Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-01-16 00:29:24 UTC
- JSON Representation
https://github.com/ohmybahgosh/RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
hashcat password-safety password-strength rockyou rockyou2021 security security-audit security-vulnerability wordlist wordlists wordlists-dictionary-collection
Last synced: 27 Mar 2025
https://github.com/globocom/secdevlabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 08 Sep 2025
https://github.com/globocom/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 29 Apr 2025
https://github.com/ViRb3/magisk-frida
🔐 Run frida-server on boot with Magisk, always up-to-date
android exploitation frida magisk reverse-engineering root security
Last synced: 20 Mar 2025
https://github.com/AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
afl data-flow-analysis fuzzer fuzzing security symbolic-execution taint-analysis
Last synced: 27 Sep 2025
https://github.com/projectdiscovery/cloudlist
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
asset-management cli cloudsecurity devops hacktoberfest security
Last synced: 14 May 2025
https://github.com/in-toto/in-toto
in-toto is a framework to protect supply chain integrity.
new-york-university secure-systems-lab security supply-chain
Last synced: 13 May 2025
https://github.com/gojue/ebpf-slide
Collection of Linux eBPF slides/documents.
cloudnative ebpf ebpf-document ebpf-slide linux security tracing
Last synced: 12 Apr 2025
https://github.com/projectcalico/felix
Project Calico's per-host agent Felix, responsible for programming routes and security policy.
calico-felix containers docker felix go golang kubernetes networking policy security
Last synced: 17 Dec 2025
https://github.com/target/strelka
Real-time, container-based file scanning at enterprise scale
cfc detection golang python3 security target-cfc yara
Last synced: 13 May 2025
https://github.com/swiftyapp/swifty
🔑 Free Offline-first Password Manager
cipher credentials cryptography desktop desktop-app electron encryption javascript linux macos password password-manager privacy privacy-tools security windows
Last synced: 15 May 2025
https://github.com/go-webauthn/webauthn
Webauthn/FIDO2 library in golang
ctap2 fido2 go golang passwordless passwordless-authentication security webauthn
Last synced: 16 Jan 2026
https://github.com/aquasecurity/trivy-action
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
devsecops github-actions scanner scanning security tools vulnerability
Last synced: 14 May 2025
https://github.com/paragonie/sodium_compat
Pure PHP polyfill for ext/sodium
blake2b cryptography cryptography-library curve25519 ed25519 libsodium php php-polyfill security siphash sodium sodium-compat x25519 xchacha20-poly1305 xsalsa20poly1305
Last synced: 14 May 2025
https://github.com/ayoubfathi/leaky-paths
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
appsec axiom bugbounty dirbuster dirsearch ffuf fuzzing hacktoberfest meg nuclei penetration-testing pentest recon redteam redteaming security security-tools subfinder wayback-machine wordlist
Last synced: 11 Jul 2025
https://github.com/nfcgate/nfcgate
An NFC research toolkit application for Android
android android-nfc cloning hacktoberfest hce nfc relay replay security security-audit
Last synced: 10 Jul 2025
https://github.com/nyxiereal/xtoolbox
XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!
debloat debloater declutter decrapify linux python python-3 python3 security toolbox toolkit windows windows-10 windows-11 windows-11-debloat
Last synced: 13 Apr 2025
https://github.com/silverhack/monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
azure azure-security-audit azuread azuread-scanner azuread-security cis-benchmark entraid entraid-assessments exchangeonline microsoft365 microsoft365-compliance microsoft365-scanner microsoft365-security office365 powershell-module purview security security-tools sharepoint-online
Last synced: 15 Apr 2025
https://github.com/builtbybel/xd-AntiSpy
The successor to xp-AntiSpy, designed for the modern Windows experience
Last synced: 28 Aug 2025
https://github.com/Esc4iCEscEsc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 05 Apr 2025
https://github.com/esc4icescesc/skanuvaty
Dangerously fast DNS/network/port scanner
cybersecurity dns dns-client hacking-tools osint-tool penetration-testing penetration-testing-tools pentest pentesting redteam redteam-tools rust rust-lang scanner security security-tools subdomain-enumeration subdomain-scanner
Last synced: 04 Apr 2025
https://github.com/genuinetools/contained.af
A stupid game for learning about containers, capabilities, and syscalls.
