An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/oktadev/okta-implicit-flow-detector

A browser extension for Chrome and Firefox to detect the deprecated OAuth 2.0 Implicit flow

oauth oauth2 security

Last synced: 01 Sep 2025

https://github.com/localzet/jwt

Localzet JWT is a library for working with JSON Web Tokens (JWT). Developed by Ivan Zorin, it uses modern technologies and standards for creating, verifying, and handling JWTs.

library security

Last synced: 10 Jan 2026

https://github.com/cpscript/linux-security

A simple Linux security script to protect your files and data from external brute force attempts if you get caught and your device gets seized

linux security

Last synced: 12 Mar 2025

https://github.com/iljasl/dormant

Dormant is a go.mod dependencies activity analyzing tool for your go applications. Find out which of your used dependencies are active, inactive or sporadically maintained.

analyzer golang security security-tools

Last synced: 14 Jan 2026

https://github.com/mikeludemann/mevn-stack-authentication

A MEVN Stack Authentication Setup with Login, Registration and more

authentication database expressjs mevn-stack mongodb nodejs passport security vue

Last synced: 11 Apr 2026

https://github.com/didrod205/jwtlens

Decode, audit & verify JWTs entirely offline — stop pasting live tokens into jwt.io. Local signature verification (HS/RS/PS/ES/EdDSA) with your own secret/PEM/JWK, plus a security lint (alg:none, exp, aud/iss). Deterministic CLI, JSON/MD reports.

appsec auth authentication cli json-web-token jws jwt jwt-cli jwt-decode node offline security token typescript verify

Last synced: 16 Jun 2026

https://github.com/dideler/fish-index

🐟 Shows indexed chars for hidden or visible text data

fish fish-packages fish-plugin fish-shell fisherman oh-my-fish security sensitive-data

Last synced: 02 Sep 2025

https://github.com/xxmrk888ytxx/portal-android

Portal is a secure, open-source smart key that turns your Android smartphone into a wireless authentication tool for your computer. It enables instant PC unlocking via Bluetooth (RFCOMM) or WiFi (WebSockets), featuring biometric protection, Wake-on-LAN support, and a privacy-focused, local-only communication model.

android bluetooth kotlin mtls security windows

Last synced: 31 May 2026

https://github.com/guessi/ingress-nginx-controller-security-best-practices

Ingress-NGINX Controller for Kubernetes with Security Best Practices

best-practices nginx nginx-ingress nginx-ingress-controller security

Last synced: 18 Jan 2026

https://github.com/shaalexander/ecz-cleanmac-assistent

CleanMac Assistant is an open-source AppleScript and shell script project designed as a lightweight alternative to CleanMyMac X. This tool helps you clean up and optimise your macOS system by securely removing unnecessary files, caches and log files. SEE URL FOR RELEASES

clean cleanmac-assistant cleanmymac cleanmymacx device easycomp-zeeland free homebrew macos maintenance malware-scan no-telemetry on opensource privacy righttorepair security software-update system-optimization

Last synced: 18 Jun 2025

https://github.com/contributte/event-bridges

💀 [DISCONTINUED] Symfony Event Dispatcher and Nette Framework (@nette) bridges. Use contributte/event-dispatcher-extra.

application contributte events nette-framework php security

Last synced: 02 Jul 2025

https://github.com/ianlintner/authproxy

OAuth2 Proxy Sidecar for Kubernetes Helmcharts and Configs

github helm kubernetes oauth2 oidc security sso

Last synced: 26 Jan 2026

https://github.com/lion-packages/authentication

Library to authenticate users in 2 steps

2fa 2fa-security 2factor php security

Last synced: 05 Jun 2026

https://github.com/m3ssap0/struts2_cve-2017-5638

This is a sort of Java porting of the Python exploit at: https://www.exploit-db.com/exploits/41570/.

cve-2017-5638 exploit security security-tools struts2 vulnerability vulnerability-scanners

Last synced: 10 Jun 2026

https://github.com/dyallab/henkaipan

All in one AppSec Platform

ai docker go linux nix security

Last synced: 09 Jul 2026

https://github.com/jonzeolla/lab-dropboxes

A lab covering Penetration Testing Drop Boxes.

information-security infosec lab penetration-testing security

Last synced: 12 Mar 2025

https://github.com/astrid-project/cb-manager

APIs to interact with the Context Broker's database. Through a REST Interface, it exposes data and events stored in the internal storage system in a structured way. It provides uniform access to the capabilities of monitoring agents.

agent beats control data ebpf elasticsearch log logstash management programmability security

Last synced: 30 Jun 2025

https://github.com/than-dev/passm

A simple and secure node local password manager!

