An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/jmcph4/fuzzbang

Python 3 package providing basic fuzzing support

fuzz fuzz-testing fuzzer fuzzing python security vulnerability-detection

Last synced: 07 Apr 2025

https://github.com/shinesolutions/aem-test-suite

AEM infrastructure test suite covering acceptance, recovery, security guideline testing scenarios

acceptance aem aem-opencloud performance recovery security testing

Last synced: 06 Mar 2026

https://github.com/cwshugg/gurthang

[Masters Thesis] A connection-multiplexing web server fuzzing harness for AFL++.

afl aflplusplus fuzzing networking security systems-programming

Last synced: 19 Apr 2025

https://github.com/jul10l1r4/identificador-cve-2018-11759

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing

Last synced: 16 May 2025

https://github.com/njokuscript/blowfishjs

A Typescript/Javascript library for interacting with the Blowfish APIs

javascript security solana web3

Last synced: 19 Apr 2025

https://github.com/bitexpert/sulu-securitytxt-bundle

Sulu Bundle to manage security.txt files

php security sulu sulu-bundle symfony

Last synced: 14 Apr 2025

https://github.com/skyzyx/engineering-for-site-reliability

Overall map of topics to cover for my “Engineering for Site Reliability” blog series.

ci-cd cicd devops docker security site-reliability site-reliability-engineering sre terraform

Last synced: 25 Mar 2025

https://github.com/hugobatista/tailhoogram

Send Tailscale webhook events to Telegram using Cloudflare Workers

audit cloudflare cloudflare-workers events security tailnet tailscale telegram webhook

Last synced: 26 May 2026

https://github.com/homebrew/homebrew-brew-vulns

🔓 A Homebrew subcommand that checks installed packages for vulnerabilities

brew homebrew security vulnerability-scanners

Last synced: 05 Feb 2026

https://github.com/m-mizutani/aws-honeypot-templates

CloudFormation templates of low interaction honeypot on AWS

cloudformation honeypot security

Last synced: 27 Apr 2025

https://github.com/picobaz/nexusbrute

NexusBrute: A modular Node.js brute-force login tester for ethical security audits. Simulate password attacks with smart patterns, auto-CSRF handling, and CSV logging. Harden your systems—use with permission only!

bruteforce cybersecurity ethical-hacking login-tester nodejs password-audit penetration-testing security web-security

Last synced: 06 Jan 2026

https://github.com/aginies/virt-scenario

Prepare a Virtual Machine libvirt XML config and the host to match a specific scenario usage

alp confidential-computing host libvirt opensuse qemu scenarios secure-computation security sev sev-es suse virtual-machine virtualization xml xml-schema

Last synced: 09 Oct 2025

https://github.com/picobaz/pyformblaster

PyFormBlaster: A sleek Python web form fuzzer for ethical security audits. Blast forms with random and malicious inputs to uncover XSS, SQL Injection, and more. Features auto-field detection, CSV logging, and modular config. Test responsibly!

cybersecurity ethical-hacking form-fuzzer fuzzing penetration-testing python security web-security

Last synced: 09 Oct 2025

https://github.com/hxsecurity/dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.

applicationsecuritymonitoring devsecops django dongtai dongtai-iast security

Last synced: 26 Apr 2025

https://github.com/eyevinn/node-cat

Node library for generating and validating Common Access Tokens (CTA-5007)

cat commonaccesstoken contentprotection cwt security

Last synced: 06 Oct 2025

https://github.com/kubeshop/monokle-action

Run this GitHub action to validate your Kubernetes resources with the Monokle SARIF validator.

devsecops github-actions kubernetes sarif sarif-report scanner security validation

Last synced: 07 Apr 2025

https://github.com/mooxphp/user-device

[READ-ONLY] Manage and let users manage Known Devices in Filament to enhance security

devices filament laravel security user

Last synced: 20 Feb 2026

https://github.com/theamazingpt/passman

A dmenu frontend for password-store (Pass: The Standard Unix Password Manager)

bash dmenu linux manager pass password password-store security unix

Last synced: 10 Mar 2026

https://github.com/sattyamjjain/agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 194 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.

ai-agent ai-agent-security ai-safety ai-security claude-code github-action mcp mcp-security owasp sarif scanner security security-scanner static-analysis supply-chain-security tool-poisoning

Last synced: 23 May 2026

https://github.com/muqsit/2fa

[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.

