Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-01-22 00:24:28 UTC
- JSON Representation
https://github.com/aws-samples/siem-on-amazon-opensearch-service
A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
Last synced: 16 Apr 2025
https://github.com/firewalla/firewalla
http://firewalla.com
cyber dns doh firewalla iot monitoring parental-control raspberry-pi router security simple vlan vpn
Last synced: 27 Sep 2025
https://github.com/Threagile/threagile
Agile Threat Modeling Toolkit
agile architecture cicd devsecops infosec risk-analysis risk-management security threagile threat-modeling
Last synced: 01 Apr 2025
https://github.com/nccgroup/tracy
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
browser-extension chrome chrome-extension firefox firefox-addon security security-tools xss xss-detection
Last synced: 04 Apr 2025
https://github.com/mateusjunges/laravel-acl
This package helps you to associate users with permissions and permission groups with laravel framework
access-control access-management acl authentication authorization hacktoberfest laravel package php7 security
Last synced: 03 Oct 2025
https://github.com/jameswoolfenden/pike
Pike is a tool for determining the permissions or policy required for IAC code
aws bridgecrew gcp iac policy security terraform
Last synced: 04 Apr 2025
https://github.com/lockgit/hacking
Hacker, ready for more of our story ! 🚀
attack attacker attacks cracker geek hack hacker hacking hacking-tool poc scanner security security-research security-vulnerability tool tools vulnerabilities vulnerability vulnerability-scanners
Last synced: 13 Apr 2025
https://github.com/JamesWoolfenden/pike
Pike is a tool for determining the permissions or policy required for IAC code
aws bridgecrew gcp iac policy security terraform
Last synced: 30 Mar 2025
https://github.com/jamesWoolfenden/pike
Pike is a tool for determining the permissions or policy required for IAC code
aws bridgecrew gcp iac policy security terraform
Last synced: 30 Mar 2025
https://github.com/jedisct1/libsodium-php
The PHP extension for libsodium.
crypto cryptography halite libsodium libsodium-php php php-extension security
Last synced: 15 May 2025
https://github.com/LockGit/Hacking
Hacker, ready for more of our story ! 🚀
attack attacker attacks cracker geek hack hacker hacking hacking-tool poc scanner security security-research security-vulnerability tool tools vulnerabilities vulnerability vulnerability-scanners
Last synced: 13 Mar 2025
https://github.com/quillhash/quillaudit_auditor_roadmap
This repository contains a mindmap and stepwise resource to get started with Smart Contract Auditing. If you find anything missing or want to update existing resources, feel free to create a pull request.
blockchain ethereum evm security solidity
Last synced: 15 May 2025
https://github.com/cleverbeagle/pup
The Ultimate Boilerplate for Products.
apollo app boilerplate example graphql graphql-client graphql-server javascript markdown meteor meteorjs mongodb nodejs react security sitemap ssr styled-components webhooks websockets
Last synced: 04 Apr 2025
https://github.com/burtonqin/lockbud
Detect concurrency and memory bugs and possible panic locations in Rust projects
bug-detection rust security static-analyzer
Last synced: 30 Aug 2025
https://github.com/kanidm/webauthn-rs
An implementation of webauthn components for Rustlang servers
Last synced: 23 Oct 2025
https://github.com/MetaOSINT/MetaOSINT.github.io
A tool to quickly identify relevant, publicly-available open source intelligence ("OSINT") tools and resources, saving valuable time during investigations, research, and analysis.
