Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-04-03 00:27:13 UTC
- JSON Representation
https://github.com/aws-samples/aws-secure-environment-accelerator
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
accelerator aws aws-accelerator customizable customized-architectures landingzone networking security security-automation solution
Last synced: 11 Apr 2025
https://github.com/anaynayak/aws-security-viz
Visualize your aws security groups.
aws aws-cli ec2 graph graphviz json ruby security security-groups visualization viz
Last synced: 14 May 2025
https://github.com/mehulj94/braindamage
Remote administration service which uses twitter as a command and control server
python remote-admin-tool security tool
Last synced: 02 Apr 2025
https://github.com/FloeDesignTechnologies/phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
php php-codesniffer phpcs security static-code-analysis
Last synced: 01 Apr 2025
https://github.com/mehulj94/BrainDamage
Remote administration service which uses twitter as a command and control server
python remote-admin-tool security tool
Last synced: 13 Mar 2025
https://github.com/vdjagilev/nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot), sqlite, excel and d2-lang. Simply put it's nmap converter.
bounty csv d2lang go golang graphviz html json markdown nmap pentesting port-scanner port-scanning scan scanner security security-tools sqlite xml xml-parsing
Last synced: 21 Feb 2026
https://github.com/DFIRKuiper/Kuiper
Digital Forensics Investigation Platform
artifacts dfir digital-forensics incident-response parser security
Last synced: 30 Mar 2025
https://github.com/dromara/mendmix-cloud
Mendmix定位是一站式分布式开发架构开源解决方案及云原生架构技术底座。Mendmix提供了数据库、缓存、消息中间件、分布式定时任务、安全框架、网关以及主流产商云服务快速集成能力。基于Mendmix可以不用关注技术细节快速搭建高并发高可用基于微服务的分布式架构。
cloud-native distributed framework kafka mybatis redis security spring-web springboot springcloud
Last synced: 16 May 2025
https://github.com/hexhive/retrowrite
RetroWrite -- Retrofitting compiler passes through binary rewriting
aarch64 assembly binary-rewriting disassembler reverse-engineering security x86-64
Last synced: 12 Apr 2025
https://github.com/nucypher/nucypher
Threshold Access Control (TACo) Node Runtime
access-control cryptography end-to-end-encryption security web3
Last synced: 14 May 2025
https://github.com/floedesigntechnologies/phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
php php-codesniffer phpcs security static-code-analysis
Last synced: 13 Sep 2025
https://github.com/MrEmpy/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
api bugbounty files hacking javascript js key leak leaked-secrets pentest security tool
Last synced: 20 Jun 2025
https://github.com/gen0cide/gscript
framework to rapidly implement custom droppers for all three major operating systems
cli compiler golang javascript malware security
Last synced: 12 Jan 2026
https://github.com/roddhjav/apparmor.d
Full set of AppArmor policies
apparmor apparmor-profile apparmor-profiles hardening linux mandatory-access-control role-based-access-control security
Last synced: 05 Feb 2026
https://github.com/grapheneos/camera
Modern camera app focused on privacy and security with QR & barcode scanning.
android camera grapheneos privacy security
Last synced: 12 Apr 2025
https://github.com/six2dez/burp-ai-agent
Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more
ai appsec bugbounty burp burp-extensions burp-plugin burp-suite hacking kotlin llm mcp pentesting security web-security
Last synced: 07 Mar 2026
https://github.com/florimondmanca/djangorestframework-api-key
🔐 API key permissions for Django REST Framework
api-key django-rest-framework permissions python security web-api
Last synced: 15 May 2025
https://github.com/HemmeligOrg/Hemmelig.app
Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.
cli decryption encryption gdpr hacktoberfest hacktoberfest2022 onetimesecret password personal-data privacy privacy-enhancing-technologies privacy-protection privacy-tools safe secret security self-hosted sensitive-data
Last synced: 24 Mar 2025
https://github.com/owasp-noir/noir
Attack surface detector that identifies endpoints by static analysis
attack-surface-detector attack-surfaces crystal crystal-lang devsecops endpoints hacktoberfest noir owasp owasp-noir pentesting security
Last synced: 16 Mar 2026
https://github.com/saturneric/gpgfrontend
A modern "Enigma" built on GnuPG brings easy and trustworthy to your privacy life.
