An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/weby-homelab/voip-installer

Secure, Dockerized Asterisk 22 Installer for Ubuntu 24.04. Auto-configures PJSIP, TLS/SRTP, Let's Encrypt, Fail2Ban & NFTables.

asterisk automation docker fail2ban hardened iac infrastructure-as-code letsencrypt nftables official-docker-ce-install opus-codec pjsip security self-hosted sip speex srtp telephony ubuntu-server voip

Last synced: 22 Apr 2026

https://github.com/vidyasagarmsc/private-vpc-network

Provision an HA Bastion and VPN setup using Terraform + Session Recording on RHEL using Ansible

ansible automation bastion cloud security terraform vpc

Last synced: 22 Apr 2026

https://github.com/terraform-ibm-modules/terraform-ibm-monitoring-agent

Deploys an agent to monitor metrics and security data on an IBM Cloud Red Hat OpenShift Container Platform or Kubernetes cluster.

agent core-team ibm-cloud monitoring monitoring-agent observability scc security sysdig sysdig-agent terraform terraform-module workload-protection

Last synced: 23 Apr 2026

https://github.com/marcolugo/slae

Repository to hold all x86 Assembly code and shellcode created for the SecurityTube Linux Assembly Expert (SLAE) course

assembly-x86 security shellcode

Last synced: 24 Apr 2026

https://github.com/hpgrahsl/flightswebapi

Sample Project for my Java Magazin (04/2017) Article together with Manfred Steyer

keycloak oauth2 oidc security spring-boot webapi

Last synced: 24 Apr 2026

https://github.com/solomonneas/rapid7-mcp

MCP server for Rapid7 InsightIDR — SIEM log search, investigations, alerts, UBA, and threat intelligence

ai-agents insightvm mcp model-context-protocol rapid7 security vulnerability-management

Last synced: 30 Apr 2026

https://github.com/derhansen/add_pwd_policy

Additional Password Policy validators for TYPO3 CMS 12.4+

password security

Last synced: 25 Apr 2026

https://github.com/shadawck/scabi

Implement vulnerabilities scanning on top of package management system like apt, pip, composer...

cve dependencies mitre ossindex package-manager python scanner security security-audit security-tools vulnerability

Last synced: 06 Jun 2026

https://github.com/chl12172025-code/nullprt

A statically-compiled, system-level programming language for software protection, hardware-bound licensing, and anti-tampering. Cross-platform (Windows/macOS/Linux). Self-hosted toolchain.

anti-tamper arm64 c-abi code-obfuscation compiler cross-platform licensing linux macos native-code nprt nullprt programming-language security self-hosted software-protection static-typing system-programming windows x86-64

Last synced: 05 Jun 2026

https://github.com/simplito/privmx-endpoint-kotlin

Kotlin wrappers for the native C++ library used by PrivMX to handle end-to-end (e2e) encryption.

communication encryption end-to-end-encryption kotlin kotlin-android kotlin-ios kotlin-jvm kotlin-multiplatform-library mobile privmx security

Last synced: 07 Jun 2026

https://github.com/lennolium/1guard-server

Semester's Project - System and Software Engineering 1 - server backend

ai macos safari safari-extension security shopping

Last synced: 26 Apr 2026

https://github.com/neiman-marcus/psm

Security enabled simple REST service to manage application configuration in AWS SSM Parameter Store.

aws aws-ssm boto3 encrypts parameter-store python secrets secrets-management secrets-manager security serverless serverless-framework ssm

Last synced: 26 Apr 2026

https://github.com/matouskozak/exe-scanner

A lightweight plugin that improves malware classifiers' robustness against adversarial attacks on Windows executables (EXEmples). Based on the research paper "Updating Windows Malware Detectors: Balancing Robustness and Regression against Adversarial EXEmples" (2025).

adversarial-machine-learning malware-detection security windows

Last synced: 27 Apr 2026

https://github.com/petercxy/wl-mitm

Mirror of https://gitea.angry.im/PeterCxy/wl-mitm

security wayland

Last synced: 27 Apr 2026

https://github.com/ali-raheem/macpi

🛡️ Create macsec encrypted ethernet links automatically, transparently and securely with minimal interaction

bump-in-the-wire encryption ethernet macsec networking raspberry-pi security

Last synced: 27 Apr 2026

https://github.com/lucasgoncsilva/swarden

Created in Django as an MVC Framework, sWarden works as a real prototype of an online password and credential manager. This project uses security concepts in a practical and descriptive way.

