Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/square/ghostunnel

A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.

crypto go hsm keychain pkcs11 proxy security ssl stunnel tls tunnel

Last synced: 09 Dec 2024

https://github.com/nikitavoloboev/privacy-respecting

Curated List of Privacy Respecting Services and Software

curated-list privacy security security-tools self-hosted

Last synced: 02 Dec 2024

https://github.com/kadenzipfel/smart-contract-vulnerabilities

A collection of smart contract vulnerabilities along with prevention methods

blockchain ethereum security solidity

Last synced: 09 Jan 2025

https://github.com/cisagov/Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek

Last synced: 01 Nov 2024

https://github.com/lirantal/is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

hacktoberfest lighthouse nodejs scan security security-vulnerabilities vulnerabilities

Last synced: 07 Jan 2025

https://github.com/arthaud/git-dumper

A tool to dump a git repository from a website

git security web

Last synced: 09 Jan 2025

https://github.com/bishopfox/cloudfox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 08 Jan 2025

https://github.com/BishopFox/CloudFox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 14 Nov 2024

https://github.com/pirate/sites-using-cloudflare

:broken_heart: Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement.

cdn cloudflare dns https passwords security ssl

Last synced: 25 Sep 2024

https://github.com/gitguardian/apisecuritybestpractices

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

api keys leaked security security-tools

Last synced: 30 Nov 2024

https://github.com/oxsecurity/megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

apex autofix azure-pipelines best-practices code-quality formatter gitlab-ci golang groovy java jenkins kotlin linter linters markdown megalinter python sarif-report security terraform

Last synced: 07 Jan 2025

https://github.com/GitGuardian/APISecurityBestPractices

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

api keys leaked security security-tools

Last synced: 20 Nov 2024

https://github.com/6mile/devsecops-playbook

This is a step-by-step guide to implementing a DevSecOps program for any size organization

devsecops playbook security

Last synced: 29 Nov 2024

https://github.com/6mile/DevSecOps-Playbook

This is a step-by-step guide to implementing a DevSecOps program for any size organization

devsecops playbook security

Last synced: 06 Nov 2024

https://github.com/checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

appsec cloudnative devsecops golang hacktoberfest iac infrastructure-as-code open-policy-agent security security-tools vulnerability-detection vulnerability-scanners

Last synced: 24 Oct 2024

https://github.com/Checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

appsec cloudnative devsecops golang hacktoberfest iac infrastructure-as-code open-policy-agent security security-tools vulnerability-detection vulnerability-scanners

Last synced: 25 Oct 2024

https://github.com/cisagov/scubagear

Automation to assess the state of your M365 tenant against CISA's baselines

assessment-tool cisa contributions-welcome cybersecurity m365 open-policy-agent open-source powershell rego scuba security security-automation

Last synced: 09 Jan 2025

https://github.com/BishopFox/cloudfox

Automating situational awareness for cloud penetration tests.

aws cloud cloud-security golang penetration-testing-tools security

Last synced: 03 Nov 2024

https://github.com/jkornev/hidden

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

driver kernel malware-analysis rce registry rootkit security windows

Last synced: 04 Jan 2025

https://github.com/cossacklabs/themis

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

asymmetric-cryptography authentication cryptography cryptography-library encryption golang ios java javascript objective-c owasp php python ruby rust secure-messenger secure-storage security swift symmetric-cryptography

Last synced: 07 Jan 2025

https://github.com/ankit0183/Wifi-Hacking

Cyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES)

crack-handshake hackathon hacking-tool python security wifi-hacking wp8 wps

Last synced: 21 Nov 2024

https://github.com/hotcakex/harden-windows-security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

1st-party-security applicationcontrol bitlocker defender encryption enterprise-security firewall-configuration harden module operation-system-security powershell powershell-script proactive security security-hardening tpm2 wdac windows windows11 windowsdefender

Last synced: 09 Jan 2025

https://github.com/brunofacca/zen-rails-security-checklist

Checklist of security precautions for Ruby on Rails applications.

checklist rails ruby ruby-on-rails security security-vulnerability

Last synced: 04 Jan 2025

https://github.com/josephzhu1983/java-common-mistakes

书籍《Java 开发坑点解析:从根因分析到最佳实践》 & 极客时间专栏《Java业务开发常见错误100例》源码

design-patterns java jvm mistake pitfalls security spring troubleshooting

Last synced: 04 Jan 2025

https://github.com/ffffffff0x/dork-admin

盘点近年来的数据泄露、供应链污染事件

data-breach data-leakage ffffffff0x list privacy security

Last synced: 26 Sep 2024

https://github.com/x676f64/secureum-mind_map

Central Repository for the Epoch 0 coursework and quizzes. Contains all the content, cross-referenced and linked.

