Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-01-16 00:29:24 UTC
- JSON Representation
https://github.com/netflix-skunkworks/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
Last synced: 12 Apr 2025
https://github.com/ansjdnakjdnajkd/ios
Most usable tools for iOS penetration testing
apple cheatsheet frida ghidra information-security information-security-research infosec ios jailbreak keychain macos objection objective-c pentest research security security-tools slides swift tools
Last synced: 02 Apr 2025
https://github.com/wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
fuzzer penetration-testing perl security traversal
Last synced: 16 May 2025
https://github.com/zoneminder/zmninja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 14 May 2025
https://github.com/Netflix-Skunkworks/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
Last synced: 23 Mar 2025
https://github.com/urbanadventurer/username-anarchy
Username tools for penetration testing
kali-linux offensive-security osint osint-tool redteam security username-generator
Last synced: 16 May 2025
https://github.com/genuinetools/amicontained
Container introspection tool. Find out what container runtime is being used as well as features available.
apparmor capabilities container-introspection containers docker libvirt linux lxc namespaces opencontainers openvz rkt security systemd-nspawn
Last synced: 12 Jan 2026
https://github.com/topscoder/nuclei-wordfence-cve
The EXCLUSIVE Collection of 50,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
bugbounty cve exploits nuclei nuclei-templates pentesting projectdiscovery scanner security vulnerability vulnerability-scanning wordfence wordpress
Last synced: 15 May 2025
https://github.com/GreenmaskIO/greenmask
PostgreSQL database anonymization and synthetic data generation tool
anonymization deterministic dump golang masking obfuscation obfuscator postgresql restore s3 security security-tools staging synthetic-data transform
Last synced: 05 Apr 2025
https://github.com/RickdeJager/stegseek
:zap: Worlds fastest steghide cracker, chewing through millions of passwords per second :zap:
brute-force cracking ctf ctf-tools pentesting security steganography stegcracker steghide stego
Last synced: 12 Apr 2025
https://github.com/ansjdnakjdnajkd/iOS
Most usable tools for iOS penetration testing
apple cheatsheet frida ghidra information-security information-security-research infosec ios jailbreak keychain macos objection objective-c pentest research security security-tools slides swift tools
Last synced: 15 May 2025
https://github.com/RobThree/TwoFactorAuth
PHP library for Two Factor Authentication (TFA / 2FA)
multi-factor php qrcode security totp two-factor twofactorauth
Last synced: 14 Mar 2025
https://github.com/akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
api-discovery api-security api-security-testing api-testing authentication authorization devsecops devsecops-pipeline hacktoberfest hacktoberfest2023 idor owasp-top-10 security security-testing sensitive-data-exposure threat-detection
Last synced: 19 Jan 2026
https://github.com/duo-labs/webauthn
WebAuthn (FIDO2) server library written in Go
authentication fido2 security u2f webauthn webauthn-library
Last synced: 28 Sep 2025
https://github.com/ffffffff0x/aboutsecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
bounty bypass cheatsheet ctf dictionary ffffffff0x fuzz hacking infosec infrastructure methodology payload penetration-testing pentest pentesting redteam security
Last synced: 12 Sep 2025
https://github.com/rastating/wordpress-exploit-framework
A Ruby framework designed to aid in the penetration testing of WordPress systems.
exploits security security-audit wordpress wordpress-exploit-framework
Last synced: 29 Sep 2025
https://github.com/rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
enumeration pentesting security wappalyzer
Last synced: 02 Apr 2025
https://github.com/ZoneMinder/zmNinja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 14 Mar 2025
https://github.com/ffffffff0x/AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
bounty bypass cheatsheet ctf dictionary ffffffff0x fuzz hacking infosec infrastructure methodology payload penetration-testing pentest pentesting redteam security
Last synced: 02 Apr 2025
https://github.com/ZoneMinder/zmninja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 31 Mar 2025
https://github.com/brucewind/aesjniencrypt
🛡 Make safest code in Android. (基于libsodium实现chacha20算法,key在native中,防止被二次打包){长期维护,请star,勿fork}
aes android chacha-poly1305 chacha20 chacha20-poly1305 cmake decryption encryption libsodium ndk obfuscator security signature-verification
Last synced: 07 Oct 2025
https://github.com/wssheldon/osintui
OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys
analysis osint rust security shodan threatintel tui virustotal
Last synced: 08 Apr 2025
https://github.com/BruceWind/AESJniEncrypt
🛡 Make safest code in Android. (基于libsodium实现chacha20算法,key在native中,防止被二次打包){长期维护,请star,勿fork}
aes android chacha-poly1305 chacha20 chacha20-poly1305 cmake decryption encryption libsodium ndk obfuscator security signature-verification
Last synced: 27 Mar 2025
https://github.com/rhaidiz/broxy
An HTTP/HTTPS intercept proxy written in Go.
