Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-11 00:27:45 UTC
- JSON Representation
https://github.com/bricks-cloud/BricksLLM
🔒 Enterprise-grade API gateway that helps you monitor and impose cost or rate limits per API key. Get fine-grained access control and monitoring per user, application, or environment. Supports OpenAI, Azure OpenAI, Anthropic, vLLM, and open-source LLMs.
ai anthropic api artificial-intelligence azure docker generative-ai golang gpt llm open-source openai postgresql privacy rest-api security self-hosted vllm ycombinator
Last synced: 09 Apr 2025
https://github.com/sigstore/rekor
Software Supply Chain Transparency Log
provenance security supply-chain transparency-log
Last synced: 14 May 2025
https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin
Free Elasticsearch security plugin and Kibana security plugin: super-easy Kibana multi-tenancy, Encryption, Authentication, Authorization, Auditing
elasticsearch elasticsearch-plugin elasticsearch-security java kibana netty security
Last synced: 13 Apr 2025
https://github.com/grapheneX/grapheneX
Automated System Hardening Framework
hacktoberfest hardening hardening-commands security
Last synced: 09 Jul 2025
https://github.com/whitesmith/hawkpost
Generate links that users can use to submit messages encrypted with your public key.
django email gpg-encryption hacktoberfest openpgp openpgpjs python python3 security webapp
Last synced: 24 Mar 2025
https://github.com/CharlesPikachu/pytools
Pytools: Some useful tools written by pure python.
hubble music-player pyqt5 python3 qrcode security tools
Last synced: 09 Jul 2025
https://github.com/enablesecurity/sipvicious
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
audit-sip hacking-tools password-cracker security security-tools sip svcrack svcrash svmap svwar voip war-dial
Last synced: 14 May 2025
https://github.com/enlightn/enlightn
Your performance & security consultant, an artisan command away.
audit code-quality code-review dynamic-analysis laravel performance security static-analysis
Last synced: 14 May 2025
https://github.com/microsoft/devskim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 13 May 2025
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
bugbounttips bugbounty bugbounty-writeups cve cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity exploit hacking log4j payload pentest pentesting poc red-team security security-writeups writeups
Last synced: 15 May 2025
https://github.com/security-code-scan/security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
analysis analyzer code dotnet owasp roslyn scan scanner security static static-analysis static-code-analysis
Last synced: 23 Mar 2025
https://github.com/tclahr/uac
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
aix collector computer-forensics dfir esxi forensics freebsd incident-response linux live-response macos netbsd netscaler openbsd script security shell solaris terminal triage
Last synced: 14 May 2025
https://github.com/puliczek/cve-2021-44228-poc-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
bugbounttips bugbounty bugbounty-writeups cve cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity exploit hacking log4j payload pentest pentesting poc red-team security security-writeups writeups
Last synced: 13 Apr 2025
https://github.com/doridori/Android-Security-Reference
A W.I.P Android Security Ref
Last synced: 19 Mar 2025
https://github.com/doridori/android-security-reference
A W.I.P Android Security Ref
Last synced: 02 Apr 2025
https://github.com/nyxiereal/xtoolbox
XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!
debloat debloater declutter decrapify linux python python-3 python3 security toolbox toolkit windows windows-10 windows-11 windows-11-debloat
Last synced: 24 Jan 2026
https://github.com/mcginty/snow
A Rust implementation of the Noise Protocol Framework
crypto cryptography noise noise-protocol noise-protocol-framework rust security
Last synced: 13 May 2025
https://github.com/angorafuzzer/angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 02 Apr 2025
https://github.com/qwqdanchun/DcRat
A simple remote tool in C#.
backdoor c-sharp control dcrat dotnet infosec rat red-team remote remote-control remote-desktop security windows
Last synced: 11 Jul 2025
https://github.com/adi0x90/attifyos
Attify OS - Distro for pentesting IoT devices
embedded exploitation hacking hardware internet-of-things iot iot-pentesting security
Last synced: 11 Jul 2025
https://github.com/typeerror/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 22 Apr 2026
https://github.com/danielrobbins/keychain
A manager for ssh-agent and gpg-agent
gpg gpg-key security security-tools shell ssh ssh-client ssh-key
Last synced: 19 Feb 2026
https://github.com/cisco-ai-defense/mcp-scanner
Scan MCP servers for potential threats & security findings.