crypto decrypt digital-signature encrypt gpg openpgp security security-tools signature-verification
Last synced: 18 Jan 2026
https://github.com/seccubus/seccubus
Easy automated vulnerability scanning, reporting and analysis
analysis filters medusa nessus nikto nmap repeated-scans seccubus security ssllabs testssl vulnerability-detection vulnerability-management
Last synced: 20 Mar 2025
https://github.com/veorq/siphash
High-speed secure pseudorandom function for short messages
c cryptography message-authentication-code pseudorandom-functions security
Last synced: 12 Apr 2025
https://github.com/chengdedeng/waf
:vertical_traffic_light:Web Application Firewall or API Gateway(应用防火墙/API网关)
firewall http-proxy littleproxy security waf
Last synced: 02 Apr 2025
https://github.com/chainreactors/spray
最好用最智能最可控的目录爆破工具 | The most powerful, user-friendly, intelligent, and precise HTTP buster.
redteam security security-tools
Last synced: 15 May 2025
https://github.com/d00movenok/bounceback
↕️🤫 Stealth redirector for your red team operation security
c2 cobalt-strike cybersecurity infrastructure opsec pentest pentesting phishing proxy redirector redteam security
Last synced: 02 Mar 2026
https://github.com/michelin/chopchop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
Last synced: 13 Apr 2025
https://github.com/tamhoang1412/backend-swe-interview-questions
Technical interview questions for backend engineer.
backend database interview networking operating-system programming-paradigm security software-development-process
Last synced: 14 Apr 2025
https://github.com/spencerdodd/kernelpop
kernel privilege escalation enumeration and exploitation framework
enumeration exploits kernel security tools vulnerabilities
Last synced: 21 Jan 2026
https://github.com/duo-labs/webauthn.io
The source code for webauthn.io, a demonstration of WebAuthn.
authentication demo passkeys python security webauthn
Last synced: 14 May 2025
https://github.com/kenryu42/claude-code-safety-net
A Claude Code plugin that acts as a safety net, catching destructive git and filesystem commands before they execute.
claude claude-code claude-code-plugin destructive-commands security
Last synced: 13 Jan 2026
https://github.com/metnew/uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
browser cve javascript security vulnerability xss
Last synced: 02 Apr 2025
https://github.com/brosck/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
api bugbounty files hacking javascript js key leak leaked-secrets pentest security tool
Last synced: 14 Apr 2025
https://github.com/tor2web/Tor2web
Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
aaron-swartz anonimous-proxies confidentiality digital-human-rights freedom-of-information https networking onion-service privacy proxy python security socks5 streaming tor transparency twisted
Last synced: 31 Mar 2025
https://github.com/bytecodealliance/cap-std
Capability-oriented version of the Rust standard library
Last synced: 13 May 2025
https://github.com/dependency-check/dependency-check-sonar-plugin
Integrates Dependency-Check reports into SonarQube
appsec component-analysis nvd owasp security software-security sonar-plugin sonarqube visibility vulnerabilities vulnerable-components
Last synced: 22 Feb 2026
https://github.com/guidovranken/cryptofuzz
Fuzzing cryptographic libraries. Magic bug printer go brrrr.
cryptography fuzzing security testing
Last synced: 17 Jan 2026
https://github.com/ivan-sincek/penetration-testing-cheat-sheet
Work in progress...
bug-bounty ethical-hacking offensive-security penetration-testing red-team-engagement security web web-penetration-testing
Last synced: 27 Feb 2025
https://github.com/authme/authmereloaded
The best authentication plugin for the Bukkit/Spigot API!
authentication authme bukkit bukkit-plugin bukkitdev craftbukkit curseforge database java minecraft minecraft-admin minecraft-plugin security spigot spigot-plugin
Last synced: 14 May 2025
https://github.com/threagile/threagile
Agile Threat Modeling Toolkit
agile architecture cicd devsecops infosec risk-analysis risk-management security threagile threat-modeling
Last synced: 04 Jul 2025
https://github.com/xajkep/wordlists
Infosec Wordlists and more.
dictionary discovery fuzzing infosec payload payloads recon regex-pattern security wordlists
Last synced: 10 May 2025
https://github.com/RevokeCash/revoke.cash
❌ Revoke or update your token approvals
ethereum security token-approval
Last synced: 18 Jul 2025
https://github.com/insoxin/qrpay
五合一收款码在线生成,40个模板 支持微信支付、支付宝支付、手机QQ支付、京东钱包、百度钱包,PayPal五合一收款,将其二维码合并为一个二维码,无需手续费,支持qq头像,昵称判断(HTML单页版多模板免安装) 腾讯云服务器 https://api.isoyu.com/qrpay/ 腾讯云COS https://qrpay.isoyu.com/
alipay bdpay cos html jdpay lianlianpay paypal qqpay qrcode qrpay security unionpay wxpay wxwidgets-applications
Last synced: 02 Apr 2025
https://github.com/pallets-eco/flask-security
Quick and simple security for Flask applications
flask flask-security python security
Last synced: 13 May 2025
https://github.com/HexHive/retrowrite
RetroWrite -- Retrofitting compiler passes through binary rewriting
aarch64 assembly binary-rewriting disassembler reverse-engineering security x86-64
Last synced: 08 May 2025
https://github.com/pa-bru/graphql-cost-analysis
A Graphql query cost analyzer.