apparmor containers docker game linux opencontainers seccomp security syscalls
Last synced: 16 May 2025
https://github.com/coalfire-research/red-baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
infrastructure-as-code red-teams security security-tools terraform terraform-module
Last synced: 16 May 2025
https://github.com/linuxboot/linuxboot
The LinuxBoot project is working to enable Linux to replace your firmware on all platforms.
bios firmware linux-kernel security uefi
Last synced: 19 Oct 2025
https://github.com/semgrep/semgrep-rules
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
grep-like program-analysis security security-scanner semgrep semgrep-registry semgrep-rules static-analysis
Last synced: 14 May 2025
https://github.com/dvershinin/gixy
NGINX configuration static analyzer
checker configuration linter linting nginx nginx-configuration python security server
Last synced: 02 Apr 2025
https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
bugbounty hacking hacking-tool penetration-testing penetration-testing-tools pentesting scanner security security-audit security-scanner security-tools vulnerability-scanners web-cache
Last synced: 04 Apr 2025
https://github.com/baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 17 Jan 2026
https://github.com/cloudgraphdev/cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
aws azure cis cloud cspm developer-tools devops devops-tools gcp graphql iso kubernetes nist pci security security-audit security-tools tencent
Last synced: 01 Apr 2025
https://github.com/subuser-security/subuser
Run programs on linux with selectively restricted permissions.
containers docker python security
Last synced: 30 Dec 2025
https://github.com/endojs/endo
Endo is a distributed secure JavaScript sandbox, based on SES
capabilities captp hardened javascript multi-tenant ocaps powerbox prototype-pollution sandbox security supply-chain
Last synced: 13 May 2025
https://github.com/owasp/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 11 Apr 2025
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 09 May 2025
https://github.com/tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 16 May 2025
https://github.com/findneo/Newbie-Security-List
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 13 Mar 2025
https://github.com/findneo/newbie-security-list
网络安全学习资料,欢迎补充
ctf greenhand resource-list security websecurity
Last synced: 02 Apr 2025
https://github.com/Tripwire/tripwire-open-source
Open Source Tripwire®
change-detection md5 security security-tools sha1 tripwire
Last synced: 30 Mar 2025
https://github.com/o1egl/paseto
Platform-Agnostic Security Tokens implementation in GO (Golang)
auth authentication decoder encoder go golang jwt microservice paseto past security soa token
Last synced: 14 May 2025
https://github.com/microsoft/DevSkim
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
linter sdl security visual-studio-code-extension visual-studio-extension
Last synced: 13 Mar 2025
https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
apache apache2 bad-words badwords bot-blocker bots gambling-filter porn-filter referer-blocker rogue scanners security spam-blocker spam-filtering spam-prevention spam-protection spam-referers spam-referrer-blocker spambot-security vulnerability-scanners
Last synced: 14 May 2025
https://github.com/ysrc/gourdscanv2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 12 Apr 2025
https://github.com/BeatSwitch/lock
A flexible, driver based Acl package for PHP 5.4+
Last synced: 27 Apr 2025
https://github.com/ysrc/GourdScanV2
被动式漏洞扫描系统
infosec passive-vulnerability-scanner pentesting scanner security security-audit
Last synced: 15 May 2025
https://github.com/phaethon/kamene
Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
network-scanner packet-crafting pcap python3 scapy security sniff
Last synced: 15 May 2025
https://github.com/RustSec/advisory-db
Security advisory database for Rust crates published through crates.io
rust security security-advisories security-audit vulnerabilities
Last synced: 12 Jul 2025
https://github.com/nccgroup/autorepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 25 Oct 2025
https://github.com/numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Last synced: 08 Sep 2025
https://github.com/nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 19 Apr 2025
https://github.com/OWASP/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
appsec owasp-top rails ruby ruby-on-rails security vulnerabilities
Last synced: 16 Mar 2025
https://github.com/macmade/keychaincracker
macOS keychain cracking tool