2fa mfa pmmp pocketmine-mp security

Last synced: 05 Aug 2025

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/acartag7/mcp-sso

OAuth / SSO bridge for remote MCP servers when your IdP does not support DCR.

authorization cloudflare-access dcr entra mcp model-context-protocol oauth oauth2 pkce security sso

Last synced: 11 Jul 2026

https://github.com/cyberark/escape-the-cloud

Web Application for CyberArk Cloud Escape Room CTF challenge

aws challenge cloud conjbot-skip conjbot-skip-vulnrreport ctf security

Last synced: 03 May 2025

https://github.com/becklyn/becklynstaticrolesbundle

Config-based user role management for Symfony

php roles security symfony symfony-bundle

Last synced: 09 Mar 2026

https://github.com/felixdes/java-dop-example

Simple example of fine access implemented with new Java DOP paradigm

dop gradle java security spring-boot

Last synced: 06 Jul 2025

https://github.com/endorama/devenv

Manage different shell environments securely with ease

development devenv environment gpg hacktoberfest profile security security-posture ssh-agent ssh-key

Last synced: 23 Mar 2025

https://github.com/rhayes2/cryptboard

Image Steganography made Simple

android encryption security steganography

Last synced: 22 Apr 2025

https://github.com/gensecaihq/kubekavach

Developer-first K8s security scanner with instant pod replay. Debug prod issues locally in seconds. AI-powered explanations. CERT-IN compliant for Indian orgs.

cert-in container cybersecurity india kubernetes kubernetes-cluster security

Last synced: 09 Oct 2025

https://github.com/guardicode/centra-py-client

A Python client for Guardicore Centra API access.

firewall python security segmentation

Last synced: 16 Jan 2026

https://github.com/4m3rr0r/mac-changerpro

This is a bash script that can change the MAC address of either the eth0 or wlan0 network interface.

bash mac-address-changer mac-address-generator mac-cangerpro macaddress macchanger security

Last synced: 11 Apr 2025

https://github.com/jenkinsci/42crunch-security-audit-plugin

Jenkins plugin 42Crunch API Contract Security Audit

analysis security test

Last synced: 22 Apr 2025

https://github.com/Popsiclestick/falco-filebeat-daemonset

Easily deployable daemonset which moves logs from falco with filebeat.

containers daemonset falco filebeat kubernetes security

Last synced: 12 May 2025

https://github.com/5gsec/security-intents

Repository to hold security intents in standard template format.

5g blueprints intents k8s kubernetes o-ran security

Last synced: 14 Aug 2025

https://github.com/ligoj/plugin-security

Ligoj service plugin for security

ligoj ligoj-plugin security

Last synced: 13 Apr 2025

https://github.com/codingo/ctfs

Code and writeups for a variety of CTF challenges. Links to writeups included where available.

capture-the-flag penetration-testing python security writeups

Last synced: 12 Mar 2026

https://github.com/practicalparticle/sandblox

**EXPERIMENTAL SOFTWARE** SandBlox: A secure blockchain development platform using pre-built components called Blox & Particle's State Abstraction. Build dApps quickly and safely with React & TypeScript.

account-abstraction blockchain security smart-contracts web3

Last synced: 10 Oct 2025

https://github.com/sjinks/node-modsecurity

ModSecurity Connector for Node.js

modsec modsecurity security waf

Last synced: 10 Apr 2025

https://github.com/ferhatgec/passplusplus

Single header Password Quality and Security Library.

