An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/marcelo-davanco/quality-scanner

Quality Scanner — SonarQube + NestJS/TypeScript analysis toolkit with Docker, 8-step scanner, quality gate, and Next.js dashboard

code-analysis code-quality docker eslint nestjs security sonarqube spectral trivy typescript

Last synced: 20 Feb 2026

https://github.com/saadbazaz/crackhead

A simple, smart & distributed password-cracking algorithm

algorithm password-cracker security

Last synced: 13 Jun 2025

https://github.com/line/webauthndemo-kotlin

WebAuthnDemo Kotlin is a sample application demonstrating the integration of the webauthn-kotlin SDK for secure, password-less authentication in Android apps. It showcases the use of biometric and device credential authenticators, along with examples for registering and authenticating credentials.

authenticator demo fido2 kotlin passwordless security webauthn

Last synced: 02 Sep 2025

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/patricktulskie/dfang

Defang IOCs, written in rust

defang ioc refang security security-tools

Last synced: 28 Apr 2025

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/casbin/mux-authz

gorilla/mux's RBAC & ABAC Authorization middleware based on Casbin

abac acl authz casbin gorilla-mux middleware mux plugin rbac security

Last synced: 22 Apr 2025

https://github.com/badr-1/steganography-cryptography

Console App That Uses Cryptography And Steganography To Embed/Extract Secret Message In/From an Image

encryption kotlin lsb-steganography security xor-encryption

Last synced: 13 Apr 2025

https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 07 Nov 2025

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/demon1a/bounties-uwu

Chrome extension uses the HackerOne API to reveal hidden rewarded bounties on HackerOne

bugbounty hackerone javascript security tools

Last synced: 14 Oct 2025

https://github.com/enquo/cretrit

Comparison-Revealing Encryption primitives

cryptography encryption enquo hacktoberfest order-revealing-encryption ore rust security

Last synced: 05 Apr 2026

https://github.com/jaybrown/application-launch-monitor-alm-

Extend macOS Gatekeeper functionality by verifying applications at every launch

anti-malware anti-virus antimalware antivirus codesign gatekeeper macos malware privacy security

Last synced: 03 Mar 2026

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/IBM/simrun

Attack Simulation Platform (ASP) for detection testing

attack-simulation cloud-security detection-engineering security security-automation threat-detection

Last synced: 26 Jun 2026

https://github.com/bisonai/flutter-machine-learning-security

Protect your Machine Learning model in your Flutter application.

edge-machine-learning encoder-decoder mobile-ai security xor-cipher

Last synced: 18 Oct 2025

https://github.com/boogy/iam-policy-validator

⚡ Stop IAM misconfigurations before they become breaches — Catch overprivileged permissions, dangerous wildcards, and policy errors before deployment.

aws iam security

Last synced: 12 Feb 2026

https://github.com/orijtech/tickeryzer

Check missing (*time.Ticker).Stop() call, which can cause resources leak.

golang security static-analysis

Last synced: 09 Feb 2026

https://github.com/vulnsphere/ai_infra_vuln_pocs

This is the PoC repository of LLM service. Updating...

exploit llm ml nuclei nuclei-templates poc security vulnerability

Last synced: 27 Jan 2026

https://github.com/p0dalirius/securityscripts

This repository contains a set of useful scripts templates for pentesters and security researchers.

pentest python scripts security

Last synced: 03 Jul 2026

https://github.com/rohaquinlop/immunipy

A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust.

cli python python-library sca security vulnerability-detection vulnerability-scanners

Last synced: 17 Oct 2025

https://github.com/ynori7/hulksmash

A very easy-to-use library for building a custom brute-force requester for QA purposes

bruteforce qa qatools security security-tools

Last synced: 23 Jan 2026

https://github.com/soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

dast penetration-testing security soos web-security

Last synced: 24 Feb 2026

https://github.com/neuralegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

appsec brightsec e2e pentesting qa security test testing typescript

Last synced: 17 Mar 2026

https://github.com/zelon88/emotet_analysis-1

A quick & dirty look at an Emotet infection.

analysis botnet campaign emotet heodo malware-analysis opsec security trojan

Last synced: 09 Feb 2026

https://github.com/amadeusitgroup/starter-kit-for-internal-hacking-event

A kit to organize internal hacking events, improving product security and spreading security knowledge.

event fun security

Last synced: 13 Feb 2026

https://github.com/carlocorradini/graphql-auth-directive

GraphQL @auth directive that protects resources from unauthenticated and unauthorized access

auth authentication authorization graphql nodejs security typescript

Last synced: 16 Feb 2026

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026

https://github.com/radoslaw-sz/guardio

The most flexible control plane for AI Agent systems

ai ai-agent ai-agents control-plane framework guard mcp security

Last synced: 01 Apr 2026

https://github.com/prompt-armor/prompt-armor

Open-source prompt injection detector — 5 layers, 91.7% F1, ~27ms, offline, Apache 2.0

ai-safety anomaly-detection cli faiss jailbreak llm llm-security mcp nlp offline onnx prompt-injection prompt-security python security

