Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-04-03 00:27:13 UTC
- JSON Representation
https://github.com/coldcard/firmware
❄️ Firmware and simulator for Coldcard Hardware Wallet
bitcoin bitcoin-wallet cryptocurrency cryptography security
Last synced: 15 May 2025
https://github.com/houbb/sensitive
🔐Sensitive log tool for java, based on java annotation. (基于注解的 java 日志脱敏工具框架,更加优雅的日志打印。支持自定义哈希、支持基于 log4j2 插件的统一脱敏、支持 logback 插件统一脱敏)
dfa fastjson java java-annotation json log log4j2 log4j2-plugin logback security sensitive sensitive-data-security slf4j
Last synced: 12 Apr 2025
https://github.com/gamemann/xdp-firewall
A firewall that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. This is great for dropping malicious traffic from a (D)DoS attack. IPv6 is supported with this firewall! I hope this helps network engineers/programmers interested in utilizing XDP!
anti-ddos bpf ddos ddos-attacks ddos-mitigation ddos-protection denial-of-service distributed-denial-of-service dos dos-attack dos-protection ebpf fast firewall fw kernel linux network security xdp
Last synced: 15 May 2025
https://github.com/netflix-skunkworks/diffy
:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Last synced: 16 May 2025
https://github.com/Netflix-Skunkworks/diffy
:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
Last synced: 29 Apr 2025
https://github.com/envkey/envkey
Simple, end-to-end encrypted configuration and secrets management
config configuration-management devops docker end-to-end-encryption environment-variables golang infrastructure kubernetes nodejs python ruby secrets-management security shell-scripts
Last synced: 15 May 2025
https://github.com/okta-graveyard/repo-supervisor
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
blueteam redteam secret-management secrets secrets-detection security serverless
Last synced: 02 Oct 2025
https://github.com/Fuzzapi/fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
api automation fuzzer rails ruby security security-vulnerability
Last synced: 02 Apr 2025
https://github.com/ovotech/gitoops
all paths lead to clouds
bloodhound cicd company-kaluza hacktheplanet redteam security
Last synced: 02 Apr 2025
https://github.com/esapi/esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
Last synced: 13 May 2025
https://github.com/SkipToTheEndpoint/OpenIntuneBaseline
Community-driven baseline to accelerate Intune adoption and learning.
device-config intune microsoft security
Last synced: 10 Apr 2025
https://github.com/openmls/openmls
Rust implementation of the Messaging Layer Security (MLS) protocol
Last synced: 06 Apr 2025
https://github.com/jotygill/openpyn-nordvpn
Easily connect to and switch between, OpenVPN servers hosted by NordVPN on Linux (+patch leakes)
autovpn easyvpn nord nord-vpn nordvpn openvpn openvpn-connection privacy security vpn vpn-connections
Last synced: 09 Oct 2025
https://github.com/electroniccats/catsniffer
CatSniffer is an original multiprotocol and multiband board for sniffing, communicating, and attacking IoT (Internet of Things) devices using the latest radio IoT protocols. It is a highly portable USB stick that integrates TI CC1352, Semtech SX1262, and an RP2040 for V3 or a Microchip SAMD21E17 for V2
ble hardware lora matter rp2040 samd21 security security-tools sidewalk sniffers zigbee
Last synced: 15 May 2025
https://github.com/MattKeeley/Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
application-security appsec cybersecurity deliverability dmarc email-security emails infosec penetration-testing penetration-testing-tools pentesting phishing python python3 redteam security spf
Last synced: 03 Apr 2025
https://github.com/rewanthtammana/Damn-Vulnerable-Bank
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
android android-security application-security damn-vulnerable-bank hacking hacktoberfest infosec pentesting security vulnerable-android-apps vulnerable-application
Last synced: 08 Apr 2025
https://github.com/defaultnamehere/cookie_crimes
Read local Chrome cookies without root or decrypting
cookies osx-security security security-tools
Last synced: 05 Apr 2025
https://github.com/axafrance/oidc-client
Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).