cryptography filesystem javascript linux management nodejs security terminal

Last synced: 12 Apr 2026

https://github.com/cityssm/express-abuse-points

Express.js middleware for tracking and blocking abusive behaviour.

abuse block express express-middleware expressjs middleware nodejs security

Last synced: 04 Feb 2026

https://github.com/lauslim12/vigenere

Dependency-free, secure symmetric encryption implementation with Vigenère-Vernam Cipher algorithm as a library for Go. Acts as a One-Time Pad (OTP) to ensure maximum security, and supports custom alphabets.

algorithms encryption encryption-decryption go library one-time-pad security vigenere vigenere-cipher

Last synced: 23 Apr 2025

https://github.com/cyanheads/nist-nvd-mcp-server

Search and audit CVEs by keyword, severity, CWE, CISA KEV status, and CPE via the NIST National Vulnerability Database. STDIO or Streamable HTTP.

bun cisa-kev cpe cve cvss mcp mcp-server model-context-protocol nist nvd security typescript vulnerability

Last synced: 29 May 2026

https://github.com/contisimone99/lbts2023-2024_trusted_interpreter

Interpreter with built-in taint analysis & information flow control. Implements language-level security via custom trust blocks, secret types, and strict execution contexts.

interpreter ocaml security

Last synced: 02 Jul 2025

https://github.com/rohancyberops/ss

This repository contains a collection of powerful shell scripts designed to enhance automation, security, and system management. Whether you're an IT professional, ethical hacker, or system administrator, these scripts will help streamline your workflow and improve efficiency.

automation security shell systemmanagement

Last synced: 15 Mar 2025

https://github.com/dimon222/py-vmsshgen

Automatic generation of SSH keys for VM

automation hacktoberfest python security ssh

Last synced: 12 Jun 2025

https://github.com/fhnw-imvs/fhnw-kubeseccontext

Keep your Kubernetes workloads in tune — secure and functional.

hardening kubernetes runtime-security security security-context

Last synced: 14 Jan 2026

https://github.com/lombiq/orchard-antispam

An Orchard module for better spam protection.

orchard orchard-cms orchard-module security

Last synced: 04 Apr 2025

https://github.com/safful/smart-contract-reports

A home for popular audit reports: code4rena, sherlock, codehawks ... request contract audit: https://safful.com

security security-audit solidity solidity-audit solidity-codes solidity-contracts

Last synced: 09 Apr 2025

https://github.com/seism0saurus/nikto-inspec

This is a custom inspec inspec from Ulrich Viefhaus. This is neither an official product of inspec nor nikto. The profile test an http/https server with the open source web server scanner nikto2. Nikto checks for known insecure files on the webserver, outdated software versions and insecure configuration items. You can customoze the profile with attribute files and set hosts, ports and commandline options.

devops inspec nikto security

Last synced: 08 Oct 2025

https://github.com/kasukusakura/authorization

A library & application, for server side 2FA verify

java security security-tools two-factor two-factor-authentication verify

Last synced: 30 Jun 2025

https://github.com/prappo/security-camera-ai

YOLO based security camera server with frontend to manage the security rules

ai security vison yolo

Last synced: 27 Oct 2025

https://github.com/morphy2k/pwned-check

It checks if your password have been pwned via haveibeenpwned.com

check cli go hash haveibeenpwned password pwned security

Last synced: 23 Mar 2025

https://github.com/f33rni/homeland-sees

RaspberryPi / OrangePi based simple automated surveillance camera project with Telegram bot integration

bot camera ffmpeg home-security orange-pi orangepi python raspberry-pi security surveillance telegram telegram-bot

Last synced: 20 Apr 2026

https://github.com/antitree/bsidesroc2017ctf

Temporary repo for BSidesROC 2017 CTF challenges.

ctf security tor

Last synced: 18 Jan 2026

https://github.com/akwaaba-xyz/urkel

A gRPC client and HTTP wrapping server for Open FGA, built in Rust.

access-control authorization fga governance openfga rust security wrapper zanzibar

Last synced: 26 Jan 2026

https://github.com/r3nanp/portscanner

🔒 It's a port scanner available from a vulnerable website.

port-scanner portscanner security

Last synced: 06 Jul 2026

https://github.com/baerwang/sec_craw

一个方便安全研究人员获取每日安全日报的爬虫,目前爬取范围包括90sec、看雪论坛、v2ex、精易论坛、52破解论坛等实验室博客,持续更新中。

crawler security security-tools threat threat-intelligence

Last synced: 04 Jul 2025

https://github.com/masterlittle/hibpnotifer

Checks for breaches for an email against the HaveIBeenPwned Database and allows sending emails and slack notications along with integrating with GSuite to automate breach detection for enterprise employees.