brute-force crack cracking hacking keychain macos password security wordlist
Last synced: 01 Jul 2025
https://github.com/baroshem/security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 01 Mar 2025
https://github.com/danielrobbins/keychain
A manager for ssh-agent and gpg-agent
gpg gpg-key security security-tools shell ssh ssh-client ssh-key
Last synced: 16 Dec 2025
https://github.com/openzeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 14 May 2025
https://github.com/jlospinoso/gargoyle
A memory scanning evasion technique
assembly memory-analysis pic rop-gadgets security x86
Last synced: 04 Apr 2025
https://github.com/OpenZeppelin/cairo-contracts
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
cairo ethereum security smart-contracts starknet
Last synced: 18 Apr 2025
https://github.com/bountyyfi/lonkero
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
appsec cve-scanning cybersecurity hackers offensive-security pentesting pentesting-tools rust security security-automation security-tools vulnerability-assessment vulnerability-scanners waf web-application-security web-pentest web-security webscanner websecurity xss
Last synced: 18 Jan 2026
https://github.com/qtc-de/remote-method-guesser
Java RMI Vulnerability Scanner
bruteforce codebase-attacks cve-2019-2684 deserialization deserialization-attacks java-rmi pentesting remote-method-guessing rmg rmi rmi-registry rmi-server security
Last synced: 16 May 2025
https://github.com/pingooio/pingoo
The fast and secure Load Balancer / API Gateway / Reverse Proxy with built-in service discovery, GeoIP, WAF, bot protection and much more - https://pingoo.io
akamai anti-bot apache2 api api-gateway captcha cloudflare fastly firewall haproxy load-balancer nginx pingoo proxy quic reverse-proxy rust security service-discovery waf
Last synced: 16 Jan 2026
https://github.com/noraj/haiti
:key: Hash type identifier (CLI & lib)
ctf ctf-tools cyber cybersecurity digest hacking hackthebox hacktoberfest hash hashing identify infosec pentest pentest-tool pentest-tools pentesting security security-tools tool tryhackme
Last synced: 02 Jan 2026
https://github.com/thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
certificate-transparency certstream cybersecurity django incident-response misp monitoring nltk osint osint-python phishing reactjs rss-bridge security thehive threat-detection threat-hunting threat-intelligence watcher webapp
Last synced: 07 Apr 2025
https://github.com/freelabz/secator
secator - the pentester's swiss knife
automation cybersecurity hacking osint pentesting reconnaissance secator security security-audit security-tools vulnerability vulnerability-scanners
Last synced: 24 Mar 2025
https://github.com/EnableSecurity/sipvicious
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
audit-sip hacking-tools password-cracker security security-tools sip svcrack svcrash svmap svwar voip war-dial
Last synced: 14 Mar 2025
https://github.com/secureCodeBox/secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
devsecops hacktoberfest kubernetes kubernetes-operator owasp owasp-zap securecodebox security security-automation security-testing security-tools
Last synced: 30 Mar 2025
https://github.com/nyxiereal/XToolbox
XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!
debloat debloater declutter decrapify linux python python-3 python3 security toolbox toolkit windows windows-10 windows-11 windows-11-debloat
Last synced: 04 Sep 2025
https://github.com/vincentcox/stacoan
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
bugbounty mobile-security security security-tools static-code-analysis
Last synced: 04 Apr 2025
https://github.com/macmade/KeychainCracker
macOS keychain cracking tool
brute-force crack cracking hacking keychain macos password security wordlist
Last synced: 11 Jul 2025
https://github.com/JLospinoso/gargoyle
A memory scanning evasion technique
assembly memory-analysis pic rop-gadgets security x86
Last synced: 11 Jul 2025
https://github.com/ullaakut/gorsair
Gorsair gives root access on remote docker containers that expose their APIs
docker infosec netsec nmap penetration-testing pentesting security
Last synced: 02 Apr 2025
https://github.com/Ullaakut/Gorsair
Gorsair gives root access on remote docker containers that expose their APIs
docker infosec netsec nmap penetration-testing pentesting security
Last synced: 03 May 2025
https://github.com/zaproxy/zap-extensions
ZAP Add-ons
appsec dast hacktoberfest security security-scanner zap zaproxy
Last synced: 02 Apr 2025
https://github.com/hluwa/Wallbreaker
🔨 Break Java Reverse Engineering form Memory World!