Last synced: 03 Jun 2026

https://github.com/seznam/jailoc

🔒 Jail your AI agents — sandboxed Docker environments with network isolation for Opencode agents

ai-agents cli devtools docker docker-compose golang network-isolation opencode sandbox security

Last synced: 04 Apr 2026

https://github.com/always-further/runseal

Sealed execution environment for GitHub Actions.

actions isolation sandbox security supply-chain-security

Last synced: 05 Jun 2026

https://github.com/infineon/ek-based-onboarding-optiga-tpm

Guide for Setting Up and Operating Device Onboarding with OPTIGA™ TPM Endorsement Key (EK)

raspberry-pi security tpm2

Last synced: 11 Jul 2025

https://github.com/geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/louib/challenge-response

Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust.

authentication challenge-response encryption hmac hmac-sha1 nitrokey onlykey otp security yubico yubikey

Last synced: 24 Mar 2025

https://github.com/visualbean/hibp.net

A simple .NET wrapper for the HIBP (Have I been pwned?) Api

csharp haveibeenpwned hibp netcore nuget security

Last synced: 10 Oct 2025

https://github.com/bmedicke/reed

notes about 🔍 Reverse Engineering and 🔥 Exploit Development

debugging exploit-development reverse-engineering security

Last synced: 09 Oct 2025

https://github.com/ghostofgoes/ui-prccdc

Scripts, Guides, Tools, and what-not for the University of Idaho PRCCDC team.

ccdc hardening prccdc python scripts security uidaho vyos

Last synced: 22 Apr 2025

https://github.com/dukebarman/android-bulletins-harvester

a simple utility for parsing Android security bulletins

android go security security-tools

Last synced: 14 Jan 2026

https://github.com/cristalhq/ipfilterware

Go HTTP middleware to filter clients by IP address

filtering firewall go golang http ip ipv4 ipv6 middleware security

Last synced: 08 Apr 2025

https://github.com/samouraiworld/sec-guidebook

The Ultimate Security Guide Book for new-cryptorich friends

exploits good-practices privacy protection security wallet

Last synced: 27 Jan 2026

https://github.com/royashbrook/hush

a secret store for AI agents with one rule: the agent never sees the plaintext. get a secret once into the OS keychain, then inject it into commands forever. no get, cross-platform, MIT.

agent-skills ai-agents claude-code cli credentials developer-tools keychain royashbrook-tool secrets secrets-management security

Last synced: 11 Jul 2026

https://github.com/mdeous/dnscheck

Subdomain takeover assessment tool.

dns security subdomain-takeover

Last synced: 11 Apr 2026

https://github.com/iwpnd/fiber-key-auth

fiber api key authentication middleware

api gofiber golang security

Last synced: 20 Mar 2025

https://github.com/stijncaerts/doss

Development of Secure Software: course summary

security

Last synced: 22 Feb 2026

https://github.com/dolmen-go/mylogin

Utilities for reading and writing MySQL' ~/.mylogin.cnf (encrypted MySQL client credentials storage)

credentials encryption golang-library mylogin mysql mysql-client security

Last synced: 12 Jun 2025

https://github.com/apache/santuario-cpp

Mirror of Apache Santuario C++

c java library santuario security xml

Last synced: 10 Jan 2026

https://github.com/rix4uni/portmap

portmap is a fast portscan tool, uses shodan public data for port scan used internetdb.shodan.io and api.shodan.io/shodan/host

bug-bounty bugbounty bugbountytips hacking infosec internetdb osint osint-resources penetration-testing pentest-tool pentesting port-enumeration portscanner recon reconnaissance scan-ports security security-tools shodan threat-intelligence

Last synced: 28 Aug 2025

https://github.com/topscoder/subgomain

A high-performance tool for identifying domain takeovers with support for custom fingerprints and resolver lists.

bugbounty bugbounty-tool domain-takeover infosec infosectools security security-tools subdomain-takeover

Last synced: 04 Jul 2025

https://github.com/flutterguard/flutterguard-cli

Know and see everything an attacker can extract and get from your published Flutter app

android apk cli dart exploit flutter opensource reverse-engineering security static-analysis

Last synced: 13 Jan 2026

https://github.com/catalyst/patch-friend

Which of my hosts are affected by a security advisory?

debian python security security-advisories ubuntu

Last synced: 27 Apr 2025

https://github.com/crashdump/covert

Covert is a deniable encryption software.

cli deniable-encryption encryption sdk security

Last synced: 16 Feb 2026

https://github.com/sjinks/setcap-static

A statically linked lightweight version of setcap(8) to use in `scratch` images

capabilities linux-capabilities scratch-image security security-tools setcap

Last synced: 10 Apr 2025

https://github.com/bandarlabs/cveingest

Convert CVEs into LLMs friendly input with multi level crawling

audio cve llm security

Last synced: 03 Jul 2025

https://github.com/restorm-labs/nuxt-restream

Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.