breach compromised-emails python security

Last synced: 16 Mar 2025

https://github.com/miccy/dont-be-shy-hulud

🪱 NPM Worm Defense Guide: Detection, remediation & prevention for Shai-Hulud 2.0 and beyond!

article bun defense detection devops malware malware-detection ncident-response nodejs npm security security-audit security-tools shai-hulud shai-hulud-detector supply-chain worm

Last synced: 13 Jan 2026

https://github.com/torxed/ssh_mailer

Sends e-mail whenever someone logs in to SSH (Triggers via PAM)

information mail pam security security-audit ssh

Last synced: 24 Mar 2025

https://github.com/elliotwutingfeng/rfc9839

Python library to check for problematic Unicode code points.

assignables cbor control hacktoberfest json noncharacters parse scalars security surrogates unicode xml yaml

Last synced: 12 Apr 2026

https://github.com/pbloem/cleartxt

A simple website (cleartxt.info) designed to quickly inform website owners about the problem of cleartext passwords.

best-practices security website

Last synced: 12 Apr 2026

https://github.com/remotiq/wa2fa-meta

Meta WhatsApp 2FA plugin for Keycloak (Java): OTP login step, phone verification required action, QR verify flow, and login security alerts.

2fa keycloak saml security sso whatsapp

Last synced: 21 Feb 2026

https://github.com/edneedham/cred

A command-line tool to manage secrets and environment variables locally and remotely.

cli rust secrets security

Last synced: 04 Feb 2026

https://github.com/jiprettycool/lunatransfer

📂 Self-hostable Managed File Transfer solution built with Go, featuring API keys, comprehensive audit logging, and real-time WebSocket notifications for secure file exchange.

api api-key audit-logging authentication file-management file-sharing file-transfer go golang jwt managed-file-transfer notifications rate-limiting rest-api secure-transfer security self-hosted websockets

Last synced: 11 Oct 2025

https://github.com/mdjfs/facetrack

Desktop app for security camera systems to track faces

camera detection dvr electron face node onvif react recognition security track webpack

Last synced: 12 Apr 2026

https://github.com/pathak-ashutosh/pedigree-pal

Blockchain-based Dog Pedigree and Ownership Verification System

ethereum security solidity

Last synced: 07 May 2026

https://github.com/codegoalie/sms-safety

Don't give sites your actual phone number

google-cloud-run security sms

Last synced: 08 Apr 2025

https://github.com/norbjd/pasuman

pasuman is a simple command-line password manager

cross-platform go password-manager security

Last synced: 15 Mar 2025

https://github.com/kommitters/.allstar

kommit's OSPO policies for adherence to security best practices

ospo security security-policies

Last synced: 05 Jan 2026

https://github.com/doctena-org/octorules-bunny

Bunny.net Shield WAF provider for octorules

bunny firewall iac octorules security waf yaml

Last synced: 18 Apr 2026

https://github.com/malmichaels-gif/agent-instructions-kit

Keep your AGENTS.md and CLAUDE.md files consistent, safe, and lint-checked

agents automation claude cli devtools github-action prompt-injection security

Last synced: 18 Jan 2026

https://github.com/containerssh/charts

The ContainerSSH Helm charts

devsecops docker kubernetes security ssh

Last synced: 20 Jul 2025

https://github.com/unchase/centurion

:lock: Centurion is intended for auditing information security of computer facilities.

security security-audit security-tools windows

Last synced: 16 Mar 2025

https://github.com/minatsukix86/audiotranscriberbot

AudioTranscriber Bot for Télégram

bot discord python security telegram

Last synced: 30 Apr 2026

https://github.com/rozhakxd/securesqlfirebird

Implementation of user access control using Firebird SQL. Granting and revoking permissions (SELECT, INSERT, UPDATE, DELETE) to simulate real-world database security in a multi-user system.

database firebird firebirdsql flamerobin grant revoke sbd security sql

Last synced: 16 May 2025

https://github.com/withfabian/webtools

Web Tools, Information Gathering, CMS Detection

domain gatering hack hacking information security security-tools tools web website webtools

Last synced: 01 Mar 2025

https://github.com/jakhax/containers-from-scratch

Creating containers from scratch to get better understanding of how containers work

containers docker sandbox security virtualization

Last synced: 16 Jan 2026

https://github.com/infineon/mtb-example-psoc6-security

This is a minimal starter dual-CPU security application template for PSoC™ 62/63 MCU devices. This code example is meant to be a companion to the AN221111 – PSoC™ 6 MCU: Designing a secured system application note. It demonstrates the following features to create a secured system as explained in the application note.