blockchain ethereum evm security solidity web3

Last synced: 04 Jan 2025

https://github.com/owtf/owtf

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

framework kali-linux owasp owtf pentest python security web-application-security

Last synced: 29 Oct 2024

https://github.com/ffffffff0x/Dork-Admin

盘点近年来的数据泄露、供应链污染事件

data-breach data-leakage ffffffff0x list privacy security

Last synced: 03 Nov 2024

https://github.com/h3xduck/triplecross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

backdoor ebpf kernel libbpf rootkit security

Last synced: 04 Jan 2025

https://github.com/kozmer/log4j-shell-poc

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

cve-2021-44228 java log4j security

Last synced: 26 Sep 2024

https://github.com/HolyBugx/HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

api api-security bugbounty bugbounty-writeups bugbountytips checklist pentest pentesting security web webapp websecurity writeups

Last synced: 21 Nov 2024

https://github.com/phith0n/javathings

Share Things Related to Java - Java安全漫谈笔记相关内容

java security

Last synced: 09 Jan 2025

https://github.com/hummerrisk/hummerrisk

HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。

cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability

Last synced: 04 Jan 2025

https://github.com/securitytxt/security-txt

A proposed standard that allows websites to define security policies.

ietf ietf-rfcs infosec internet-draft issue-tracker policy security standard

Last synced: 30 Nov 2024

https://github.com/HotCakeX/Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

1st-party-security applicationcontrol bitlocker defender encryption enterprise-security firewall-configuration harden module operation-system-security powershell powershell-script proactive security security-hardening tpm2 wdac windows windows11 windowsdefender

Last synced: 06 Nov 2024

https://github.com/HummerRisk/HummerRisk

HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。

cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability

Last synced: 12 Nov 2024

https://github.com/p3nt4/powershdll

Run PowerShell with rundll32. Bypass software restrictions.

applocker powershell security

Last synced: 05 Jan 2025

https://github.com/parsiya/Hacking-with-Go

Golang for Security Professionals

go security

Last synced: 14 Nov 2024

https://github.com/newlifex/x

Core basic components: log (file / network), configuration (XML / JSON / HTTP), cache (memory / redis), network (TCP / UDP / HTTP), RPC framework, serialization (binary / XML / JSON), APM performance tracking. 核心基础组件,日志(文件/网络)、配置(XML/Json/Http)、缓存(内存/Redis)、网络(Tcp/Udp/Http)、RPC框架、序列化(Binary/XML/Json)、APM性能追踪。

api network newlife reflection rpc security serialize server service thread

Last synced: 08 Jan 2025

https://github.com/h3xduck/TripleCross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

backdoor ebpf kernel libbpf rootkit security

Last synced: 01 Nov 2024

https://github.com/grrrdog/weird_proxies

Reverse proxies cheatsheet

cheatsheet pentesting reverse-proxy security

Last synced: 14 Oct 2024

https://github.com/GrrrDog/weird_proxies

Reverse proxies cheatsheet

cheatsheet pentesting reverse-proxy security

Last synced: 24 Oct 2024

https://github.com/phith0n/JavaThings

Share Things Related to Java - Java安全漫谈笔记相关内容

java security

Last synced: 21 Nov 2024

https://github.com/dephell/dephell

:package: :fire: Python project management. Manage packages: convert between formats, lock, install, resolve, isolate, test, build graph, show outdated, audit. Manage venvs, build package, bump version.

conda dependencies dependency-graph dependency-resolution docker flit license-management pip pipenv pipfile poetry project-management pypi python release security testing venv versioning wheels

Last synced: 25 Sep 2024

https://github.com/p4-team/ctf

Ctf solutions from p4 team

capture-the-flag ctf security writeup

Last synced: 15 Oct 2024

https://github.com/zer0yu/cybersecurityrss

CyberSecurityRSS: A collection of cybersecurity rss to make you better!

cyberspace-security knowledgebase redteam rss rss-subscription security websecurity

Last synced: 04 Dec 2024

https://github.com/p3nt4/PowerShdll

Run PowerShell with rundll32. Bypass software restrictions.

applocker powershell security

Last synced: 06 Nov 2024

https://github.com/JosephZhu1983/java-common-mistakes

书籍《Java 开发坑点解析:从根因分析到最佳实践》 & 极客时间专栏《Java业务开发常见错误100例》源码

design-patterns java jvm mistake pitfalls security spring troubleshooting

Last synced: 29 Oct 2024

https://github.com/bytedance/android-inline-hook

:fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.

android androidinlinehook arm arm64 hook inline inlinehook jni ndk security thumb

Last synced: 09 Jan 2025

https://github.com/NewLifeX/X

Core basic components: log (file / network), configuration (XML / JSON / HTTP), cache (memory / redis), network (TCP / UDP / HTTP), RPC framework, serialization (binary / XML / JSON), APM performance tracking. 核心基础组件,日志(文件/网络)、配置(XML/Json/Http)、缓存(内存/Redis)、网络(Tcp/Udp/Http)、RPC框架、序列化(Binary/XML/Json)、APM性能追踪。

api network newlife reflection rpc security serialize server service thread

Last synced: 02 Nov 2024

https://github.com/zer0yu/CyberSecurityRSS

CyberSecurityRSS: A collection of cybersecurity rss to make you better!