apollo-server complexity cost cost-analyzer cost-calculator cost-setting costmap express-graphql graphql graphql-cost-analysis graphql-js graphql-schema graphql-server nodejs security
Last synced: 15 May 2025
https://github.com/anof-cyber/application-security
Resources for Application Security including Web, API, Android, iOS and Thick Client
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting security security-testing
Last synced: 04 Apr 2025
https://github.com/always-further/nono
Secure, kernel-enforced sandbox CLI and SDKs for AI agents. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment.
agent agentic-ai ai-agent-security ai-agents ai-security code-execution cybersecurity isolation linux-security llm mcp open-source prompt-injection runtime-security sandbox security sigstore supply-chain-security zero-trust
Last synced: 02 Apr 2026
https://github.com/Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting security security-testing
Last synced: 26 Mar 2025
https://github.com/securityjoes/MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
automation cyber cyber-security dfir dfir-automation digital-forensic incident-response infosec ir mdr powershell reporting security soc tools
Last synced: 03 Apr 2025
https://github.com/wh0isdxk/DesenvolvimentoSeguro
Principios e Boas Práticas sobre Desenvolvimento Seguro
desenvolvimento-seguro development hacktoberfest hacktoberfest2022 hacktoberfest2024 secure-development security security-by-design seguranca seguranca-da-informacao
Last synced: 12 Apr 2025
https://github.com/tenzir/tenzir
Tenzir is the data pipeline engine for security teams.
dataops hacktoberfest incident-response investigation netflow pcap pipelines secdataops security siem sigma soc suricata threathunting zeek
Last synced: 01 Apr 2026
https://github.com/jpcertcc/emocheck
Emotet detection tool for Windows OS
emotet malware-detection security
Last synced: 04 Apr 2025
https://github.com/initstring/dirty_sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
linux privilege-escalation security
Last synced: 05 Apr 2025
https://github.com/ossillate-inc/packj
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
developer-tools devops devops-tools devsecops dynamic-analysis malware malware-analysis npm pypi python rubygems sandboxing security security-audit security-tools static-analysis supply-chain supply-chain-security vulnerability vulnerability-scanners
Last synced: 07 May 2025
https://github.com/hardik05/Damn_Vulnerable_C_Program
An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
afl dynamorio fuzzing honggfuzz jackalope libafl libfuzzer security tinyinst vulnerabilities vulnerability winafl
Last synced: 11 Jul 2025
https://github.com/0x4D31/fatt
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
fingerprinting honeypot metadata network python quic rdp security ssh threat-hunting tls tshark
Last synced: 24 Mar 2025
https://github.com/rek7/fireelf
fireELF - Fileless Linux Malware Framework
backdoor exploit-development exploitation exploitation-framework framework linux malware malware-development pentesting python redteam security security-tools
Last synced: 05 Apr 2025
https://github.com/0x4d31/fatt
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
fingerprinting honeypot metadata network python quic rdp security ssh threat-hunting tls tshark
Last synced: 04 Apr 2025
https://github.com/emsec/hal
HAL – The Hardware Analyzer
embedded-security fpga hal hardware integrated-circuits netlist reverse-engineering security
Last synced: 15 May 2025
https://github.com/michelin/ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
Last synced: 21 Apr 2025
https://github.com/mufeedvh/pdfrip
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
hashcat password password-cracker pdf rust security security-tools
Last synced: 02 Apr 2025
https://github.com/erlef/elixir-secure-coding
An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir
education-wg elixir elixir-lang elixir-phoenix livebook salus security security-education security-wg sobelow
Last synced: 15 May 2025
https://github.com/theupdateframework/go-tuf
Go implementation of The Update Framework (TUF)
chain go golang hacktoberfest security software supply supply-chain tuf
Last synced: 14 May 2025
https://github.com/appvia/krane
Kubernetes RBAC static analysis & visualisation tool
analysis k8s kubernetes rbac rbac-configuration rbac-management rbac-roles redisgraph role-based-access-control security security-hardening security-scanner security-tools static-analysis visualisation
Last synced: 04 Apr 2025
https://github.com/google/go-safeweb
Secure-by-default HTTP servers in Go.