cryptocurrency cybersecurity disinformation email facebook geoint geolocation instagram intelligence investigation news opsec osint search search-engine security social-media social-network twitter username
Last synced: 06 Aug 2025
https://github.com/FourCoreLabs/EDRHunt
Scan installed EDRs and AVs on Windows
infosec security security-tools
Last synced: 11 Jul 2025
https://github.com/payloadbox/open-redirect-payload-list
🎯 Open Redirect Payload List
open-redirect openredirect payload payload-list payloads security websecurity
Last synced: 05 Mar 2025
https://github.com/payloadbox/rfi-lfi-payload-list
🎯 RFI/LFI Payload List
application-security appsec bug-bounty bugbounty lfi lfi-exploitation lfi-vulnerability payload payload-list payloads rfi rfi-exploiton rfi-vulnerabillity security security-research security-researcher security-researchers web-application-security web-hacking websecurity
Last synced: 05 Mar 2025
https://github.com/Esonhugh/Attack_Code
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
article cloud cloud-security cloudsecurity introduction security
Last synced: 11 May 2025
https://github.com/esonhugh/attack_code
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
article cloud cloud-security cloudsecurity introduction security
Last synced: 05 Apr 2025
https://github.com/so87/CISSP-Study-Guide
study material used for the 2018 CISSP exam
cheatsheet cissp exam security study study-guide study-materials
Last synced: 11 Jul 2025
https://github.com/podium/elixir-secure-coding
An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir
elixir elixir-lang elixir-phoenix livebook salus security security-education sobelow
Last synced: 28 Mar 2025
https://github.com/shenril/Sitadel
Web Application Security Scanner
penetration-testing python3 scanner-web security
Last synced: 30 Mar 2025
https://github.com/kevinburke/nacl
Pure Go implementation of the NaCL set of API's
curve25519 golang nacl secretbox security
Last synced: 16 May 2025
https://github.com/evilbytecode/goredops
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
go golang hacking malware malware-development offensive-security red-team redteaming security windows
Last synced: 15 May 2025
https://github.com/pcaversaccio/snekmate
State-of-the-art, highly opinionated, hyper-optimised, and secure 🐍Vyper smart contract building blocks.
ethereum evm library security smart-contracts vyper vyper-contracts
Last synced: 14 May 2025
https://github.com/line/line-fido2-server
FIDO2(WebAuthn) server officially certified by FIDO Alliance and Relying Party examples.
example fido2 java passwordless relying-party security spring-boot webauthn
Last synced: 08 Oct 2025
https://github.com/Frissi0n/GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
ctf ctf-tools gtfobins hacking hackthebox offensive-security pentest pentesting post-exploitation privilege-escalation redteam security security-tools suid-binaries
Last synced: 11 Jun 2025
https://github.com/marshall-hallenbeck/red_team_attack_lab
Red Team Attack Lab for TTP testing & research
ansible hacking infosec lab penetration-testing pentesting red-team redteam security security-testing security-tools vagrant
Last synced: 20 Feb 2025
https://github.com/Hakky54/mutual-tls-ssl
🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
certificate certificate-authority certificate-signing-request encryption https java keystore keytool kotlin mutual-authentication mutual-tls openssl scala security server spring-boot ssl tls truststore two-way-ssl-authentication
Last synced: 10 May 2025
https://github.com/hakky54/mutual-tls-ssl
🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
certificate certificate-authority certificate-signing-request encryption https java keystore keytool kotlin mutual-authentication mutual-tls openssl scala security server spring-boot ssl tls truststore two-way-ssl-authentication
Last synced: 04 Apr 2025
https://github.com/chainguard-dev/osquery-defense-kit
Production-ready detection & response queries for osquery
defense osquery security threat-hunting
Last synced: 03 Mar 2025
https://github.com/vu1nt0tal/vehicle-security-toolkit
汽车/安卓/固件/代码安全测试工具集
android apk cve pentest reverse-engineering security static-analysis vulnerability
Last synced: 15 Dec 2025
https://github.com/ciscocsirt/gosint