broxy go golang hacking http-interceptor http-proxy http-security interceptor penetration-testing penetration-testing-tools proxy qt-wrapper qt5-gui security wapt websecurity
Last synced: 13 Apr 2025
https://github.com/alcideio/rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
access-control acl authorization cluster k8s-cluster krew-plugin kubectl kubectl-plugin kubernetes kubernetes-api kubernetes-rbac least-privilege permissions podsecuritypolicies rapid7 rbac security who-can whoami
Last synced: 14 May 2025
https://github.com/edoardottt/scilla
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
bugbounty directories-enumeration dns-enumeration enumeration hacking hacking-tool hacktoberfest information-gathering information-retrieval network penetration-testing pentesting port-enumeration portscanner recon reconnaissance security security-tools subdomain-scanner subdomains-enumeration
Last synced: 14 May 2025
https://github.com/OpenVPN/openvpn3
OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.
Last synced: 14 May 2025
https://github.com/netflix-skunkworks/sketchy
A task based API for taking screenshots and scraping text from websites.
Last synced: 18 Dec 2025
https://github.com/vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
aks automation aws azure container-security containers devops docker docker-security eks gke informationsecurity infosec kubernetes kubernetes-security security security-audit security-tools
Last synced: 30 Mar 2025
https://github.com/Netflix-Skunkworks/sketchy
A task based API for taking screenshots and scraping text from websites.
Last synced: 14 Mar 2025
https://github.com/ajinabraham/cmsscan
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
automation devsecops drupal joomla security security-dashboard vbulletin wordpress
Last synced: 12 Apr 2025
https://github.com/efforg/crocodilehunter
Taking one back for Steve Irwin (๑•̀ㅂ•́)و
4g bladerf imsi-catcher imsi-catchers libbladerf lte raspberry-pi security usrp wigle
Last synced: 16 May 2025
https://github.com/angelkitty/review_the_national_post-graduate_entrance_examination
🌟复习考研的那些事儿(清华912考研)~~
912 acm algorithm ctf kaoyan oi security tsinghua-university ucore
Last synced: 04 Apr 2025
https://github.com/doyensec/electronegativity
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
electron electron-app nodejs security
Last synced: 15 May 2025
https://github.com/ajinabraham/CMSScan
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
automation devsecops drupal joomla security security-dashboard vbulletin wordpress
Last synced: 02 Apr 2025
https://github.com/SSLMate/certspotter
Certificate Transparency Log Monitor
certificate-transparency pki security x509
Last synced: 06 Apr 2025
https://github.com/APTRS/APTRS
Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline your security workflows effortlessly!
aptrs django django-rest-framework infosec penetration-testing pentest pentest-report pentesting pentesting-tools python reactjs report-generator security security-automation typescipt vitejs
Last synced: 15 May 2025
https://github.com/cisagov/LME
Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations secure their infrastructure.
cybersecurity elastic elasticsearch elk elk-stack log logging network-analysis security security-tools zeek
Last synced: 09 Apr 2025
https://github.com/yassineaboukir/sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
bug-bounty certificate-transparency certificate-transparency-logs hacking information-gathering monitoring-tool penetration-testing pentest python reconnaissance security sublert
Last synced: 02 Apr 2025
https://github.com/thehackingsage/hackdroid
Security Apps for Android
android apk apps cryptography dos forensics hacking-tool hid-attacks mitm networking penetration-testing pentesting privacy security sniffing terminal wireless
Last synced: 16 May 2025
https://github.com/EFForg/crocodilehunter
Taking one back for Steve Irwin (๑•̀ㅂ•́)و
4g bladerf imsi-catcher imsi-catchers libbladerf lte raspberry-pi security usrp wigle
Last synced: 25 Mar 2025
https://github.com/AngelKitty/review_the_national_post-graduate_entrance_examination
🌟复习考研的那些事儿(清华912考研)~~
912 acm algorithm ctf kaoyan oi security tsinghua-university ucore
Last synced: 06 Mar 2025
https://github.com/lirantal/npq
🎖safely* install packages with npm or yarn by auditing them as part of your install process
command-line-tool hacktoberfest npm package-manager security security-audit security-tools vulnerabilities
Last synced: 15 May 2025
https://github.com/moloch--/RootTheBox
A Game of Hackers (CTF Scoreboard & Game Manager)
Last synced: 02 Apr 2025
https://github.com/moloch--/rootthebox
A Game of Hackers (CTF Scoreboard & Game Manager)
Last synced: 14 May 2025
https://github.com/GrapheneOS/Camera
Modern camera app focused on privacy and security with QR & barcode scanning.