axa context-api front-end-development javascript js library nextjs oauth2 oidc-client ope openid openid-client openid-connect react reactjs redux security
Last synced: 28 Jan 2026
https://github.com/GoFetchAD/GoFetch
GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
active-directory blackhat2017 bloodhound gofetch powershell security
Last synced: 13 May 2025
https://github.com/TryCatchHCF/PacketWhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
cryptography data-exfiltration dlp exfiltration hacking hacking-tools pentest-tool pentesting red-team security security-tools steganography
Last synced: 30 Mar 2025
https://github.com/hahwul/a2sv
Auto Scanning to SSL Vulnerability
hacking scanner security ssl vulnerability
Last synced: 02 Apr 2025
https://github.com/trycatchhcf/packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
cryptography data-exfiltration dlp exfiltration hacking hacking-tools pentest-tool pentesting red-team security security-tools steganography
Last synced: 13 Mar 2025
https://github.com/gosecure/dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
dtd hacktoberfest security xxe
Last synced: 04 Apr 2025
https://github.com/blacklanternsecurity/badsecrets
A library for detecting known secrets across many web frameworks
appsec asp-net cryptography django express-js flask javaserver-faces jwt peoplesoft python rails secrets security symfony telerik-ui
Last synced: 14 May 2025
https://github.com/GoSecure/dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
dtd hacktoberfest security xxe
Last synced: 02 Apr 2025
https://github.com/w3c/trusted-types
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
dom javascript polyfill security trusted-types w3c xss
Last synced: 15 May 2025
https://github.com/madneal/articles-translator
:books:Translate the distinct technical blogs. Please star or watch. Welcome to join me.
article codeql css javascript memory-management npm parcel pwa react security security-tools vue web web-security webpack
Last synced: 15 May 2025
https://github.com/shelld3v/jsshell
JSshell - JavaScript reverse/remote shell
blindxss bugbounty hacking javascript js pentest python python3 security shell xss xss-exploitation
Last synced: 04 Apr 2025
https://github.com/anna-is-cute/paste
A sensible, modern pastebin.
anonymity pastebin rust security self-hosted
Last synced: 05 Apr 2025
https://github.com/w3c/webappsec-trusted-types
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
dom javascript polyfill security trusted-types w3c xss
Last synced: 09 Mar 2025
https://github.com/dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
bugbounty bugbounty-tool bugbountytips chromium prototype-pollution rust rust-tools security security-tools vulnerability-scanners
Last synced: 16 May 2025
https://github.com/bishopfox/badpods
A collection of manifests that will create pods with elevated privileges.
assessment exploitation hostipc hostnetwork hostpath hostpid kubernetes penetration-testing pods podspec privileged security
Last synced: 04 Apr 2025
https://github.com/devise-security/devise-security
A security extension for devise, meeting industry-standard security demands for web applications.
activerecord devise devise-modules hacktoberfest mongoid password-expiration passwords rails ruby security session-management
Last synced: 12 May 2025
https://github.com/ESAPI/esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
Last synced: 10 May 2025
https://github.com/ncsa/ssh-auditor
The best way to scan for weak ssh passwords on your network
auditing brute-force discover security ssh
Last synced: 16 Jan 2026
https://github.com/auth0/SimpleKeychain
A simple Keychain wrapper for iOS, macOS, tvOS, and watchOS
Last synced: 04 Apr 2025
https://github.com/gemini-cli-extensions/security
Google's Security extension for the Gemini CLI that finds vulnerabilities in your code changes and pull requests.
gemini gemini-cli gemini-cli-extensions google security
Last synced: 11 Mar 2026
https://github.com/gamemann/XDP-Firewall
A firewall that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. This is great for dropping malicious traffic from a (D)DoS attack. IPv6 is supported with this firewall! I hope this helps network engineers/programmers interested in utilizing XDP!
anti-ddos bpf ddos ddos-attacks ddos-mitigation ddos-protection denial-of-service distributed-denial-of-service dos dos-attack dos-protection ebpf fast firewall fw kernel linux network security xdp
Last synced: 02 Apr 2025
https://github.com/maldevel/PenTestKit
Tools, scripts and tips useful during Penetration Testing engagements.
assessment hacking kali-linux network notes penetration-testing pentesting scripts security system tools web
Last synced: 13 Mar 2025
https://github.com/maldevel/pentestkit
Tools, scripts and tips useful during Penetration Testing engagements.