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
golang ioc security threat-intelligence
Last synced: 14 Jan 2026
https://github.com/Vu1nT0tal/Vehicle-Security-Toolkit
汽车/安卓/固件/代码安全测试工具集
android apk cve pentest reverse-engineering security static-analysis vulnerability
Last synced: 15 May 2025
https://github.com/paragonie/csp-builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
content-security-policy cross-site-scripting csp csp-builder csp-header easy-to-use http http-header json-configuration php secure-by-default security xss
Last synced: 14 May 2025
https://github.com/joshlarsen/aws-recon
Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
aws cli collection inventory scanner security
Last synced: 14 Mar 2025
https://github.com/scheb/2fa
Two-factor authentication for Symfony applications 🔐
2fa security symfony symfony-bundle two-factor-authentication
Last synced: 04 Jan 2026
https://github.com/phra/rustbuster
A Comprehensive Web Fuzzer and Content Discovery Tool
bug-bounty hacktoberfest pentesting reconnaissance security security-tools
Last synced: 05 Apr 2025
https://github.com/abhi-r3v0/Adhrit
Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
analysis android android-security apk blackhat2020 blackhatarsenal dex enjarify ghera java mobile-security reverse-engineer security security-tools smali smalisca
Last synced: 08 May 2025
https://github.com/simonepri/upash
🔒Unified API for password hashing algorithms
api argon bcrypt brute-force cli credential credentials hash-functions hashing nodejs password pbkdf2 rainbow-table secure security timing-attacks unified universal upash verification
Last synced: 12 Apr 2025
https://github.com/ciscocsirt/GOSINT
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
golang ioc security threat-intelligence
Last synced: 13 Mar 2025
https://github.com/wolfssl/wolfmqtt
wolfMQTT is a small, fast, portable MQTT client implementation, including support for TLS 1.3.
embedded iot iot-security mqqt-packet mqtt mqtt-client mqtt-library mqtt-sn mqtt-tls qos-0-2 quality-of-service security sensor-network tls tls13 tls13-support wolfmqtt wolfssl wolfssl-library
Last synced: 14 Apr 2025
https://github.com/wolfSSL/wolfMQTT
wolfMQTT is a small, fast, portable MQTT client implementation, including support for TLS 1.3.
embedded iot iot-security mqqt-packet mqtt mqtt-client mqtt-library mqtt-sn mqtt-tls qos-0-2 quality-of-service security sensor-network tls tls13 tls13-support wolfmqtt wolfssl wolfssl-library
Last synced: 05 Apr 2025
https://github.com/momenbasel/keyFinder
Keyfinder🔑 is a tool that let you find keys while surfing the web!
chrome-extension js pentesting pentesting-tools security
Last synced: 10 May 2025
https://github.com/kicksecure/security-misc
Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc
kernel-hardening kspp security
Last synced: 15 May 2025
https://github.com/lithnet/ad-password-protection
Active Directory password filter featuring breached password checking and custom complexity rules
active-directory lithnet-password-protection lpp password password-protection security
Last synced: 23 Jul 2025
https://github.com/t0thkr1s/revshellgen
Reverse shell generator written in Python 3.
generator ncat oscp python python3 reverse reverse-shell reverse-shell-generator security security-tools shell
Last synced: 16 Jan 2026
https://github.com/algolia/sup3rs3cretmes5age
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
golang hashicorp-vault secrets security vault
Last synced: 19 Jun 2025
https://github.com/momenbasel/keyfinder
Keyfinder🔑 is a tool that let you find keys while surfing the web!
chrome-extension js pentesting pentesting-tools security
Last synced: 05 Apr 2025
https://github.com/patrickfav/bcrypt
A Java standalone implementation of the bcrypt password hash function. Based on the Blowfish cipher it is the default password hash algorithm for OpenBSD and other systems including some Linux distributions. Includes a CLI Tool.
bcrypt bcrypt-library bycrypt-password cli crypto hash java java-library kdf password-hash security
Last synced: 14 May 2025
https://github.com/LewisArdern/bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 02 Apr 2025
https://github.com/ex0dus-0x/fuzzable
Framework for Automating Fuzzable Target Discovery with Static Analysis.