android camera grapheneos privacy security
Last synced: 16 May 2025
https://github.com/chaterm/Chaterm
Smart, agentic, security AI terminal for devops and cloud practitioners
aiagent bastion codex-cli cursor cyberark pam q-developer-cli security sre ssh terminal vibe-coding vibecoding windsurf
Last synced: 21 Jul 2025
https://github.com/chybeta/code-audit-challenges
Code-Audit-Challenges
audit-challenges ctf nodejs php python security sql waf
Last synced: 04 Apr 2025
https://github.com/CHYbeta/Code-Audit-Challenges
Code-Audit-Challenges
audit-challenges ctf nodejs php python security sql waf
Last synced: 13 Mar 2025
https://github.com/graphenex/graphenex
Automated System Hardening Framework
hacktoberfest hardening hardening-commands security
Last synced: 14 Jan 2026
https://github.com/builtbybel/xd-antispy
The successor to xp-AntiSpy, designed for the modern Windows experience
Last synced: 06 Apr 2025
https://github.com/GamehunterKaan/AutoPWN-Suite
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
cybersecurity exploitation hacking hacking-tools infosec nmap penetration-testing pentesting python python3 scanner scanners scanning security security-tools vulnerability-scanners
Last synced: 06 Apr 2025
https://github.com/jiangsir404/audit-learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
audit code-review php security
Last synced: 02 Apr 2025
https://github.com/rustsec/advisory-db
Security advisory database for Rust crates published through crates.io
rust security security-advisories security-audit vulnerabilities
Last synced: 29 Apr 2025
https://github.com/TryCatchHCF/DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools
Last synced: 27 Mar 2025
https://github.com/zeyad-azima/offensive-resources
A Huge Learning Resources with Labs For Offensive Security Players
api api-security cloud-security cybersecurity hack hacking infrastructure learning mobile mobile-security offensive offensive-security owasp owasp-top-10 red-team red-teaming redteam security web web-security
Last synced: 19 Jan 2026
https://github.com/jiangsir404/Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
audit code-review php security
Last synced: 13 Mar 2025
https://github.com/dvsekhvalnov/jose-jwt
Ultimate Javascript Object Signing and Encryption (JOSE), JSON Web Token (JWT) and Json Web Keys (JWK) Implementation for .NET and .NET Core
encryption federation fips jose json jwa jwe jwk jws jwt jwt-authentication jwt-token netcore oauth2 oidc openid openidconnect security signature
Last synced: 13 May 2025
https://github.com/swisskyrepo/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
cheatsheet hacktoberfest payloads pentest redteam security wiki
Last synced: 04 Apr 2025
https://github.com/swisskyrepo/internalallthethings
Active Directory and Internal Pentest Cheatsheets
cheatsheet hacktoberfest payloads pentest redteam security wiki
Last synced: 03 Apr 2025
https://github.com/googleprojectzero/halfempty
A fast, parallel test case minimization tool.
bisection fuzzing security testcase-reducer
Last synced: 13 Apr 2025
https://github.com/D0n9X1n/hexo-blog-encrypt
Yet, just another hexo plugin for security.
