An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/timokoessler/easy-waf-data

This repository provides ip data for the Web Application Firewall EasyWAF.

javascript nodejs security typescript waf web-application-firewall

Last synced: 29 Oct 2025

https://github.com/houseos/secure_control_protocol

Dart library for the secure-control-protocol

chacha20-poly1305 dart home-automation iot open-source security

Last synced: 26 Jul 2025

https://github.com/isabellaalstrom/nd-motionsnapshot

Takes snapshots of your cameras and sends to discord

automation camera cameras discord hacs home-assistant netdaemon security snapshot

Last synced: 15 Apr 2026

https://github.com/padok-team/yatas-gcp

Plugin for YATAS that audits GCP projects for misconfiguration and security issues

audit gcp hardening misconfiguration security yatas

Last synced: 13 May 2025

https://github.com/dedene/claw-wrap

A secure credential proxy for CLI tools. Executes tools with secrets on behalf of sandboxed processes - credentials never enter the sandbox.

cli openclaw proxy security

Last synced: 21 Feb 2026

https://github.com/benderscript/owasp_llm_analysis

Large Language Models Security Analsysis

analysis llm owasp security top10

Last synced: 12 Feb 2026

https://github.com/franckferman/systematic

๐Ÿ‘ป SYSTEMatic: Systematically Seizing SYSTEM Rights. Token Impersonation POC. Alternative to PSExec for token theft. From Administrator to NT Authority\SYSTEM.

administration-system administrator c cyber-security cybersecurity elevation-of-privilege exploiting poc privilege-elevation privilege-escalation proof-of-concept proof-of-work psexec security security-tools system-administration token-stealer windows windows-10 windows-server

Last synced: 02 Apr 2026

https://github.com/kicksecure/apparmor-profile-thunderbird

AppArmor profile for Thunderbird - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor debian security thunderbird

Last synced: 19 Apr 2025

https://github.com/malikmaky/keemanager

KeeManager is a secure password and data management desktop application designed to help users securely store, manage, and access sensitive information.

encryption-decryption hash javascript key-der rust security svelte tailwindcss tauri tauri-app

Last synced: 11 Apr 2026

https://github.com/hollobit/wg3_tcm

a matrix to provide the clarified definition and relationship information of trustworthiness characteristics between in the AI/ML standards

accountability ai bias consistency controllability effectiveness explainability integrity ml quality reliability risk robustness security testing traceability transparency trust trustworthiness vulnerability

Last synced: 29 May 2026

https://github.com/qtsolv/laravel-auditors

Record created by, updated by and deleted by on Eloquent models automatically.

eloquent laravel php security

Last synced: 12 Apr 2025

https://github.com/seisvelas/SAN-Scanner

Burp Suite extension for passively discovering Subject Alt Names in SSL/TLS certificates

burp burp-extensions burpsuite security security-tools ssl-certificates

Last synced: 13 May 2025

https://github.com/magnetikonline/cloudfront-edge-secgroup-update

Lambda function to synchronize a set of EC2 security groups allowing ingress only from CloudFront edge locations.

cloudfront ingress lambda security

Last synced: 02 Sep 2025

https://github.com/avivsinai/telclaude

Secure Telegram-Claude bridge with LLM-based command screening and tiered permissions

ai-agent anthropic claude cryptography docker isolation llm llm-security permission-tiers sandbox security telegram-bot typescript

Last synced: 28 May 2026

https://github.com/trendmicro/v1-cloud-community

About Collection of Trend Micro Open Source Community Projects related to Trend Vision One

automation demo security trendmicro trendvisionone visionone

Last synced: 15 Apr 2025

https://github.com/eriksjolund/empty-argv-segfault-check

Test if an executable segfaults when started with an empty argv. The script may be used as a vulnerability-scanner to find setuid executables having buggy code (but it will probably not find any direct security vulnerabilities).

