Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-04-03 00:27:13 UTC
- JSON Representation
https://github.com/security-code-scan/security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
analysis analyzer code dotnet owasp roslyn scan scanner security static static-analysis static-code-analysis
Last synced: 23 Mar 2025
https://github.com/tclahr/uac
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
aix collector computer-forensics dfir esxi forensics freebsd incident-response linux live-response macos netbsd netscaler openbsd script security shell solaris terminal triage
Last synced: 14 May 2025
https://github.com/doridori/android-security-reference
A W.I.P Android Security Ref
Last synced: 02 Apr 2025
https://github.com/puliczek/cve-2021-44228-poc-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
bugbounttips bugbounty bugbounty-writeups cve cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity exploit hacking log4j payload pentest pentesting poc red-team security security-writeups writeups
Last synced: 13 Apr 2025
https://github.com/doridori/Android-Security-Reference
A W.I.P Android Security Ref
Last synced: 19 Mar 2025
https://github.com/nyxiereal/xtoolbox
XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!
debloat debloater declutter decrapify linux python python-3 python3 security toolbox toolkit windows windows-10 windows-11 windows-11-debloat
Last synced: 24 Jan 2026
https://github.com/mcginty/snow
A Rust implementation of the Noise Protocol Framework
crypto cryptography noise noise-protocol noise-protocol-framework rust security
Last synced: 13 May 2025
https://github.com/angorafuzzer/angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 02 Apr 2025
https://github.com/qwqdanchun/DcRat
A simple remote tool in C#.
backdoor c-sharp control dcrat dotnet infosec rat red-team remote remote-control remote-desktop security windows
Last synced: 11 Jul 2025
https://github.com/adi0x90/attifyos
Attify OS - Distro for pentesting IoT devices
embedded exploitation hacking hardware internet-of-things iot iot-pentesting security
Last synced: 11 Jul 2025
https://github.com/typeerror/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 14 May 2025
https://github.com/danielrobbins/keychain
A manager for ssh-agent and gpg-agent
gpg gpg-key security security-tools shell ssh ssh-client ssh-key
Last synced: 19 Feb 2026
https://github.com/bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
application-security business-security code-audit ids ips security security-audit security-scanner security-tools security-vulnerability vulnerabilities vulnerability-scanners
Last synced: 15 May 2025
https://github.com/TypeError/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 26 Mar 2025
https://github.com/Microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 16 Mar 2025
https://github.com/duaraghav8/ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 May 2025
https://github.com/Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
backdoor conpty golang hacking penetration-testing penetration-testing-tools remote-admin-tool remote-shell reverse-shell security security-tools ssh terminal
Last synced: 29 Mar 2025
https://github.com/ohmybahgosh/RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
hashcat password-safety password-strength rockyou rockyou2021 security security-audit security-vulnerability wordlist wordlists wordlists-dictionary-collection
Last synced: 27 Mar 2025
https://github.com/duaraghav8/Ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 Mar 2025
https://github.com/globocom/secdevlabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 08 Sep 2025
https://github.com/globocom/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 29 Apr 2025
https://github.com/ViRb3/magisk-frida
🔐 Run frida-server on boot with Magisk, always up-to-date
android exploitation frida magisk reverse-engineering root security
Last synced: 20 Mar 2025
https://github.com/AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 27 Sep 2025
https://github.com/zaproxy/zap-extensions
ZAP Add-ons
appsec dast hacktoberfest opensource security security-scanner zap zaproxy
Last synced: 01 Apr 2026
https://github.com/in-toto/in-toto
in-toto is a framework to protect supply chain integrity.
new-york-university secure-systems-lab security supply-chain
Last synced: 13 May 2025
https://github.com/gojue/ebpf-slide
Collection of Linux eBPF slides/documents.
cloudnative ebpf ebpf-document ebpf-slide linux security tracing
Last synced: 12 Apr 2025
https://github.com/projectcalico/felix
Project Calico's per-host agent Felix, responsible for programming routes and security policy.