criptography django load-testing password password-manager python security testing

Last synced: 28 Apr 2026

https://github.com/bylickilabs/hashchecker

HashChecker ist ein kompaktes, benutzerfreundliches Windows-Tool zur schnellen Integritätsprüfung von Dateien per Hashwert.

checksum csharp desktop-app dotnet file-integrity hash hash-checker integrity-checker md5 opensource security sha256 tools windows winforms

Last synced: 28 Apr 2026

https://github.com/erlang-punch/berty

A clean, safe and flexible BERT implementation

audit bert elixir erlang etf externaltermformat security serialization serializer

Last synced: 28 Apr 2026

https://github.com/sv443/node.js-bcrypt-password-hashing

This is an interactive example of how to hash passwords in Node.js very securely using bcrypt

bcrypt hash hashing javascript js node-js nodejs password password-hash security

Last synced: 29 Apr 2026

https://github.com/taufik-nurrohman/markdown-filter

Safely replace text in a Markdown document.

commonmark extra filter markdown php security

Last synced: 29 Apr 2026

https://github.com/gabrielluizbh/laps

Script de configuração do LAPS.

laps laps-password security seguranca windows windows-server

Last synced: 29 Apr 2026

https://github.com/mayorjay/genpass

A Secure Password Generator designed with security precautions for the user's data

android clean-architecture datastore-preferences jetpack-components mvvm-architecture password-generator security

Last synced: 29 Apr 2026

https://github.com/frnn4268/k8s_cloud-native-pg_trivy-operator

This repository contains auxiliary tooling for managing PostgreSQL clusters on Kubernetes, including CloudNativePG, Trivy Operator, and Cert Manager. It simplifies deployment, operation, and security scanning of containerized applications, providing examples and automation through Taskfiles.

automation backup cert-manager cloudnative devops helm kubernetes postgresql security trivy

Last synced: 29 Apr 2026

https://github.com/dubniczky/prototype-pollution

JavaScript Prototype Pollution Attack demo against a NodeJS Express server using Lodash

demo exploit javascript lodash prototype-pollution security yarn-berry

Last synced: 30 Apr 2026

https://github.com/racksync/workshop-devops

Examples and Resources used in a DevOps workshop Materials.

ci-cd cloud-native cluster cncf devops devsecops docker gitops k8s kubernetes linux owasp security

Last synced: 01 May 2026

https://github.com/mahdikhoshdel/accesswatch

A tool that retrieves and displays file or directory access information In Linux and Windows

access gid linux python python3 security security-tools ssid uid windows

Last synced: 01 May 2026

https://github.com/rivassec/secure-iam-lint

Python-based linter for AWS IAM policies to catch insecure configurations

automation aws devsecops iam linter python security

Last synced: 02 May 2026

https://github.com/danielrosehill/Claude-Security-Auditor-Plugin

Pattern/model for using CC for conducting device level security audits

claude-code lan-audit security

Last synced: 08 Jun 2026

https://github.com/brainphreak/hacker-game-suite

A suite of four educational cybersecurity games: OSINT Investigation, Phishing Detection, Network Forensics, and a Command-Line Typing game.

games hacking html5 security

Last synced: 02 May 2026

https://github.com/advancedhacker101/fpa-extension

Browser extension for FPA password management

authentication chrome-extension fpa password-manager security

Last synced: 02 May 2026

https://github.com/emanuele-em/apple-security

Bindings to the macOS Security Framework

apple bindings framework ios keychain macos macosx rust security

Last synced: 02 May 2026

https://github.com/nicatnesibli/pingoo

🚀 Optimize your traffic with Pingoo, a fast and secure load balancer and API gateway featuring built-in service discovery, bot protection, and more.

akamai anti-bot apache2 backdoor c cloudflare fastly haproxy icmp load-balancer persistence pingoo protocol proxy reverse-proxy rust security waf