cyberspace-security knowledgebase redteam rss rss-subscription security websecurity

Last synced: 21 Nov 2024

https://github.com/ankit0183/wifi-hacking

Cyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES)

crack-handshake hackathon hacking-tool python security wifi-hacking wp8 wps

Last synced: 15 Oct 2024

https://github.com/dreadl0ck/netcap

A framework for secure and scalable network traffic analysis - https://netcap.io

analysis detection intrusion monitoring network security traffic

Last synced: 04 Jan 2025

https://github.com/nccgroup/Scout2

Security auditing tool for AWS environments

aws security

Last synced: 03 Nov 2024

https://github.com/netflix/lemur

Repository for the Lemur Certificate Manager

aws python security ssl ssl-certificates tls

Last synced: 07 Jan 2025

https://github.com/praetorian-inc/noseyparker

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

credentials devsecops penetration-testing rust scanner secrets secrets-detection security security-tools

Last synced: 09 Jan 2025

https://github.com/authorizerdev/authorizer

Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box.

2fa auth authentication authorization docker golang graphdb graphql hacktoberfest magic-link microservice nosql oauth2 role-based-access-control security social-logins sql typescript user-privileges

Last synced: 09 Jan 2025

https://github.com/Netflix/lemur

Repository for the Lemur Certificate Manager

aws python security ssl ssl-certificates tls

Last synced: 09 Nov 2024

https://github.com/gregwar/captcha

PHP Captcha library

anti-bot anti-spam bots captcha php security

Last synced: 07 Jan 2025

https://github.com/pyupio/safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

cicd dependency-management devsecops open-source-security package-management python security security-vulnerability travis vulnerability-detection vulnerability-scanners

Last synced: 07 Jan 2025

https://github.com/Gregwar/Captcha

PHP Captcha library

anti-bot anti-spam bots captcha php security

Last synced: 25 Oct 2024

https://github.com/itext/itext-dotnet

iText for .NET is the .NET version of the iText library, formerly known as iTextSharp, which it replaces. iText represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enha

accessibility acroform archiving ccpa digital-signature documents encryption fips itextsharp library pades pdf pdf-generation pdfa pdfua sdk security signature-validation svg xfdf

Last synced: 09 Jan 2025

https://github.com/lutfumertceylan/top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection

Last synced: 02 Dec 2024

https://github.com/complexorganizations/wireguard-manager

✔️ WireGuard-Manager is an innovative tool designed to streamline the deployment and management of WireGuard VPNs. Emphasizing user-friendliness and security, it simplifies the complexities of VPN configuration, offering a robust yet accessible solution for both personal and professional use.

censorship censorship-circumvention encryption gfw linux networking privacy road-warrior security self-hosted vpn vpn-setup wireguard

Last synced: 02 Jan 2025

https://github.com/moul/sshportal

:tophat: simple, fun and transparent SSH (and telnet) bastion server

bastion devops fun security ssh ssh-server

Last synced: 03 Jan 2025

https://github.com/nccgroup/sobelow

Security-focused static analysis for the Phoenix Framework

elixir phoenix-framework security static-analysis

Last synced: 07 Jan 2025

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 84 personal-security-checklist 243 awesome-security 321 awesome-web-security 405 awesome-ctf 220 android-security-awesome 211 awesome-incident-response 218 awesome-hacker-search-engines 501 Awesome-WAF 172 awesome-privacy 639 awesome-security-hardening 204 DevSecOps 181 awesome-infosec 213 awesome-cybersecurity-blueteam 252 awesome-sec-talks 264 WebHackersWeapons 408 awesome-vehicle-security 220 awesome-api-security 199 awesome-nodejs-security 179 awesome-game-security 90 backend-cheats 961 awesome-cloud-security 153 awesome-iot-hacks 70 awesome-golang-security 34 alternative-frontends 119 awesome-windows-domain-hardening 70 DevSecOps 48 awesome-embedded-and-iot-security 131 awesome-iam 274 Awesome-FL 2,323 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 309 awesome-ethereum-security 81 osx-and-ios-security-awesome 57 Awesome-Cybersecurity-Datasets 54 awesome-executable-packing 666 awesome-aws-security 164 awesome-he 82 awesome-python-security 35 security-apis 112 awesome-vulnerable-apps 88 graph-adversarial-learning-literature 314 awesome-opa 224 MobileHackersWeapons 71 awesome-runners 36 SmartContracts-audit-checklist 46 awesome-russian-it 514 awesome-llm-security 94 awesome-lists 576
Security Categories
Uncategorized 2,536 fl in top-tier journal 1,487 :books: Literature 1,368 Pentesting 1,312 Tools 868 fl in top ml conference and journal 847 Attack 649 Operating Systems 626 Threat Hunting: 455 **Мероприятия** 453 Weapons 450 Blue Team 432 Papers 420 Other Lists 415 Defense 371 fl on graph data and graph neural networks 330 Programming Language 325 Resources 313 Malware Analysis 297 fl in top ai conference and journal 289