security segfault setuid vulnerability-scanners

Last synced: 06 Apr 2025

https://github.com/mendel5/security

Overview of cyber security topics and links

cybersecurity infosec security

Last synced: 03 Feb 2026

https://github.com/ayemunhossain/secure-session-based-jwt-authentication

๐Ÿ”’ Introducing an authentication project crafted with Node.js, featuring session-based JWT token authentication and fortified with CSRF protection. Elevate your security measures while enjoying the seamless user experience provided by this robust solution.

ayemunhossain csrf-protection jwt jwt-token jwt-vs-session security session session-management token

Last synced: 24 Mar 2025

https://github.com/kicksecure/apparmor-profile-hexchat

AppArmor profile for HexChat IRC - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor hexchat irc profile security

Last synced: 10 Mar 2025

https://github.com/joaomilho/vault-mobile

๐Ÿ”‘ [really] safe password management mobile UI

android ios password react-native security stateless vault

Last synced: 06 May 2026

https://github.com/telefonicaid/fiware-keystone-spassword

Keystone SPASSWORD is an OpenStack Keystone extension that enables some extra security checks over user passwords, as force the usage of strong passwords, expiration time for a password, number of bad login attempts before user account became temporarily blocked, a recover procedure password, second factor authentication (2FA), etc.

keystone ldap openstack-keystone-extension security

Last synced: 19 Apr 2025

https://github.com/bewakerai/bewaker

Guardrails for agentic coding

ai githooks guardrails merkle security vscode

Last synced: 21 Feb 2026

https://github.com/sylvainmouquet/pydantic2-settings-vault

A Pydantic v2 settings extension for secure configuration management using HashiCorp Vault OpenSource (OSS) and Enterprise

configuration enterprise hashicorp opensource pydantic python secrets-management security settings vault

Last synced: 02 Aug 2025

https://github.com/rwails/tempest

Code and data used to generate the analyses in "Tempest: Temporal Dynamics in Anonymity Systems".

anonymity cplusplus-11 popets python3 research security tor

Last synced: 10 Jun 2025

https://github.com/bnomei/kirby3-htmlpurifier

Static class method, Uniform-Guard and Field-Method to filter your "dirty" HTML inputs to "clean" HTML.

filter form headless html htmlawed input kirby3 kirby3-cms kirby3-plugin kql kses safe sanitize security striptags submit uniform xss

Last synced: 13 Mar 2025

https://github.com/davidmoremad/azure-security-templates

Useful templates of security policies, roles and runbooks to protect your Azure account

azure cloud-security security

Last synced: 24 Sep 2025

https://github.com/oqullcan/berry-privacy

BERRY-privacy is a PowerShell script designed to enhance your privacy by blocking telemetry fields and IP addresses.

automation firewall hosts network-security powershell privacy privacy-protection script security telemetry-blocking windows

Last synced: 15 Apr 2025

https://github.com/merci-libre/genpass-rs

A password management tool written in Rust. Generates Extended ASCII, ASCII, and alphanumeric strings, and uses steganography to store passwords into images as pixels.

cli cryptographically-secure linux modular password-generator password-manager rust security security-tools steganography windows

Last synced: 03 Apr 2026

https://github.com/edmartt/profilesaver

This is a password manager developed for fun and learning about MVC.

desktop-application java mvc-application password password-generator password-manager passwordmanager security

Last synced: 06 Jan 2026

https://github.com/ispique/keylogger

All loggers in one! Every 10 seconds, you get Keystrokes, Mouse Coordinates, Photo (if target has a WebCam), ScreenShot and Microphone inputs from target computer and send to your mail.

cyber-security cybersecurity hacking hacking-code hacking-tool keylogger keylogging logger mime mime-types offensive-scripts penetration-testing pentesting python security

Last synced: 31 Jul 2025

https://github.com/ahmed-alnassif/metasploit-termux-installer

The Metasploit-Termux-Installer script automates the setup of Metasploit Framework on Termux, enabling penetration testing on Android. It updates packages, installs dependencies, fetches Metasploit, and configures the environment for seamless use, allowing you to run Metasploit tools like `msfconsole` directly from your terminal.