firebase firebase-storage nuxt nuxt-module nuxt3 security vue3

Last synced: 09 Oct 2025

https://github.com/lehcode/soakp

Secure OpenAI interactions with confidence - safeguard your OpenAI API keys and boost your app security

chatgpt-api openai openai-api security

Last synced: 07 Oct 2025

https://github.com/anchore/s3c-workshops

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

containers devsecops fedramp k8s sbom security supply-chain-security vulnerability-scanners

Last synced: 09 Oct 2025

https://github.com/dhanushnehru/pdf-xss-checker

pdf-xss-checker is a Node.js tool designed to scan PDF files for potential Cross-Site Scripting (XSS) vulnerabilities. It analyzes embedded scripts, forms and suspicious content to help identify security risks in PDFs before they're distributed or displayed in browsers.

pdf pdf-document scanner security security-audit securitytools vulnerability xss xss-attacks xss-detection xss-filter xss-scanner xss-vulnerability

Last synced: 19 Jun 2025

https://github.com/mitre/apache-tomcat-8-cis-baseline

(WIP) (Alpha) InSpec profile for CIS Apache Tomcat v8 Benchmark

apache inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat

Last synced: 21 Apr 2025

https://github.com/jochasinga/firma

Simple Merkle tree implementation based on the Bitcoin white paper.

bitcoin blockchain firma hashtree merkle ocaml security

Last synced: 17 Nov 2025

https://github.com/donedeal0/deepvault

DeepVault allows you to store data in the browser with AES encryption.

aes aes-256 aes-gcm cryptography encryption encryption-decryption gcm local-storage localstorage security

Last synced: 07 Oct 2025

https://github.com/sierrasoftworks/honeypot

A service designed to track malicious SSH login attempts

honeypot security ssh-server

Last synced: 09 Apr 2025

https://github.com/wp-cli/role-command

Adds, removes, lists, and resets roles and capabilities.

access cli hacktoberfest role security wordpress wp-cli wp-cli-package

Last synced: 12 Jun 2025

https://github.com/aw-junaid/security-and-hacking

Explore ethical hacking and security: penetration testing, vulnerability scanning, and exploit development. Includes tools, scripts, and hands-on labs.

ethical-hacking exploit hacking penetration-testing security vulnerabilities vulnerability-scanners

Last synced: 08 Jan 2026

https://github.com/sudoeren/arhus

local-first security analysis for TypeScript & JavaScript

ast bun cli devsecops javascript linter security security-scanner static-analysis typescript

Last synced: 15 Jul 2026

https://github.com/heartsucker/rust-secure-session

Signed, encrypted session cookies for Iron

cryptography http iron rust security session

Last synced: 13 May 2025

https://github.com/itinerisltd/itineris-disable-xml-rpc

Disable WordPress XML-RPC via actions and filters

security wordpress wordpress-plugin xml-rpc

Last synced: 20 Aug 2025

https://github.com/rezen/openvas-up

Levels up scripting OpenVAS

openvas python security vulnerability-scanners

Last synced: 10 Jun 2025

https://github.com/stephenhaunts/text-shredder

A simple tool that applies very strong encryption over text for use with chat or email applications. Use this if you want to add another level of privacy and security that you can control.

cryptography encryption encyption-support privacy privacy-enhancing-technologies privacy-protection security security-tools

Last synced: 11 Apr 2025

https://github.com/authress/authress-sdk.cs

The Authress SDK for C# provides authorization as a service with fully compatible REST apis.

authentication authorization authorization-backend authorization-framework authorization-middleware authorization-server authress nuget security

Last synced: 13 May 2025

https://github.com/bonifield/splunk_on_security_onion

Splunk configs for Security Onion

bro forwarder onion security splunk sysmon zeek

Last synced: 14 Jun 2025

https://github.com/leklund/bauditor

run bundler-audit on a multiple repositories at once

bundler-audit ruby rubygems security

Last synced: 07 Jul 2025

https://github.com/DemiMarie/SlipRock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 11 Mar 2025

https://github.com/zopefoundation/zope.security

Zope Security Framework

maintained proxy python security zope

Last synced: 10 Oct 2025

https://github.com/dajiaji/flask-paseto-extended

PASETO (Platform-Agnostic Security Token) for Flask applications.

flask flask-extension jose jwt paseto past python security token

Last synced: 23 Apr 2025

https://github.com/jpmcb/pwnkit-go

Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go

cybersecurity infosec security

Last synced: 09 Aug 2025

https://github.com/digitalruby/socketcloser

Close ipv4 and ipv6 sockets on Windows and Linux

ipv4 ipv6 linux network networking security sockets windows

Last synced: 24 Jul 2025

https://github.com/octogonapus/registryscanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 28 Jun 2025