assessment hacking kali-linux network notes penetration-testing pentesting scripts security system tools web
Last synced: 18 Oct 2025
https://github.com/opengovern/opensecurity
opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
audit cloud-security compliance container-security cspm devsecops optimization oss policy-as-code security security-auditing-tool
Last synced: 12 Jan 2026
https://github.com/0x783kb/Threat-Analysis-Handbook
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
attck security security-operation soc threat-hunting
Last synced: 28 Sep 2025
https://github.com/0x783kb/Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
attck security security-operation soc threat-hunting
Last synced: 13 Mar 2025
https://github.com/google/webauthndemo
An example Node.js Relying Party implementation of the WebAuthn specification
authentication authentication-backend example google-appengine relying-party security webauthn webauthn-library
Last synced: 05 May 2025
https://github.com/wallarm/api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
api api-firewall api-gateway api-security api-waf api-wrapper apigateway firewall openapi openapi-security openapi-spec openapi-specification proxy rest-security security security-tools swagger waf web-application-firewall web-application-security
Last synced: 14 May 2025
https://github.com/eth-sri/securify2
Securify v2.0
datalog ethereum security smart-contract solidity static-analysis vulnerability
Last synced: 23 Jul 2025
https://github.com/D0g3-Lab/H1ve
An Easy / Quick / Cheap Integrated Platform
awd awd-platform ctf platform security
Last synced: 12 Jul 2025
https://github.com/hynek/argon2-cffi
Secure Password Hashes for Python
argon2 cffi password password-hash python security
Last synced: 11 Dec 2025
https://github.com/nhas/wag
Simple Wireguard 2FA
2fa firewall linux management-portal mfa network networking privacy security self-hosted ui virtual-network vpn vpn-server wireguard wireguard-admin wireguard-vpn
Last synced: 15 May 2025
https://github.com/smallcham/sec-admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
exploits infosec python scanner security security-audit vulnerability-scanners
Last synced: 16 Jan 2026
https://github.com/AxaFrance/oidc-client
Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).
axa context-api front-end-development javascript js library nextjs oauth2 oidc-client ope openid openid-client openid-connect react reactjs redux security
Last synced: 06 Aug 2025
https://github.com/coyim/coyim
coyim - a safe and secure chat client
anonymity coyim desktop encrypt golang instant-messaging multiplatform otr privacy security tor xmpp
Last synced: 12 Jan 2026
https://github.com/jas502n/0day-security-software-vulnerability-analysis-technology
0day安全_软件漏洞分析技术
0day binary hack security software vulnerability
Last synced: 18 Jan 2026
https://github.com/Tmpertor/Raven-Storm
Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
attacks botnet ddos ddos-attack-tools ddos-attacks ddos-script ddos-tool denial-of-service dos mitm penetration-tests pentesting protection python security security-tools server stress-testing termux web-security
Last synced: 30 Apr 2025
https://github.com/anyeduke/enterprise-security-skill
用于记录企业安全规划,建设,运营,攻防的相关资源
enterprise enterprise-security-skill osint security
Last synced: 02 Apr 2025
https://github.com/falcosecurity/falcosidekick
Connect Falco to your ecosystem
docker falco falco-event hacktoberfest kubernetes response-engine security
Last synced: 09 Mar 2026
https://github.com/jobhope/TechnicalNote
Repository to store what we have studied. :book: We want everyone to get a job through TechnicalNote.
algorithm computer-architecture computer-science cpp data-structures database design-patterns github java linear-algebra network operating-system programming-language security software-engineering sort tech-interview technical-notes web windows
Last synced: 05 May 2025
https://github.com/urbanadventurer/urlcrazy
Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
domainname hacking infosec kali-linux osint phishing ruby security typo-domains typosquatting
Last synced: 04 Apr 2025
https://github.com/linux-audit/audit-userspace
Linux audit userspace repository
Last synced: 02 Feb 2026
https://github.com/spatie/laravel-welcome-notification
Send a welcome notification to new users
auth laravel mail onboarding password security welcome
Last synced: 14 May 2025
https://github.com/janssenproject/jans
The Janssen Project is a home for open source IAM components, featuring Auth Server (OAuth/OpenID), Agama low-code identity orchestration, and the Cedarling policy decision point. The "Janssen Server" distributions bundle IAM components under one control plane.
access-management api iam identity kubernetes oauth2 openid-connect security sso
Last synced: 01 Apr 2026
https://github.com/factionsecurity/faction
Pen Test Report Generation and Assessment Collaboration
application-security hacking penetration-testing penetration-testing-tools pentesting reporting security security-audit security-automation security-report security-reporting security-tools security-vulnerability
Last synced: 11 Mar 2026
https://github.com/YosaiProject/yosai
A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail
authentication authorization python rbac security sessionmanagement totp two-factor twofactorauth
Last synced: 22 Apr 2025
https://github.com/rek7/mXtract
mXtract - Memory Extractor & Analyzer
c-plus-plus cpp cpp11 credentials exploitation linux malware memory-hacking pentesting redteam regex security security-tools stealing
Last synced: 30 Mar 2025
https://github.com/rek7/mxtract
mXtract - Memory Extractor & Analyzer
c-plus-plus cpp cpp11 credentials exploitation linux malware memory-hacking pentesting redteam regex security security-tools stealing
Last synced: 04 Apr 2025
https://github.com/clearcontainers/runtime
OCI (Open Containers Initiative) compatible runtime using Virtual Machines
container containers cri-o docker kvm oci qemu-kvm security virtual-machine virtualization
Last synced: 30 Mar 2025
https://github.com/trailofbits/twa
A tiny web auditor with strong opinions.