ahmed-al-nassif android automation bash-script cybersecurity ethical github hacking installation-guide metasploit metasploit-framework penetration-testing script security termux vulnerability-assessment

Last synced: 09 Mar 2026

https://github.com/lycanthropy3301/syncseed

An open-source, secure authentication module built using python. Uses a challenge-response system to authenticate users.

authentication contributions-welcome module open-source pip python python3 security

Last synced: 09 Apr 2026

https://github.com/bombinisecurity/bombini

WIP: eBPF security monitoring agent based on Aya

aya bpf ebpf security

Last synced: 21 Sep 2025

https://github.com/grapheneos-archive/kernel_google_crosshatch_drivers_staging_qcacld-3.0

Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL Wi-Fi kernel driver sources.

android grapheneos security

Last synced: 04 Oct 2025

https://github.com/jwilk/detsan

determinism sanitizer

fuzzing qa security

Last synced: 08 May 2025

https://github.com/ladjs/mongoose-omit-common-fields

Array of common fields to emit for Mongoose toObject/toJSON (helpful for security)

common fields helper koa lad mongo mongodb mongoose omit security select

Last synced: 15 Apr 2025

https://github.com/manuelberrueta/hashfinder

Go script that finds a matching hash or a diff of a target hash in a directory.

blueteam blueteam-tools dfir dfir-automation hashing security security-tools

Last synced: 06 Jul 2025

https://github.com/raisiqueira/secure-nextjs-app

Demo of a secure Next.js application

frontend-security nextjs nextjs14 security

Last synced: 14 Feb 2026

https://github.com/robertdebock/ansible-role-collectd

Install and configure collectd on your system.

ansible collectd molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/0xirison/PrintNightmare-Patcher

A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]

cve-2021-34527 printnightmare python3 security security-tools vulnerability windows

Last synced: 12 Jul 2025

https://github.com/ollionorg/automated-azure-sandbox-setup

๐Ÿš€ Automate your Azure sandbox environments effortlessly! This repo provides tools for setting up and tearing down Azure sandboxes using GitHub Actions, ensuring efficient resource utilization and cost management. Perfect for PoCs, interviews, workshops, and more! ๐Ÿ› ๏ธโฒ๏ธ๐Ÿ’ก

azure cloud-playground cloud-security playground sandbox security

Last synced: 14 Apr 2025

https://github.com/aayushiahlawat/shield-chat-android-app

Shield Chat is an Android messaging application developed using Java and Firebase technologies

android android-application authentication chatting-app firebase java security

Last synced: 08 May 2026

https://github.com/artem-smotrakov/ql-fun

Examples of vulnerable code that can be detected by CodeQL queries.

codeql security semmle-ql

Last synced: 22 Apr 2025

https://github.com/phptuts/starterbundleforsymfony

Startkit Bundle For Symfony Projects

guard security symfony

Last synced: 27 Apr 2026

https://github.com/fadhilthomas/nuclei-reporter

run summary report of nuclei findings

dast golang security

Last synced: 10 Mar 2026

https://github.com/mitre/apache-tomcat-7-cis-baseline

(WIP) (ALPHA) InSpec Profile for the CIS Apache Tomcat v7 Benchmark

inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat tomcat7

Last synced: 21 Apr 2025

https://github.com/stenstromen/gotlsaflare

Go binary for updating TLSA DANE record on cloudflare from x509 Certificate

automation certificate cloudflare dane dns go security tlsa x509

Last synced: 20 Aug 2025

https://github.com/nystudio107/craft-twig-sandbox

Allows you to easily create a sandboxed Twig environment where you can control what tags, filters, functions, and object methods/properties are allowed

craftcms sandbox security twig

Last synced: 14 Jul 2025

https://github.com/destan0098/ipshow

This tool checks and show domains IP to you

ip security security-tools tcp-ip

Last synced: 03 Mar 2025

https://github.com/ludo-technologies/codescan

Scan any GitHub repo for security issues โ€” risky code, exposed keys, outdated packages

dependency-scanning devsecops gitleaks golang nextjs sast secrets-detection security security-tools semgrep static-analysis trivy