calico-felix containers docker felix go golang kubernetes networking policy security
Last synced: 27 Mar 2026
https://github.com/target/strelka
Real-time, container-based file scanning at enterprise scale
cfc detection golang python3 security target-cfc yara
Last synced: 13 May 2025
https://github.com/swiftyapp/swifty
🔑 Free Offline-first Password Manager
cipher credentials cryptography desktop desktop-app electron encryption javascript linux macos password password-manager privacy privacy-tools security windows
Last synced: 15 May 2025
https://github.com/go-webauthn/webauthn
Webauthn/FIDO2 library in golang
ctap2 fido2 go golang passwordless passwordless-authentication security webauthn
Last synced: 16 Jan 2026
https://github.com/safedep/vet
Protect against malicious open source packages 🤖
devsecops golang hacktoberfest npm policy-as-code pypi rubygems security software-composition-analysis static-analysis supply-chain-security
Last synced: 09 Feb 2026
https://github.com/paragonie/sodium_compat
Pure PHP polyfill for ext/sodium
blake2b cryptography cryptography-library curve25519 ed25519 libsodium php php-polyfill security siphash sodium sodium-compat x25519 xchacha20-poly1305 xsalsa20poly1305
Last synced: 14 May 2025
https://github.com/ayoubfathi/leaky-paths
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
appsec axiom bugbounty dirbuster dirsearch ffuf fuzzing hacktoberfest meg nuclei penetration-testing pentest recon redteam redteaming security security-tools subfinder wayback-machine wordlist
Last synced: 11 Jul 2025
https://github.com/nfcgate/nfcgate
An NFC research toolkit application for Android
android android-nfc cloning hacktoberfest hce nfc relay replay security security-audit
Last synced: 10 Jul 2025
https://github.com/silverhack/monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
azure azure-security-audit azuread azuread-scanner azuread-security cis-benchmark entraid entraid-assessments exchangeonline microsoft365 microsoft365-compliance microsoft365-scanner microsoft365-security office365 powershell-module purview security security-tools sharepoint-online
Last synced: 27 Feb 2026
https://github.com/builtbybel/xd-AntiSpy
The successor to xp-AntiSpy, designed for the modern Windows experience
Last synced: 28 Aug 2025
https://github.com/esc4icescesc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 04 Apr 2025
https://github.com/Esc4iCEscEsc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 05 Apr 2025
https://github.com/puliczek/awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
blue-team bugbounttips bugbounty cve-2021-44228 cybersecurity exploit log4j pentesting poc red-team security security-writeups writeups
Last synced: 27 Jan 2026
https://github.com/genuinetools/contained.af
A stupid game for learning about containers, capabilities, and syscalls.
apparmor containers docker game linux opencontainers seccomp security syscalls
Last synced: 16 May 2025
https://github.com/coalfire-research/red-baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
infrastructure-as-code red-teams security security-tools terraform terraform-module
Last synced: 16 May 2025
https://github.com/linuxboot/linuxboot
The LinuxBoot project is working to enable Linux to replace your firmware on all platforms.
bios firmware linux-kernel security uefi
Last synced: 19 Oct 2025
https://github.com/subuser-security/subuser
Run programs on linux with selectively restricted permissions.
containers docker python security
Last synced: 17 Mar 2026
https://github.com/semgrep/semgrep-rules
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
grep-like program-analysis security security-scanner semgrep semgrep-registry semgrep-rules static-analysis
Last synced: 14 May 2025
https://github.com/dvershinin/gixy
NGINX configuration static analyzer
checker configuration linter linting nginx nginx-configuration python security server
Last synced: 02 Apr 2025
https://github.com/baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 17 Jan 2026
https://github.com/cloudgraphdev/cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
aws azure cis cloud cspm developer-tools devops devops-tools gcp graphql iso kubernetes nist pci security security-audit security-tools tencent
Last synced: 01 Apr 2025
https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
bugbounty hacking hacking-tool penetration-testing penetration-testing-tools pentesting scanner security security-audit security-scanner security-tools vulnerability-scanners web-cache
Last synced: 04 Apr 2025
https://github.com/endojs/endo
Endo is a distributed secure JavaScript sandbox, based on SES
capabilities captp hardened javascript multi-tenant ocaps powerbox prototype-pollution sandbox security supply-chain
Last synced: 26 Feb 2026
https://github.com/tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 16 May 2025
https://github.com/owasp/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 11 Apr 2025
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 09 May 2025
https://github.com/findneo/Newbie-Security-List
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 13 Mar 2025
https://github.com/findneo/newbie-security-list
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 02 Apr 2025
https://github.com/o1egl/paseto
Platform-Agnostic Security Tokens implementation in GO (Golang)
auth authentication decoder encoder go golang jwt microservice paseto past security soa token
Last synced: 14 May 2025
https://github.com/Tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 30 Mar 2025
https://github.com/microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 13 Mar 2025
https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