file header library pass quality security single

Last synced: 18 Feb 2026

https://github.com/akmalovaa/mikroseclist

Mikrotik CrowdSec firewall address lists sync

address address-list block crowdsec firewall mikrotik router-os routeros security

Last synced: 19 Apr 2025

https://github.com/swillner/regban

Lightweight alternative to fail2ban using nftables (banning IPs with failed login attempts)

fail2ban ip-blacklist ip-blocking nftables security

Last synced: 25 Mar 2025

https://github.com/trishankatdatadog/tuf-on-a-plane

Allegedly, a minimal, Pythonic TUF client can be written on a long flight. This was written after that flight, but hey, it's a shot.

security tuf updates

Last synced: 14 Apr 2025

https://github.com/sgofferj/sipblocklist

List of IP addresses which attacked my SIP IP PBX in the last 30 days

blocklist blocklist-data firewall-rules security

Last synced: 09 Mar 2026

https://github.com/humanjavaenterprises/nostr-auth-middleware

The nostr-auth-middleware repository offers a TypeScript-based middleware solution for managing authentication and enrollment in Nostr web applications. It supports NIP-07 compatible authentication, secure user enrollment, event validation, and JWT-based session management, with optional Supabase integration for data persistence.

authentication decentralized-protocols event-validation jwt middleware nostr security supabase web-applications

Last synced: 13 Jun 2025

https://github.com/njonsson/passwordtextbox-control

A Windows Forms control that enables the user to enter password text, momentarily showing each character entered

input nuget-packages password security ui-widget windows

Last synced: 28 Jul 2025

https://github.com/jonzeolla/lab-internetofinsecurity

An introductory lab to IOT device security.

information-security infosec iot iot-security lab security

Last synced: 09 Mar 2026

https://github.com/LeKlex/Attack-simulation-infrastructure

A small and simple network infrastructure with automated attacks on a VM server documented by tshark

bruteforce forensic hacking network nmap nmap-scripts port-scanner reverse-shell security shell-script sql-injection telnet tshark ubuntu vagrant virtualbox

Last synced: 12 Jul 2025

https://github.com/fabianferno/the-riot-protocol

It offers device authentication, data encryption, decentralized key generation, and blockchain-based authentication for secure and reliable communication between devices and users.

arduino blockchain cryptography data gateway iot security solidity university-project

Last synced: 18 Jan 2026

https://github.com/eaceto/flutter_local_authentication

A flutter plugin that allows access to Local Authentication / Biometrics on iOS, macOS, Linux and Android (Windows Hello is a work in progress).

android biometric biometric-authentication biometric-identification dart fingerprint flutter ios local-authentication macos password plugin security

Last synced: 22 Aug 2025

https://github.com/jcsec-security/smart-contract-audits

List of some of the published smart contract audits in which I have participated in the past.

audit security smart-contracts

Last synced: 07 Apr 2025

https://github.com/wikid82/charon

A lightweight, user-friendly web interface for managing Caddy as a reverse proxy. It simplifies SSL management and host routing for self-hosters who want the power of Caddy without the manual configuration.

caddy crowdsec docker docker-compose homelab proxy-manager reverse-proxy security self-hosted sso tailscale waf web-ui

Last synced: 02 May 2026

https://github.com/center-key/bookstore

Grails 3.0 sample application

grails groovy sample security starter-template

Last synced: 07 May 2025

https://github.com/nyxnor/onionwash

Parse tor configuration files and edit the torrc in a safe manner

configuration open-source security tor torrc

Last synced: 03 Sep 2025

https://github.com/algosup/2023-2024-project-4-sportshield-team-7

🛡️🔐 This is our take on the SportShield project, aiming to help better secure sports gear all around the world!

