open sourced project for the core engine used in idThings.

arduino arduino-nano containers iot iot-device microservices security things

Last synced: 25 Apr 2026

https://github.com/lucadibello/virtualsafe

πŸ”’ Crypt your directories and make your files completely unreadable!

cryptography fernet privacy-tools python security security-tool

Last synced: 06 Jun 2026

https://github.com/szgabsz91/oauth2-authorization-proxy-server-spring-boot

Library for easily securing REST API endpoints in a Spring Boot applications using the reactive Spring WebFlux stack

facebook google oauth2 security spring-boot

Last synced: 20 Feb 2026

https://github.com/eriksjolund/empty-argv-segfault-check

Test if an executable segfaults when started with an empty argv. The script may be used as a vulnerability-scanner to find setuid executables having buggy code (but it will probably not find any direct security vulnerabilities).

security segfault setuid vulnerability-scanners

Last synced: 06 Apr 2025