Last synced: 02 May 2026

https://github.com/cryptix720/pimux

PIMUX: Manage and share your passwords, documents, private photos and other personal information with world-class security, right from your Windows desktop, Surface or phone.

document information password password-manager security windows windows-service

Last synced: 03 May 2026

https://github.com/nisanth2004/jwt-authentication-using-springboot-3.2.x

This project completely give the information about the Json Web Token(JWT) authentication and authorization

ai authentication authorization config java jwt kafka login regsiter security service spring springboot token

Last synced: 03 May 2026

https://github.com/toninoes/jwt-autenticacion-rest-servicio-web-spring

Aplicación Java para implementar servicio REST (de prueba) con autenticación basada en JSON Web Tokens.

jwt jwt-auth jwt-authentication jwt-token jwt-tokens security spring spring-boot

Last synced: 03 May 2026

https://github.com/marcl/secure-redirects

🔐 Express middleware to secure open redirects.

express-middleware nodejs npm redirection security

Last synced: 03 May 2026

https://github.com/Onome-AJ/security-sweep-plugin

Free Claude Code plugin that scans your project for leaked API keys, security holes, and common mistakes before you ship. No security expertise needed.

ai-security api-key-leak claude-code claude-code-plugin code-review developer-tools devtools mobile-security owasp sast secret-scanning secrets-detection security static-analysis vibe-coding vulnerability-scanner web-security

Last synced: 03 May 2026

https://github.com/holzhaus/ghastly

A security-focused linter for Github Actions Workflows, written in Rust 🦀.

ci command-line-interface github-actions linter rust security workflow yaml

Last synced: 04 May 2026

https://github.com/flavienbwk/docker-iptables

Secure your Docker install with additional and understandable IPTables.

docker iptables linux security ufw

Last synced: 04 May 2026

https://github.com/phpmv/ubiquity-security

Security module for Ubiquity framework

php security ubiquity ubiquity-framework

Last synced: 09 Jun 2026

https://github.com/rasterandstate/commit-coach

An intelligent commit analysis tool that provides insights and coaching for code changes.

automation ci-cd code-quality code-review commit-analysis git github-action insights nodejs security testing typescript

Last synced: 05 May 2026

https://github.com/vayan/otpui

One Time Password GTK App - "Google Authenticator" Desktop App

application authenticator gem gtk linux otp ruby secret security u2f

Last synced: 05 May 2026

https://github.com/shazeus/ghspy

GitHub OSINT tool — extract intelligence from any GitHub user profile

cli developer-tools email-discovery github github-api intelligence osint python reconnaissance security terminal timezone

Last synced: 09 Jun 2026

https://github.com/jeremy-code/defraud

Defraud is a tool to help you identify and avoid scams

defraud fraud nextjs privacy react scam security

Last synced: 06 May 2026

https://github.com/naritanara/chaos-ctf

A simple 5 level CTF

ctf ctf-challenges hacking security

Last synced: 07 May 2026

https://github.com/krish-makadiya/password-generator

The Random Password Generator is a web tool that helps users create secure and random passwords using HTML, CSS and JavaScript..This tool allows users to generate a password of a specified length, with options to include uppercase letters, lowercase letters, numbers, and special characters.

copy-to-clipboard css customizable-length frontend html javascript lowercase numbers open-source password-generator password-security password-strength password-strength-indicator privacy random-password security special-characters uppercase user-friendly web-development

Last synced: 07 May 2026

https://github.com/samjuk/ansible-ecomscan

Ansible role to manage running Ecomscan across multiple websites

ansible devsecops ecomscan magento2 malware sansec scanning security shopware woocommerce wordpress

Last synced: 07 May 2026

https://github.com/tom474/cryptography-comparative-analysis

[RMIT 2024C] COSC2539 - Security in Computing and IT - Analytical Security Report

asymmetric cryptography hashing security symmetric

Last synced: 07 May 2026

https://github.com/ez-appsec/ez-appsec

AI-powered application security scanning — free, open-source replacement for GitLab and GitHub security scanning

appsec devsecops docker github-actions gitlab-ci open-source sast secrets-detection security vulnerability-scanner