android debug debugger frida java python reverseengineering security
Last synced: 27 Mar 2025
https://github.com/SmartContractSecurity/SWC-registry
Smart Contract Weakness Classification and Test Cases
ethereum security smart-contracts
Last synced: 17 Apr 2025
https://github.com/diegocr/netcat
NetCat for Windows
c netcat network penetration-testing pentesting security windows
Last synced: 04 Apr 2025
https://github.com/sethvargo/ratchet
A tool for securing CI/CD workflows with version pinning.
Last synced: 16 May 2025
https://github.com/vincentcox/StaCoAn
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
bugbounty mobile-security security security-tools static-code-analysis
Last synced: 19 Mar 2025
https://github.com/wazuh/wazuh-docker
Wazuh - Docker containers
compliance docker elasticsearch file-integrity-management hacktoberfest hacktoberfest-accepted ids incident-response intrusion-detection log-analysis loganalyzer monitoring ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh
Last synced: 14 May 2025
https://github.com/OWASP/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
devsecops owasp security shift-left
Last synced: 18 Jul 2025
https://github.com/brunty/awesome-checker-services
✅ List of links to the various checkers out there on the web for sites, domains, security etc.
checker dns hacktoberfest list load-testing mail-configuration mobile-friendly security seo speed website website-performance
Last synced: 16 Jan 2026
https://github.com/blabla1337/skf-flask
Security Knowledge Framework (SKF) Python Flask / Angular project
owasp-skf secure-by-default secure-coding security security-audit security-framework security-hardening security-knowledge security-requirements security-standards security-training
Last synced: 03 Apr 2025
https://github.com/phasehq/console
Application secrets and configuration management for developers.
devops django docker dotenv end-to-end-encryption environment-variables nextjs open-source python react secret-management secrets secrets-management security security-tools self-hosting typescript
Last synced: 16 Jan 2026
https://github.com/simpleidserver/simpleidserver
OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core
ciba dotnet-core fapi identity oauth2 openid openid-providers scim2 security uma2
Last synced: 15 May 2025
https://github.com/Zeyad-Azima/Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
api api-security cloud-security cybersecurity hack hacking infrastructure learning mobile mobile-security offensive offensive-security owasp owasp-top-10 red-team red-teaming redteam security web web-security
Last synced: 11 Jul 2025
https://github.com/chromium/hstspreload.org
:lock: Chromium's HSTS preload list submission website.
chrome chromium hsts hstspreload https security
Last synced: 13 Apr 2025
https://github.com/enkidevs/curriculum
👩🏫 👨🏫 The open-source curriculum of Enki!
ai algorithms blockchain chatgpt computer-science css curriculum data-science education enki git gpt4 html java javascript learn-to-code linux python security sql
Last synced: 15 May 2025
https://github.com/octarinesec/kube-scan
kube-scan: Octarine k8s cluster risk assessment tool
cloud-native devops devsecops k8s kubernetes security security-audit security-scanner security-scanners security-tools
Last synced: 18 Jan 2026
https://github.com/legit-labs/legitify
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
ci devops devsecops github gitlab golang sdlc-security security security-scanner supply-chain-security
Last synced: 15 May 2025
https://github.com/prateek147/DVIA-v2
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 11. The current version is writen in Swift and has the following vulnerabilities.
ios-swift jailbreak mobile-app security
Last synced: 12 Jul 2025
https://github.com/darkarp/chromepass
Chromepass - Hacking Chrome Saved Passwords
av-detection chromepass computer-engineering cookies google-chrome hack hacking hacking-chrome hacking-tool hacks hacktoberfest hacktoberfest-accepted hacktoberfest2021 password password-cracker passwords phishing python security
Last synced: 07 May 2025