Last synced: 03 Jul 2026

https://github.com/contributte/oauth2-server

๐Ÿ”’ OAuth2 server for Nette Framework

contributte nette outh2 security

Last synced: 13 Aug 2025

https://github.com/logicalhacking/securebpmn

SecureBPMN is a domain-specific modeling language that allows to model security aspects (e.g., access control, separation of duty, confidentiality).

analysis bpmn compliance modelling modelling-framework project securebpmn security

Last synced: 10 May 2025

https://github.com/x13a/fschk

List persistence items on macOS.

macos osx security swift

Last synced: 27 Feb 2025

https://github.com/irfaardy/encrypt-file-laravel

๐Ÿ›ก๏ธA Simple Laravel Encrypt uploaded file plugin

aes256 encrypt encrypt-file laravel php7 secure security storage upload upload-file

Last synced: 27 Oct 2025

https://github.com/brave-experiments/defi-privacy-measurements

Code and data supporting our research projects on security and privacy issues in DeFi sites.

blockchain defi erc20 ethereum privacy security

Last synced: 07 Apr 2025

https://github.com/macmod/nsrip

A fast and simple batch DNS resolver for A/AAAA/CNAME records from multiple nameservers.

bug-bounty cloud dns go golang infosec security waf-bypass

Last synced: 15 Mar 2025

https://github.com/ibrahmsql/discoursemap-plugin

A comprehensive professional security auditing plugin for Discourse. This plugin provides automated security assessment capabilities to identify vulnerabilities, misconfigurations, and security issues in your Discourse installation

discourse discourse-plugin discourse-secuirty discoursemap forum-security red-team ruby ruby-on-rails security security-testing security-tools vulnerability-scanner

Last synced: 18 May 2026

https://github.com/spy86/owaspwebapplicationsecuritytestingchecklist

๐Ÿ›ก๏ธ๐Ÿ“ OWASP Web Application Security Testing Checklist

application application-security checklist owasp security testing

Last synced: 11 Feb 2026

https://github.com/mugomes/miantivirus

MiAntivirus is a graphical interface for ClamAV that allows you to scan your computer for viruses and easily update the virus definition database through a user-friendly interface.

antivirus clamav frontend fyne go golang linux security ubuntu

Last synced: 14 Feb 2026

https://github.com/ysskrishna/shai-hulud-detector

A CLI security scanner that detects GitHub accounts compromised by the โ€œSha1-Hulud: The Second Comingโ€ npm supply-chain worm.

github malware malware-detection nodejs npm pypi pypi-package security shai-hulud shai-hulud-detector typer vulnerability-scanners worm ysskrishna

Last synced: 24 Dec 2025

https://github.com/visible/noro

one-time secret sharing for env vars

cli encryption env env-vars one-time one-time-secret secrets security sharing

Last synced: 29 Jan 2026

https://github.com/meinto/anonymous-api-auth-provider

Prevent unauthorised access of public endpoints by for example bots or bad clients.

auth authorization public-api security session-token

Last synced: 29 Mar 2025

https://github.com/monke443/cve-2023-40028

Arbitrary file read in Ghost-CMS allows an attacker to upload a malicious ZIP file with a symlink.

cve cve-2023-40028 exploit ghost-cms github pentesting security vulnerability

Last synced: 07 May 2025

https://github.com/skyf0l/sveltekit-helmet

Important security headers for SvelteKit

csp headers helmet hsts http-headers security sveltekit

Last synced: 11 Apr 2025

https://github.com/sidhaler/jmsscanner

JmS network port scanner

network rust scanner security

Last synced: 25 Mar 2025

https://github.com/amirhnajafiz-university/s3et01

English as Technical language final project.

air-gap research security

Last synced: 17 Feb 2026

https://github.com/rustcohlnikov/eslint-config-sec

๐Ÿ”’ Linting rules for safe and secure client code

eslint fe-sec linter security

Last synced: 25 Mar 2025

https://github.com/rodrigooler/rrmd

Rust + Rocket + MongoDB + Docker

api docker fast http mongo mongodb rocket rust security type

Last synced: 08 Apr 2026

https://github.com/dknauss/ai-assisted-docs

Methodology and process documentation for AI-assisted technical writing and review โ€” a practical exploration.