Last synced: 28 Mar 2025
https://github.com/teamssix/TWiki
T Wiki 云安全知识文库,可能是国内首个云安全知识文库?
blog cloud cloudnative cloudsecurity security wiki
Last synced: 11 May 2025
https://github.com/bricks-cloud/BricksLLM
🔒 Enterprise-grade API gateway that helps you monitor and impose cost or rate limits per API key. Get fine-grained access control and monitoring per user, application, or environment. Supports OpenAI, Azure OpenAI, Anthropic, vLLM, and open-source LLMs.
ai anthropic api artificial-intelligence azure docker generative-ai golang gpt llm open-source openai postgresql privacy rest-api security self-hosted vllm ycombinator
Last synced: 09 Apr 2025
https://github.com/sigstore/rekor
Software Supply Chain Transparency Log
provenance security supply-chain transparency-log
Last synced: 14 May 2025
https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin
Free Elasticsearch security plugin and Kibana security plugin: super-easy Kibana multi-tenancy, Encryption, Authentication, Authorization, Auditing
elasticsearch elasticsearch-plugin elasticsearch-security java kibana netty security
Last synced: 13 Apr 2025
https://github.com/grapheneX/grapheneX
Automated System Hardening Framework
hacktoberfest hardening hardening-commands security
Last synced: 09 Jul 2025
https://github.com/whitesmith/hawkpost
Generate links that users can use to submit messages encrypted with your public key.
django email gpg-encryption hacktoberfest openpgp openpgpjs python python3 security webapp
Last synced: 24 Mar 2025
https://github.com/CharlesPikachu/pytools
Pytools: Some useful tools written by pure python.
hubble music-player pyqt5 python3 qrcode security tools
Last synced: 09 Jul 2025
https://github.com/enablesecurity/sipvicious
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
audit-sip hacking-tools password-cracker security security-tools sip svcrack svcrash svmap svwar voip war-dial
Last synced: 14 May 2025
https://github.com/enlightn/enlightn
Your performance & security consultant, an artisan command away.
audit code-quality code-review dynamic-analysis laravel performance security static-analysis
Last synced: 14 May 2025
https://github.com/microsoft/devskim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 13 May 2025
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
bugbounttips bugbounty bugbounty-writeups cve cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity exploit hacking log4j payload pentest pentesting poc red-team security security-writeups writeups
Last synced: 15 May 2025
https://github.com/security-code-scan/security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
analysis analyzer code dotnet owasp roslyn scan scanner security static static-analysis static-code-analysis
Last synced: 23 Mar 2025
https://github.com/teamssix/twiki
T Wiki 云安全知识文库,可能是国内首个云安全知识文库?
blog cloud cloudnative cloudsecurity security wiki
Last synced: 12 Mar 2025
https://github.com/tclahr/uac
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
aix collector computer-forensics dfir esxi forensics freebsd incident-response linux live-response macos netbsd netscaler openbsd script security shell solaris terminal triage
Last synced: 14 May 2025
https://github.com/doridori/android-security-reference
A W.I.P Android Security Ref
Last synced: 02 Apr 2025
https://github.com/puliczek/cve-2021-44228-poc-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
bugbounttips bugbounty bugbounty-writeups cve cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity exploit hacking log4j payload pentest pentesting poc red-team security security-writeups writeups
Last synced: 13 Apr 2025
https://github.com/doridori/Android-Security-Reference
A W.I.P Android Security Ref
Last synced: 19 Mar 2025
https://github.com/mcginty/snow
A Rust implementation of the Noise Protocol Framework
crypto cryptography noise noise-protocol noise-protocol-framework rust security
Last synced: 13 May 2025
https://github.com/angorafuzzer/angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 02 Apr 2025
https://github.com/qwqdanchun/DcRat
A simple remote tool in C#.
backdoor c-sharp control dcrat dotnet infosec rat red-team remote remote-control remote-desktop security windows
Last synced: 11 Jul 2025
https://github.com/typeerror/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 14 May 2025
https://github.com/adi0x90/attifyos
Attify OS - Distro for pentesting IoT devices
embedded exploitation hacking hardware internet-of-things iot iot-pentesting security
Last synced: 11 Jul 2025
https://github.com/bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
application-security business-security code-audit ids ips security security-audit security-scanner security-tools security-vulnerability vulnerabilities vulnerability-scanners
Last synced: 15 May 2025
https://github.com/TypeError/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 26 Mar 2025
https://github.com/Microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 16 Mar 2025
https://github.com/duaraghav8/ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 May 2025
https://github.com/Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
backdoor conpty golang hacking penetration-testing penetration-testing-tools remote-admin-tool remote-shell reverse-shell security security-tools ssh terminal
Last synced: 29 Mar 2025
https://github.com/duaraghav8/Ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 Mar 2025
https://github.com/ohmybahgosh/RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
hashcat password-safety password-strength rockyou rockyou2021 security security-audit security-vulnerability wordlist wordlists wordlists-dictionary-collection
Last synced: 27 Mar 2025