Last synced: 12 May 2026

https://github.com/fletcherholt/frisk

Free, no-login security scanner for any public GitHub repo. Check for leaked secrets, malware, malicious packages, typosquats, vulnerable dependencies (OSV) and bad binaries (VirusTotal) before you clone. Swap github.com to friskit.dev.

appsec cloudflare-workers code-security dependency-scanning devsecops github malicious-packages malware-scanner osv sast secret-scanning secrets-detection security security-tools supply-chain-security typescript virustotal vulnerability-scanner

Last synced: 14 Jun 2026

https://github.com/eset/eei-agent-linux-probes

eBPF probes used by ESET Linux products

ebpf linux security

Last synced: 09 May 2026

https://github.com/containerssh/packages

The ContainerSSH packages page

devsecops docker kubernetes security ssh

Last synced: 09 May 2026

https://github.com/wyre-technology/threatlocker-mcp

MCP server for ThreatLocker — zero-trust application allowlisting, approval requests, audit logs

mcp mcp-server msp security threatlocker zero-trust

Last synced: 10 Jun 2026

https://github.com/akshatamohanty/practical-blockchain

Website for practicalblockchain.org. Practical Blockchain is a meetup group in Singapore, started in 2021. We focus on talks and workshops by speakers building blockchain applications in production, learning from their research and insights.

blockchain cryptography dapps ethereum security smartcontracts solidity zkproof

Last synced: 09 May 2026

https://github.com/arafkarsh/ms-cache-kafka-quickstart

Microservice Service Template With Redis Cache and Kafka Framework. Microservice Template gives you a SpringBoot App template with Open API 3 Ex, Actuator, Sleuth, Prometheus, and POM file with Fat and Thin jar file creation and Dockerfile for containerization.

aop exception-handling kafka microservices redis security spring-boot

Last synced: 10 May 2026

https://github.com/oaslananka-lab/mcp-ssh-tool

Production-grade MCP SSH automation server for secure remote command, file, tunnel, service, metrics, and policy-controlled operations over stdio/HTTP, with npm distribution, MCP Registry metadata, and ChatGPT app readiness.

automation chatgpt claude codex cursor devops infrastructure mcp mcp-server model-context-protocol nodejs npm-package openai remote-automation security sre ssh ssh-client typescript vscode

Last synced: 13 May 2026

https://github.com/serverfarmer/sf-secure-lynis

sf-secure-lynis extension installs Lynis audit tool and performs daily system audits.

linux lynis security security-audit security-automation security-hardening security-scanner

Last synced: 10 May 2026

https://github.com/codeconut-ltd/wordpress-web-setup-boilerplate

Security-focused structural boilerplate for any WordPress webs. Opinionated features that might not work with any hosting. Only use if you know what you are doing and are comfortable editing server files.

boilerplate-setup composer php php7 phpcs phpcs-wordpress security security-hardening server-configuration template-project template-repository wordpress wordpress-boilerplate wordpress-development wordpress-installation wordpress-security wordpress-server wordpress-settings wordpress-setup wordpress-site

Last synced: 11 May 2026

https://github.com/oising/controlledfolderaccess

Extended support for Windows Defender Controlled Folder Access

defender microsoft powershell security security-audit windows

Last synced: 11 May 2026

https://github.com/nnemirovsky/sluice

Credential-governance proxy for AI agents (OpenClaw, Hermes). MCP gateway + SOCKS5 proxy with Telegram approval, phantom token injection, all-protocol DLP, and tamper-evident audit.

ai-agent ai-governance ai-security credential-injection dlp hermes mcp mitm-proxy openclaw proxy security socks5 telegram-bot

Last synced: 23 May 2026

https://github.com/yashsaini99/gpass

Graphical Password Authentication is a Go package that secures user login with image-based password patterns. It converts selected image indices into a string, hashes it with bcrypt, and stores it in MongoDB. It also features brute-force protection, email alerts, and secure password resets.

authentication golang graphical-password graphical-password-authentication security

Last synced: 11 Jun 2026

https://github.com/vaadin-developer/security-for-flow

Proof Of Concept for a Security AddOn

flow java jetty kotlin poc ruppert security sven vaadin

Last synced: 14 May 2026

https://github.com/flucksite/lucky_honeypot

🍯 Simple invisible captcha spam protection for Lucky Framework apps.