binary-analysis fuzzing reverse-engineering security security-tools static-analysis
Last synced: 12 Apr 2025
https://github.com/hakky54/sslcontext-kickstart
🔐 A lightweight high level library for configuring a http client or server based on SSLContext or other properties such as TrustManager, KeyManager or Trusted Certificates to communicate over SSL TLS for one way authentication or two way authentication provided by the SSLFactory. Support for Java, Scala and Kotlin based clients with examples. Available client examples are: Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, Vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k Kohttp and Ktor. Also gRPC, WebSocket and ElasticSearch examples are included
android certificate der encryption https java keymanagerfactory keystore kotlin mutual-authentication p12 p7b pem scala security ssl sslcontext tls trustmanagerfactory truststore
Last synced: 11 Jan 2026
https://github.com/intility/fastapi-azure-auth
Easy and secure implementation of Azure Entra ID (previously AD) for your FastAPI APIs 🔒 B2C, single- and multi-tenant support.
anyio asgi asyncio authentication azure azure-active-directory azure-ad azuread fastapi oauth2 oidc openapi openid openidconnect python security trio
Last synced: 14 May 2025
https://github.com/JanssenProject/jans
An enterprise identity and access management platform-- Janssen is a distribution of standards-based, developer friendly, components that are engineered to work together in any cloud. #OAuth #OpenID #FIDO
access-management api iam identity kubernetes oauth2 openid-connect security sso
Last synced: 04 Apr 2025
https://github.com/tejado/authorizer
Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP :key::mobile_phone_off:
android auto-type bluetooth bluetooth-hid encryption gpg gpg-encryption hid keyboard-emulation otp password-manager password-store security smartphone usb usb-hid
Last synced: 04 Apr 2025
https://github.com/wagslane/go-password-validator
Validate the Strength of a Password in Go
character entropy golang golang-package security special-characters strength xkcd
Last synced: 16 May 2025
https://github.com/tejado/Authorizer
Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP :key::mobile_phone_off:
android auto-type bluetooth bluetooth-hid encryption gpg gpg-encryption hid keyboard-emulation otp password-manager password-store security smartphone usb usb-hid
Last synced: 23 Mar 2025
https://github.com/iqiyi/qnsm
QNSM is network security monitoring framework based on DPDK.
anti-ddos dpdk kernel-bypass network-analysis network-security security suricata
Last synced: 05 Apr 2025
https://github.com/Hive2Hive/Hive2Hive
Java library for secure, distributed, P2P-based file synchronization and sharing.
distributed file-sharing security synchronization
Last synced: 03 Apr 2025
https://github.com/tirrenotechnologies/tirreno
Monitor, analyze, and protect your web application from cyber fraud, account takeovers, fake accounts, bots, and abuse. Get started — free.
analytics antispam application-monitoring audit-trail bot-detection bot-management ciso fraud fraud-detection fraud-prevention intelligence intranet log-analysis monitoring php-project security self-hosted siem web-analytics
Last synced: 11 Jan 2026
https://github.com/algolia/sup3rS3cretMes5age
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
golang hashicorp-vault secrets security vault
Last synced: 28 Mar 2025
https://github.com/404notf0und/always-learning
404 Not Found的知识库:计算机理论基础、计算机技术基础、底层研究、安全技术、安全研究、人工智能、企业安全建设、安全发展、职业规划、综合素质、国内外优秀技术人
artificial-intelligence future knowledgedatabase research security
Last synced: 08 Nov 2025
https://github.com/shodansploit/shodansploit
🔎 shodansploit > v1.3.0
intelligence python-script python-shodan security security-automation security-research security-scanner security-testing security-tools shodan shodan-api shodan-cli shodan-client shodan-python shodan-scripts shodan-tool shodan-tools shodansploit
Last synced: 02 Apr 2025
https://github.com/grapheneos/auditor
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
android attestation authenticity cryptography grapheneos hsm integrity monitoring remote-attestation secure-boot secureboot security strongbox verifiedboot
Last synced: 15 May 2025
https://github.com/limpkin/mooltipass
Github repository dedicated to the mooltipass project
password-keeper password-manager passwords security
Last synced: 26 Mar 2025
https://github.com/0x4D31/galah
Galah: An LLM-powered web honeypot.