Last synced: 29 May 2026
https://github.com/zaproxy/zap-extensions
ZAP Add-ons
appsec dast hacktoberfest opensource security security-scanner zap zaproxy
Last synced: 09 Jun 2026
https://github.com/bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
application-security business-security code-audit ids ips security security-audit security-scanner security-tools security-vulnerability vulnerabilities vulnerability-scanners
Last synced: 15 May 2025
https://github.com/TypeError/secure
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security
Last synced: 26 Mar 2025
https://github.com/Microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 16 Mar 2025
https://github.com/duaraghav8/ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 May 2025
https://github.com/duaraghav8/Ethlint
(Formerly Solium) Code quality & Security Linter for Solidity
ethereum lint security smart-contracts solidity
Last synced: 13 Mar 2025
https://github.com/ohmybahgosh/RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
hashcat password-safety password-strength rockyou rockyou2021 security security-audit security-vulnerability wordlist wordlists wordlists-dictionary-collection
Last synced: 27 Mar 2025
https://github.com/Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
backdoor conpty golang hacking penetration-testing penetration-testing-tools remote-admin-tool remote-shell reverse-shell security security-tools ssh terminal
Last synced: 29 Mar 2025
https://github.com/globocom/secdevlabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 08 Sep 2025
https://github.com/ViRb3/magisk-frida
🔐 Run frida-server on boot with Magisk, always up-to-date
android exploitation frida magisk reverse-engineering root security
Last synced: 20 Mar 2025
https://github.com/globocom/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 29 Apr 2025
https://github.com/AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 27 Sep 2025
https://github.com/in-toto/in-toto
in-toto is a framework to protect supply chain integrity.
new-york-university secure-systems-lab security supply-chain
Last synced: 13 May 2025
https://github.com/gojue/ebpf-slide
Collection of Linux eBPF slides/documents.
cloudnative ebpf ebpf-document ebpf-slide linux security tracing
Last synced: 12 Apr 2025
https://github.com/projectcalico/felix
Project Calico's per-host agent Felix, responsible for programming routes and security policy.
calico-felix containers docker felix go golang kubernetes networking policy security
Last synced: 27 Mar 2026
https://github.com/target/strelka
Real-time, container-based file scanning at enterprise scale
cfc detection golang python3 security target-cfc yara
Last synced: 13 May 2025
https://github.com/go-webauthn/webauthn
Webauthn/FIDO2 library in golang
ctap2 fido2 go golang passwordless passwordless-authentication security webauthn
Last synced: 10 Apr 2026
https://github.com/swiftyapp/swifty
🔑 Free Offline-first Password Manager
cipher credentials cryptography desktop desktop-app electron encryption javascript linux macos password password-manager privacy privacy-tools security windows
Last synced: 15 May 2025
https://github.com/paragonie/sodium_compat
Pure PHP polyfill for ext/sodium
blake2b cryptography cryptography-library curve25519 ed25519 libsodium php php-polyfill security siphash sodium sodium-compat x25519 xchacha20-poly1305 xsalsa20poly1305
Last synced: 14 May 2025
https://github.com/ayoubfathi/leaky-paths
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
appsec axiom bugbounty dirbuster dirsearch ffuf fuzzing hacktoberfest meg nuclei penetration-testing pentest recon redteam redteaming security security-tools subfinder wayback-machine wordlist
Last synced: 11 Jul 2025
https://github.com/nfcgate/nfcgate
An NFC research toolkit application for Android
android android-nfc cloning hacktoberfest hce nfc relay replay security security-audit
Last synced: 10 Jul 2025
https://github.com/silverhack/monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
azure azure-security-audit azuread azuread-scanner azuread-security cis-benchmark entraid entraid-assessments exchangeonline microsoft365 microsoft365-compliance microsoft365-scanner microsoft365-security office365 powershell-module purview security security-tools sharepoint-online
Last synced: 27 Feb 2026
https://github.com/builtbybel/xd-AntiSpy
The successor to xp-AntiSpy, designed for the modern Windows experience
Last synced: 28 Aug 2025
https://github.com/esc4icescesc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 04 Apr 2025
https://github.com/puliczek/awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
blue-team bugbounttips bugbounty cve-2021-44228 cybersecurity exploit log4j pentesting poc red-team security security-writeups writeups
Last synced: 27 Jan 2026
https://github.com/Esc4iCEscEsc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 05 Apr 2025
https://github.com/genuinetools/contained.af
A stupid game for learning about containers, capabilities, and syscalls.
apparmor containers docker game linux opencontainers seccomp security syscalls
Last synced: 16 May 2025
https://github.com/coalfire-research/red-baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
infrastructure-as-code red-teams security security-tools terraform terraform-module
Last synced: 16 May 2025
https://github.com/linuxboot/linuxboot
The LinuxBoot project is working to enable Linux to replace your firmware on all platforms.
bios firmware linux-kernel security uefi
Last synced: 19 Oct 2025
https://github.com/subuser-security/subuser
Run programs on linux with selectively restricted permissions.