bot-protection captcha crystal crystal-lang invisible-captcha lucky luckyframework security

Last synced: 11 Jun 2026

https://github.com/cipherstash/benches

CipherStash Performance benchmarks for large tables in PostgreSQL

database encryption postgres postgresql security

Last synced: 11 Jun 2026

https://github.com/aydinnyunus/ipvalidator

ipValidator is a Go library designed to help developers easily filter out and validate IP addresses based on various criteria. It allows you to check if an IP address falls into reserved categories such as loopback, link-local, multicast, or private addresses.

go golang network security

Last synced: 12 Jun 2026

https://github.com/hugobatista/unicode-skill-injection-poc

Proof-of-concept demonstrating invisible Unicode prompt injection in AI agent skill files. This project shows how the Unicode Tags block (U+E0000–U+E007F), zero-width characters, and bidirectional overrides can embed hidden instructions in AI agent skill files (SKILL.md) that are invisible to human reviewers but fully processed and obeyed by LLM

agent injection llm prompt-injection security unicode

Last synced: 14 Jun 2026

https://github.com/arcjet/arcjet-plugin

This plugin makes your AI coding agent an Arcjet security expert.

ai-skills claude-code claude-code-plugin claude-plugin claude-skills cursor-plugin cursor-rules open-plugins security

Last synced: 17 Jun 2026

https://github.com/andy-maier/easy-server

Secure server access that is easy to use

access ansible python security server service vault

Last synced: 19 Jun 2026

https://github.com/gragero/freelance-site

Personal freelance portfolio — Flask, Python, Secure Backend. From nothing to all.

backend coding flask freelance freelancer high-performance low-level-programming programming python security website

Last synced: 19 Jun 2026

https://github.com/ryzalain/hagezi-dns-api

Quick and Easy DNS Configuration w/ The Best Blocklists by HaGeZi

dns docker hagezi pi-hole-blocklists rust security

Last synced: 19 Jun 2026

https://github.com/roottusk/aws-iam-reader-policy

IAM Policy for Read Access to All AWS Components

aws iam security

Last synced: 20 Jun 2026

https://github.com/marcelroozekrans/ai.sentinel

Security monitoring middleware for IChatClient (Microsoft.Extensions.AI). 55 detectors for prompt injection, hallucination, PII leakage, and operational anomalies. Intervention engine, embedded dashboard, audit forwarders to Azure Sentinel + OpenTelemetry. Drop-in middleware for any LLM client.

ai-security aot claude-code copilot csharp detection dotnet ichatclient llm-security mcp microsoft-extensions-ai middleware owasp-llm-top10 prompt-injection security

Last synced: 20 Jun 2026

https://github.com/center-key/npm-security-aggregator

🛡️ View audit reports for a published npm package

audit npm package security vulnerability

Last synced: 22 Jun 2026

https://github.com/hugobatista/x86-asm-bmp-steganography

Sample x86-64 assembly program, demonstrating how to hide a message in a bitmap

assembly bitmap linux obfuscation security steganography

Last synced: 22 Jun 2026

https://github.com/majikah/majik-key

Majik Key is a next-generation seed phrase account library for creating and managing mnemonic-based identities. It provides a post-quantum ready, high-security bridge between BIP39 mnemonics and the Majikah ecosystem.

bip39 crypto cryptography key keypairs majik-message mnemonic security seed-phrase

Last synced: 22 Jun 2026

https://github.com/tthew/cc-devbox

A streamlined, secure containerized development environment optimized for Claude Code with DNS-based domain filtering and comprehensive development tools.

agentic-ai-development claude containerization docker gemini llms security vibe-coding

Last synced: 23 Jun 2026

https://github.com/mecha-cms/x.captcha

Form protection using captcha.

captcha extension security

Last synced: 23 Jun 2026

https://github.com/Perufitlife/firebase-security-skill

Open-source Firebase Firestore Rules auditor: detects 'match /{document=**} if true', expired test-mode rules, auth-without-ownership. Active probe sends anonymous GET to confirm leaks.

audit auditor cli devsecops firebase firestore google leak mit-license nodejs open-source penetration-testing scanner security security-audit typescript vulnerability

Last synced: 25 Jun 2026