golang honeypot llm openai openai-api security security-tools
Last synced: 01 Apr 2025
https://github.com/0x4d31/galah
Galah: An LLM-powered web honeypot.
golang honeypot llm openai openai-api security security-tools
Last synced: 08 Apr 2025
https://github.com/flashnuke/wifi-deauth
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
deauth deauthentication-attack deauther denial-of-service denial-of-service-attack dos dos-attack kali-linux pentest pentesting pentesting-tools security security-tools wifi wifi-attack wifi-deauth wifi-deauther wifi-security wireless-network
Last synced: 07 Apr 2025
https://github.com/0x4d31/honeylambda
honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
aws deception honeypot honeytoken lambda python security serverless
Last synced: 06 Apr 2025
https://github.com/0x4D31/honeyLambda
honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
aws deception honeypot honeytoken lambda python security serverless
Last synced: 19 Jul 2025
https://github.com/NHAS/wag
Simple Wireguard 2FA
2fa firewall linux management-portal mfa network networking privacy security self-hosted ui virtual-network vpn vpn-server wireguard wireguard-admin wireguard-vpn
Last synced: 15 May 2025
https://github.com/abhisharma404/vault
swiss army knife for hackers
crawler fuzzing hacking hacking-tool information-gathering lfi networking offensive-security osint pentesting port-scanner python rfi scanner scrapy security sqlite ssl-inspection vault xss-vulnerability
Last synced: 02 Apr 2025
https://github.com/trickest/resolvers
The most exhaustive list of reliable DNS resolvers.
brute-force bug-bounty cybersecurity dns infosec network pentesting red-team resolver resolvers security security-tool
Last synced: 24 Dec 2025
https://github.com/duo-labs/efigy
A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmware
Last synced: 05 Apr 2025
https://github.com/lewisardern/bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 02 Apr 2025
https://github.com/duo-labs/EFIgy
A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmware
Last synced: 01 Apr 2025
https://github.com/Intility/fastapi-azure-auth
Easy and secure implementation of Azure Entra ID (previously AD) for your FastAPI APIs 🔒 B2C, single- and multi-tenant support.
anyio asgi asyncio authentication azure azure-active-directory azure-ad azuread fastapi oauth2 oidc openapi openid openidconnect python security trio
Last synced: 15 Mar 2025
https://github.com/lbuchs/WebAuthn
A simple PHP WebAuthn (FIDO2/Passkey) server library
2fa apple-authenticator fido fido2 fido2-authenticator passkey passkeys php-library php-webauthn safetynet-api security two-factor-authentication webauthn windows-hello
Last synced: 12 May 2025
https://github.com/splitline/How-to-Hack-Websites
開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall
Last synced: 02 Apr 2025
https://github.com/xchwarze/cain
Password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks and more!
Last synced: 04 Apr 2025
https://github.com/hxsecurity/terraformgoat
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform
Last synced: 05 Apr 2025
https://github.com/optiopay/klar
Integration of Clair and Docker Registry
clair docker-image docker-registry security security-audit severity-vulnerabilities
Last synced: 18 Jan 2026
https://github.com/mervick/aes-bridge
AesBridge is a modern, secure and cross-language AES encryption library that supports CBC, GCM, and Legacy CBC modes. The goal is to ensure secure, interoperable encryption across multiple platforms and programming languages
aes-256 aes-cbc aes-encryption aes-gcm cbc cross-language crypto crypto-library decryption encryption gcm openssl secure security
Last synced: 16 Jan 2026
https://github.com/lf-edge/eve
EVE is Edge Virtualization Engine
edge iot linux-foundation networking operating-system security virtualization
Last synced: 07 Jan 2026