ai ai-assisted-editing bdd-framework behavior-driven-development claude-code-skill documentation editorial security technical-writing wordpress wordpress-security

Last synced: 28 May 2026

https://github.com/cihatsolak/netcore-security

How we take precautions against attacks from malicious users is exemplified. Net core projects have default security measures. We can use the IDataprotector interface to encrypt data. We must also be protected against xss attacks such as Reflected or Stored. For this, we must pay attention to the use of Html.Raw().

cors cross-site-scripting dataprotection hsts https-client ipcontrol secret-management security

Last synced: 20 Jul 2025

https://github.com/ph7software/secure-password-generator

๐Ÿ” A simple way to generate random passwords. Compatible with PHP 5.6+

password password-generator php-password-generator php56 security simple-password-generator

Last synced: 09 Apr 2025

https://github.com/sefinek/known-bots-ip-whitelist

A whitelist of trusted IP addresses used by legitimate crawlers and services such as Googlebot, Bingbot, AhrefsBot, UptimeRobot, Pingdom, Cloudflare, Bunny CDN, Stripe, Shodan, FacebookBot, TelegramBot, etc.

bot bots crawler firewall goodbot goodbots googlebot ip-address ip-addresses ipset safe safe-bots safety security whitelist whitelist-bot whitelists

Last synced: 21 Jun 2025

https://github.com/sebescudie/vl.virustotal

A not-complete-at-all implementation of the VirusTotal V3 API for vvvv

malware security virustotal vl vvvv

Last synced: 30 Oct 2025

https://github.com/sammcj/guardrails-lm

Classify a prompt as safe or prompt-injection/jailbreak. Fine-tuned ModernBERT-base, ~570 MB, ~6 ms per prompt on Apple Silicon, sub-20 ms on CPU. Drop it in front of your LLM calls as a cheap first-pass filter; you decide what to do with the verdict.

governance guardrails llm prompt-injection prompting security

Last synced: 13 Jul 2026

https://github.com/jaegertracing/security-audits

Jaeger security audits

cncf security

Last synced: 02 Mar 2026

https://github.com/brandonfl/discord-virustotal-bot

Discord bot using VirusTotal API to check if the content of messages sent by discord users is safe

discord discord-bot security virustotal

Last synced: 17 Apr 2026

https://github.com/atani/mysh

MySQL connection manager with SSH tunnel support. Auto-masks sensitive data for AI/non-TTY environments. Supports MySQL 4.x+.

ai-safety cli connection-manager data-masking database golang mysql mysql-client security ssh-tunnel

Last synced: 03 Jun 2026

https://github.com/excalibra/scripts

Platform: Windows/Mac/Linux. Scripting: Various, no restrictions; customized as needed. Tasks: Desktop checks, software cracking, AV evasion, privilege execution, firmware read/write, password checks, Wi-Fi scans, cloud security, log analysis, NLP, and data analysis in humanities/social sciences.

automation ban-ip clawer linux macos security spiders update wi-fi windows

Last synced: 04 Mar 2026

https://github.com/grimdork/awsec

Store secrets in AWS Parameter Store.

aws cli cross-platform secrets security security-tools

Last synced: 01 Apr 2026

https://github.com/sofianhw/dlyscl-web3-bootcamp

Web3 Developer Bootcamp by DailySocial.id - Day 2

bootcamp frontend security web3

Last synced: 05 Mar 2026

https://github.com/karakun/encrypted-filechannel

Transparent encryption for java.nio.channels.FileChannel

crypto cryptography java nio security tink

Last synced: 05 Mar 2026

https://github.com/birddevelper/gomologin

Gomologin is Golang (Go) login manager working with RDBMS Databases

authentication authorization go golang gomologin login login-manager login-system role security session sql

Last synced: 28 Apr 2025