auditing hacktoberfest security web-security
Last synced: 15 May 2025
https://github.com/EBWi11/AgentSmith-HIDS
By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
anti-rootkit connect-hook create-file-hook detect-porcess-injection dns-query-hook execve-hook hids intrusion-detection kprobes load-lkm-hook security
Last synced: 02 Apr 2025
https://github.com/eth-sri/securify2?tab=readme-ov-file
Securify v2.0
datalog ethereum security smart-contract solidity static-analysis vulnerability
Last synced: 21 Oct 2025
https://github.com/TheHackerDev/race-the-web
Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
appsec devops-tools infosec race-conditions security security-tools
Last synced: 02 Apr 2025
https://github.com/StamusNetworks/scirius
Scirius is a web application for Suricata ruleset management and threat hunting.
cybersecurity detection gui interface management network-intrusion-detection network-security python security signatures suricata suricata-rules threat-hunting user-interface
Last synced: 01 Apr 2025
https://github.com/OpenVPN/openvpn3-linux
OpenVPN 3 Linux client - This is a mirror of https://codeberg.org/OpenVPN/openvpn3-linux/
dbus linux openvpn security vpn vpn-client vpn-tunnel
Last synced: 28 Mar 2025
https://github.com/robustnlp/cipherchat
A framework to evaluate the generalization capability of safety alignment for LLMs
alignment chatgpt gpt-4-0613 jailbreak large-language-models llm security
Last synced: 21 Apr 2025
https://github.com/lesnuages/hershell
Multiplatform reverse shell generator
exploit reverse-shell security
Last synced: 16 Dec 2025
https://github.com/rhinobase/hono-rate-limiter
Rate Limit middleware for Hono Server
api hono honojs middleware nodejs rate-limiter rate-limiting rest-api security serverless web
Last synced: 25 Dec 2025
https://github.com/liamg/furious
:angry: Go IP/port scanner with SYN (stealth) scanning and device manufacturer identification
ip-scanner network-scanner port-scanner security
Last synced: 04 Apr 2025
https://github.com/drduh/purse
GnuPG asymmetric password manager
bash bash-script encryption file-encryption gnupg gpg password password-manager security unix
Last synced: 04 Apr 2025
https://github.com/trailofbits/winchecksec
Checksec, but for Windows: static detection of security mitigations in executables
hacktoberfest mitigations security windows
Last synced: 15 May 2025
https://github.com/cedricbonhomme/stegano
A pure Python steganography module.
hidden-message image-processing secret security steganalysis steganography
Last synced: 20 Jan 2026
https://github.com/tv-labs/elixir-secure-coding
An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir
elixir elixir-lang elixir-phoenix livebook salus security security-education sobelow
Last synced: 04 Apr 2025
https://github.com/drduh/Purse
GnuPG asymmetric password manager
bash bash-script encryption file-encryption gnupg gpg password password-manager security unix
Last synced: 27 Mar 2025
https://github.com/AnyeDuke/Enterprise-Security-Skill
用于记录企业安全规划,建设,运营,攻防的相关资源
enterprise enterprise-security-skill osint security
Last synced: 13 Mar 2025
https://github.com/Graphite-Docs/graphite
Encrypted, secure, user-owned productivity suite
blockchain decentralized-applications privacy security writing
Last synced: 03 Apr 2025
https://github.com/leiweibau/pi.alert
Scan the devices connected to your WIFI / LAN and alert you the connection of unknown devices. It also warns if a "always connected" device disconnects. In addition, it is possible to check web services for availability. For this purpose HTTP status codes and the response time of the service are evaluated.
arp-scan network-security pi-hole pialert security self-hosted
Last synced: 28 Feb 2026
https://github.com/CERT-Polska/Artemis
A modular vulnerability scanner with automatic report generation capabilities.
artemis pentesting security security-scanner security-tools vulnerability-detection vulnerability-scanner web-scanner
Last synced: 28 Sep 2025
https://github.com/RobustNLP/CipherChat
A framework to evaluate the generalization capability of safety alignment for LLMs
alignment chatgpt gpt-4-0613 jailbreak large-language-models llm security
Last synced: 12 Mar 2025
https://github.com/TechRate/Smart-Contract-Audits
Smart Contract security audit reports
audit defi ethereum reflection security security-audit smart-contracts smart-contracts-audit solidity techrate
Last synced: 08 May 2025
https://github.com/EvilBytecode/GoRedOps
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
go golang hacking malware malware-development offensive-security red-team redteaming security windows
Last synced: 14 Oct 2025