containers docker python security
Last synced: 17 Mar 2026
https://github.com/semgrep/semgrep-rules
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
grep-like program-analysis security security-scanner semgrep semgrep-registry semgrep-rules static-analysis
Last synced: 14 May 2025
https://github.com/dvershinin/gixy
NGINX configuration static analyzer
checker configuration linter linting nginx nginx-configuration python security server
Last synced: 02 Apr 2025
https://github.com/baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 17 Jan 2026
https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
bugbounty hacking hacking-tool penetration-testing penetration-testing-tools pentesting scanner security security-audit security-scanner security-tools vulnerability-scanners web-cache
Last synced: 04 Apr 2025
https://github.com/cloudgraphdev/cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
aws azure cis cloud cspm developer-tools devops devops-tools gcp graphql iso kubernetes nist pci security security-audit security-tools tencent
Last synced: 01 Apr 2025
https://github.com/tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 16 May 2025
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 09 May 2025
https://github.com/owasp/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 11 Apr 2025
https://github.com/findneo/Newbie-Security-List
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 13 Mar 2025
https://github.com/findneo/newbie-security-list
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 02 Apr 2025
https://github.com/Tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 30 Mar 2025
https://github.com/o1egl/paseto
Platform-Agnostic Security Tokens implementation in GO (Golang)
auth authentication decoder encoder go golang jwt microservice paseto past security soa token
Last synced: 14 May 2025
https://github.com/microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 13 Mar 2025
https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
apache apache2 bad-words badwords bot-blocker bots gambling-filter porn-filter referer-blocker rogue scanners security spam-blocker spam-filtering spam-prevention spam-protection spam-referers spam-referrer-blocker spambot-security vulnerability-scanners
Last synced: 14 May 2025
https://github.com/omegaee/my-fingerprint
保护你的浏览器指纹 | Protect Your Browser Fingerprints | Chrome, Edge, Firefox | 扩展 / Extension
browser-extension chrome chrome-extension edge edge-extension extension fingerpints fingerprint firefox firefox-extension manifest-v3 safety security typescript
Last synced: 05 Mar 2026
https://github.com/usnistgov/oscal
Open Security Controls Assessment Language (OSCAL)
assessment authorization automation compliance json nist oscal schema security xml yaml
Last synced: 28 Apr 2026
https://github.com/ysrc/gourdscanv2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 12 Apr 2025
https://github.com/BeatSwitch/lock
A flexible, driver based Acl package for PHP 5.4+
Last synced: 27 Apr 2025
https://github.com/ysrc/GourdScanV2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 15 May 2025
https://github.com/phaethon/kamene
Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
network-scanner packet-crafting pcap python3 scapy security sniff
Last synced: 15 May 2025
https://github.com/RustSec/advisory-db
Security advisory database for Rust crates published through crates.io
rust security security-advisories security-audit vulnerabilities
Last synced: 12 Jul 2025
https://github.com/numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Last synced: 12 Feb 2026
https://github.com/nccgroup/autorepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 25 Oct 2025
https://github.com/nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 19 Apr 2025
https://github.com/macmade/keychaincracker
macOS keychain cracking tool
brute-force crack cracking hacking keychain macos password security wordlist
Last synced: 01 Jul 2025
https://github.com/OWASP/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 16 Mar 2025
https://github.com/baroshem/security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 01 Mar 2025
https://github.com/openzeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 14 May 2025
https://github.com/jlospinoso/gargoyle
A memory scanning evasion technique
assembly memory-analysis pic rop-gadgets security x86
Last synced: 04 Apr 2025
https://github.com/OpenZeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 18 Apr 2025
https://github.com/bountyyfi/lonkero
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
appsec cve-scanning cybersecurity hackers offensive-security pentesting pentesting-tools rust security security-automation security-tools vulnerability-assessment vulnerability-scanners waf web-application-security web-pentest web-security webscanner websecurity xss
Last synced: 05 Feb 2026
https://github.com/qtc-de/remote-method-guesser
Java RMI Vulnerability Scanner
bruteforce codebase-attacks cve-2019-2684 deserialization deserialization-attacks java-rmi pentesting remote-method-guessing rmg rmi rmi-registry rmi-server security
Last synced: 16 May 2025
https://github.com/pingooio/pingoo
The fast and secure Load Balancer / API Gateway / Reverse Proxy with built-in service discovery, GeoIP, WAF, bot protection and much more - https://pingoo.io
akamai anti-bot apache2 api api-gateway captcha cloudflare fastly firewall haproxy load-balancer nginx pingoo proxy quic reverse-proxy rust security service-discovery waf
Last synced: 16 Jan 2026
https://github.com/noraj/haiti
:key: Hash type identifier (CLI & lib)
ctf ctf-tools cyber cybersecurity digest hacking hackthebox hacktoberfest hash hashing identify infosec pentest pentest-tool pentest-tools pentesting security security-tools tool tryhackme
Last synced: 02 Jan 2026