golang http http-server security security-hardening
Last synced: 16 Mar 2025
https://github.com/paul-reed/cloudflare-ufw
Script to update UFW with Cloudflare IPs
cloudflare security ufw-firewall
Last synced: 07 Apr 2025
https://github.com/githubixx/ansible-role-wireguard
Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora, openSUSE Leap and some Redhat ES variants.
ansible ansible-role linux networking security vpn wireguard
Last synced: 21 Jan 2026
https://github.com/l-n-s/wireguard-install
WireGuard VPN server installer
networking privacy security self-hosted vpn wireguard
Last synced: 09 Jul 2025
https://github.com/softvar/secure-ls
:lock: Secure localStorage data with high level of encryption and data compression
aes-encryption compressed-data data-compression decompression decrypt decryption des encoding encryption hacktoberfest localstorage lz-string pbkdf2 rabbit rc4 secure security
Last synced: 15 May 2025
https://github.com/mobsf/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
android appsec codereview ios java kotlin mobile-sast objective-c sast security static-analysis swift
Last synced: 14 May 2025
https://github.com/cycodelabs/raven
CI/CD Security Analyzer
cicd cycode security security-automation security-tools
Last synced: 14 May 2025
https://github.com/CycodeLabs/raven
CI/CD Security Analyzer
cicd cycode security security-automation security-tools
Last synced: 26 Mar 2025
https://github.com/veorq/SipHash
High-speed secure pseudorandom function for short messages
c cryptography message-authentication-code pseudorandom-functions security
Last synced: 25 Mar 2025
https://github.com/blark/aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
async brute-force bruteforcing dns enumeration osint osint-resources pentesting python recon red-team resolver security security-tools subdomain subdomain-takeover subdomin-enumeration
Last synced: 20 Mar 2025
https://github.com/unipacker/unipacker
Automatic and platform-independent unpacker for Windows binaries based on emulation
debugger dumper emulation packers pefile python reverse-engineering security unicorn-engine unpacker windows
Last synced: 12 Jul 2025
https://github.com/appsecco/dvna
Damn Vulnerable NodeJS Application
dvna hack nodejs owasp owasp-top-10 security testing vulnerable vulnerable-apps
Last synced: 16 Mar 2025
https://github.com/tempesta-tech/tempesta
All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks
bots database ddos-protection high-performance http-accelerator http2 linux-kernel load-balancer security tls web-application-firewall web-performance web-security
Last synced: 15 May 2025
https://github.com/MobSF/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
android appsec codereview ios java kotlin mobile-sast objective-c sast security static-analysis swift
Last synced: 01 Apr 2025
https://github.com/rek7/fireELF
fireELF - Fileless Linux Malware Framework
backdoor exploit-development exploitation exploitation-framework framework linux malware malware-development pentesting python redteam security security-tools
Last synced: 28 Mar 2025
https://github.com/SteeltoeOSS/Samples
Steeltoe samples and reference application collection
asp cloud-foundry connector discovery dotnet hacktoberfest management microservice music-store security service-discovery steeltoe-components steeltoe-connectors
Last synced: 09 May 2025
https://github.com/fingerprintjs/external-protocol-flooding
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
browser-fingerprinting exploit fingerprinting identification privacy security vulnerability
Last synced: 14 Apr 2025
https://github.com/steeltoeoss/samples
Steeltoe samples and reference application collection
asp cloud-foundry connector discovery dotnet hacktoberfest management microservice music-store security service-discovery steeltoe-components steeltoe-connectors
Last synced: 15 May 2025
https://github.com/dolevf/graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
enumeration fingerprinting graphql information-gathering penetration-testing security
Last synced: 08 Oct 2025
https://github.com/tenzir/vast
Tenzir is the data pipeline engine for security teams.
dataops hacktoberfest incident-response investigation netflow pcap pipelines secdataops security siem sigma soc suricata threathunting zeek
Last synced: 01 Mar 2025
https://github.com/Paul-Reed/cloudflare-ufw
Script to update UFW with Cloudflare IPs
cloudflare security ufw-firewall
Last synced: 28 Mar 2025
https://github.com/auth0/simplekeychain
A simple Keychain wrapper for iOS, macOS, tvOS, and watchOS
Last synced: 14 May 2025
https://github.com/cyberark/fuzzyai
A powerful tool for automated LLM fuzzing. It is designed to help developers and security researchers identify and mitigate potential jailbreaks in their LLM APIs.
ai ai-red-team fuzzing jailbreak jailbreaking llm llm-evaluation llm-security llms security
Last synced: 22 Jul 2025