arduino bluetooth-low-energy c embedded gps iot motion-sensor security

Last synced: 22 Jul 2025

https://github.com/tigera-solutions/azure-virtual-wan-calico-networking

[Azure Blueprint] Learn how to deploy Azure Managed Hub-Spoke using Virtual WAN and Calico Networking

aks azure egress-filtering egress-gateway security

Last synced: 13 Apr 2025

https://github.com/pavanvaranasi02/ecommerce-website

"An e-commerce web app with user registration, login, responsive product listing, and a 'Buy Later' feature. Built using Java, Servlets, JSP, JDBC, and styled with CSS. Enhance your online shopping experience!"

java jdbc jsp security servlets

Last synced: 08 Oct 2025

https://github.com/biffalo/bettersecdefaults

An interactive powershell script for Azure/Entra. Creates a set of conditional access policies that will provide improved security over Microsoft's "Security Defaults". This script is primarily for less mature orgs that are perhaps still using Microsofts "Security Defaults" or only have very basic conditional access policies in place.

azure conditional-access entra-id identity-management powershell security

Last synced: 10 Apr 2025

https://github.com/atalii/adage

ada privilege escalation

ada security spark sudo

Last synced: 14 Mar 2025

https://github.com/jonzeolla/lab-securitydataanalysis

An introductory lab to Security Data Analysis (using Apache Metron (incubating)).

apache-metron data-analysis lab metron security

Last synced: 03 Jul 2025

https://github.com/msdousti/owasp-java

A seriously flawed Java project for teaching "OWASP Top 10 - 2017" concepts.

css intellij-idea java javascript jsp maven mysql owasp-top-10 payara-server security servlet web

Last synced: 07 Oct 2025

https://github.com/johnshajiang/pyssldemo

Simple demonstrations on Python ssl module

certificate python security ssl tls

Last synced: 02 Jul 2025

https://github.com/gnh1201/plcsim2016

A simple PLC simulator using C++/MFC

security simulation stuxnet

Last synced: 13 Sep 2025

https://github.com/nwestfall/netsparkerscanrunner

Quickly and easily a Netsparker Scan using your Netsparker Cloud Account

netsparker node scan security

Last synced: 14 Apr 2025

https://github.com/rootsami/ratkiez

A CLI tool to rat on all AWS keys with creation date, last used date, and attached policies.

aws awscli keys scan security

Last synced: 01 Aug 2025

https://github.com/plabick/actions-secret-decoder

Decode secrets extracted with the GitHub Secret Extractor action

github-actions secrets security

Last synced: 31 Jul 2025

https://github.com/sysdiglabs/dockerfile-benchmarker

CIS Docker Benchmark for dockerfiles

cis docker dockerfile image security

Last synced: 09 Aug 2025

https://github.com/woile/gopass-presentation

Use this to spread information about gopass

gopass secrets security

Last synced: 19 Jan 2026

https://github.com/yoozzeek/actix-csrf-middleware

CSRF protection middleware for Actix Web. Supports double submit cookie and synchronizer token patterns (with actix-session).

actix actix-web csrf csrf-protection middleware rust security web

Last synced: 30 May 2026

https://github.com/anonvm/openvpn-installer

Automate your OpenVPN server setup on Debian, Ubuntu, Fedora, CentOS, or Arch Linux with this easy-to-use installer

almalinux anonymous arch-linux bulletproof centos debian encryption fedora installer linux network openvpn privacy security ubuntu vpn wireguard

Last synced: 08 Oct 2025

https://github.com/dryewo/fahrscheine-bitte

Clojure library for checking OAuth2 access tokens

access-token api clojure compojure oauth2 security swagger1st

Last synced: 22 Apr 2025

https://github.com/geeklearningio/bouncer

Highly Configurable Authorization Model

acl aspnet-core authorization dotnet dotnet-core security

Last synced: 28 Apr 2025

https://github.com/0xjjpa/deniable-website

👀 deniable.website / An usage example of Web Cryptography API

cryptography security web

Last synced: 23 Feb 2026

https://github.com/basis-theory-labs/vgs-migration-guide

Migration Guide to move from Very Good Security to Basis Theory

guide migration security tokenization

Last synced: 04 Mar 2026