cy8ckit-062-ble cy8ckit-062-wifi-bt cy8ckit-062s2-43012 cy8cproto-062-4343w cy8cproto-062s3-4343w cy8cproto-063-ble security

Last synced: 25 Jun 2025

https://github.com/albertdobmeyer/opentrapp

Desktop GUI for running AI agents with container isolation and skill scanning

ai-agents desktop-app manifest-driven openclaw react rust security tauri

Last synced: 29 May 2026

https://github.com/ch0d/listmk

A simple and effective wordlist creator

c-ansi listmk security tools wordlist wordlist-generator

Last synced: 07 Apr 2025

https://github.com/thecomputeguy/jedi

A web malware analysis framework for PHP-based backends

cms malware-detection python security

Last synced: 26 Apr 2025

https://github.com/xmartlabs/vytallink

VytalLink is a digital health platform connecting personal health data—including Apple Health, Google Fit, and wearables—with AI assistants like ChatGPT and Claude. Includes a Flutter app, Node.js MCP server, and Firebase landing page. Focused on privacy and user control.

ai apple-health artificial-intelligence chatgpt claude fitness flutter google-fit health health-data mcp mobile-app model-context-protocol nodejs privacy security wellness werable

Last synced: 13 Oct 2025

https://github.com/albertdobmeyer/openskill-forge

Offline-first skill workbench with malware scanning for the OpenClaw ecosystem

ai-agents ai-skills clawhub developer-tools moltbook openclaw security security-scanner

Last synced: 29 May 2026

https://github.com/ctkqiang/2d05

这款工具是一种 分布式拒绝服务(DDoS)攻击工具,它能够通过大量虚假流量淹没目标服务器,从而导致其无法正常响应合法请求,最终使系统崩溃或服务中断。🚀💥

2d05 china cpp cpp11 ctkqiang ddos ddos-attacks dos hacking-tool network security simple

Last synced: 04 Jun 2026

https://github.com/ind4skylivey/s1bpassport-guard

Advanced OAuth2 token monitoring, threat detection & forensics for Laravel Passport. Track tokens, detect brute-force attacks, analyze client activity from CLI.

analitics api-security audit authentication cli cybersecurity devops forensics laravel laravel-package laravel-passport monitoring outh2 php red-team security symfony-console threat-detection token-management

Last synced: 13 Jan 2026

https://github.com/icing/prettyplease

shell prompts, inspired by @april

flowers love prompt security shell

Last synced: 10 Jun 2025

https://github.com/kalebers/web_and_network_vulnerability_scanner

Scripts stricted to research on web and network vulnerabilities.

network python research security vulnerability web

Last synced: 15 Mar 2025

https://github.com/eagleEggs/bugBounties

Authorized dislosures of bugbounties that have been resolved

bugbounty bugcrowd fitbit penetration-testing security

Last synced: 10 Mar 2025

https://github.com/laamalif/vuxml-go

FreeBSD VuXML query tool

cli freebsd freebsd-ports security unix vuxml

Last synced: 18 Jan 2026

https://github.com/qeeqbox/network-security-for-qeeqs

qeeqbox.github.io/network-security-for-qeeqs

hands-on infosec-simplified learning network osi-model security

Last synced: 12 Feb 2026

https://github.com/joelayo/kubectl-go-mcp-server

MCP server for secure Kubernetes Interaction via kubectl commands. Enables AI assistants like GitHub Copilot to safely interact with K8s clusters with robust validation and security.

copilot devops go golang k8s-tools kubectl kubernetes mcp-server model-context-protocol security

Last synced: 17 Apr 2026

https://github.com/thearyadev/network_device_logger

Discover assigned IP addresses on your network using a packaged Wireshark packet sniffer

network security

Last synced: 16 Jan 2026

https://github.com/acebot712/promptguard-node

PromptGuard Node.js SDK — Drop-in security for AI applications

ai-firewall ai-safety llm nodejs prompt-injection sdk security typescript

Last synced: 11 Apr 2026

https://github.com/chaphasilor/ble-analyzer-server

A tool for displaying and analyzing Bluetooth Low-Energy (BLE) packet streams in pcapng format. Supports both recorded and live sessions. Server part only.

bluetooth bluetooth-le bluetooth-low-energy pcap pcap-np pentesting security wireshark

Last synced: 15 Mar 2025

https://github.com/noelschwarz/coral

Coral is an open-source, local-first session bridge that lets AI agents borrow a user's already-authenticated browser sessions on a per-site, per-action, fully audited basis.

agents ai ai-agents browser-automation chrome-extension local-first mcp model-context playwright python security session-management

Last synced: 20 Jun 2026