apache apache2 bad-words badwords bot-blocker bots gambling-filter porn-filter referer-blocker rogue scanners security spam-blocker spam-filtering spam-prevention spam-protection spam-referers spam-referrer-blocker spambot-security vulnerability-scanners
Last synced: 14 May 2025
https://github.com/omegaee/my-fingerprint
保护你的浏览器指纹 | Protect Your Browser Fingerprints | Chrome, Edge, Firefox | 扩展 / Extension
browser-extension chrome chrome-extension edge edge-extension extension fingerpints fingerprint firefox firefox-extension manifest-v3 safety security typescript
Last synced: 05 Mar 2026
https://github.com/mongodb/kingfisher
Kingfisher is a blazingly fast and highly accurate tool for secret detection and live validation across files, Git repos, GitHub, GitLab, Azure Repos, BitBucket, Gitea, AWS S3, Docker images, Jira, Slack, and Confluence
credentials devsecops scanning secrets secrets-management security
Last synced: 01 Apr 2026
https://github.com/ysrc/gourdscanv2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 12 Apr 2025
https://github.com/BeatSwitch/lock
A flexible, driver based Acl package for PHP 5.4+
Last synced: 27 Apr 2025
https://github.com/phaethon/kamene
Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
network-scanner packet-crafting pcap python3 scapy security sniff
Last synced: 15 May 2025
https://github.com/ysrc/GourdScanV2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 15 May 2025
https://github.com/RustSec/advisory-db
Security advisory database for Rust crates published through crates.io
rust security security-advisories security-audit vulnerabilities
Last synced: 12 Jul 2025
https://github.com/nccgroup/autorepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 25 Oct 2025
https://github.com/nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 19 Apr 2025
https://github.com/numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Last synced: 12 Feb 2026
https://github.com/macmade/keychaincracker
macOS keychain cracking tool
brute-force crack cracking hacking keychain macos password security wordlist
Last synced: 01 Jul 2025
https://github.com/OWASP/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 16 Mar 2025
https://github.com/baroshem/security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 01 Mar 2025
https://github.com/openzeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 14 May 2025
https://github.com/jlospinoso/gargoyle
A memory scanning evasion technique
assembly memory-analysis pic rop-gadgets security x86
Last synced: 04 Apr 2025
https://github.com/OpenZeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 18 Apr 2025
https://github.com/bountyyfi/lonkero
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
appsec cve-scanning cybersecurity hackers offensive-security pentesting pentesting-tools rust security security-automation security-tools vulnerability-assessment vulnerability-scanners waf web-application-security web-pentest web-security webscanner websecurity xss
Last synced: 05 Feb 2026
https://github.com/qtc-de/remote-method-guesser
Java RMI Vulnerability Scanner
bruteforce codebase-attacks cve-2019-2684 deserialization deserialization-attacks java-rmi pentesting remote-method-guessing rmg rmi rmi-registry rmi-server security
Last synced: 16 May 2025
https://github.com/noraj/haiti
:key: Hash type identifier (CLI & lib)
ctf ctf-tools cyber cybersecurity digest hacking hackthebox hacktoberfest hash hashing identify infosec pentest pentest-tool pentest-tools pentesting security security-tools tool tryhackme
Last synced: 02 Jan 2026
https://github.com/pingooio/pingoo
The fast and secure Load Balancer / API Gateway / Reverse Proxy with built-in service discovery, GeoIP, WAF, bot protection and much more - https://pingoo.io
akamai anti-bot apache2 api api-gateway captcha cloudflare fastly firewall haproxy load-balancer nginx pingoo proxy quic reverse-proxy rust security service-discovery waf
Last synced: 16 Jan 2026
https://github.com/thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
certificate-transparency certstream cybersecurity django incident-response misp monitoring nltk osint osint-python phishing reactjs rss-bridge security thehive threat-detection threat-hunting threat-intelligence watcher webapp
Last synced: 07 Apr 2025
https://github.com/EnableSecurity/sipvicious
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
audit-sip hacking-tools password-cracker security security-tools sip svcrack svcrash svmap svwar voip war-dial
Last synced: 14 Mar 2025
https://github.com/secureCodeBox/secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
devsecops hacktoberfest kubernetes kubernetes-operator owasp owasp-zap securecodebox security security-automation security-testing security-tools
Last synced: 30 Mar 2025
https://github.com/vincentcox/stacoan
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
bugbounty mobile-security security security-tools static-code-analysis
Last synced: 04 Apr 2025
https://github.com/nyxiereal/XToolbox
XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!
debloat debloater declutter decrapify linux python python-3 python3 security toolbox toolkit windows windows-10 windows-11 windows-11-debloat
Last synced: 04 Sep 2025
https://github.com/macmade/KeychainCracker
macOS keychain cracking tool
brute-force crack cracking hacking keychain macos password security wordlist
Last synced: 11 Jul 2025
https://github.com/JLospinoso/gargoyle
A memory scanning evasion technique
assembly memory-analysis pic rop-gadgets security x86
Last synced: 11 Jul 2025
https://github.com/Ullaakut/Gorsair
Gorsair gives root access on remote docker containers that expose their APIs
docker infosec netsec nmap penetration-testing pentesting security
Last synced: 03 May 2025
