Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/yaklang/yaklang

A programming language exclusively designed for cybersecurity

cybersecurity dsl go security security-tools

Last synced: 28 Feb 2026

https://github.com/algolia/sup3rs3cretmes5age

Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

golang hashicorp-vault secrets security vault

Last synced: 19 Jun 2025

https://github.com/momenbasel/keyfinder

Keyfinder🔑 is a tool that let you find keys while surfing the web!

chrome-extension js pentesting pentesting-tools security

Last synced: 05 Apr 2025

https://github.com/patrickfav/bcrypt

A Java standalone implementation of the bcrypt password hash function. Based on the Blowfish cipher it is the default password hash algorithm for OpenBSD and other systems including some Linux distributions. Includes a CLI Tool.

bcrypt bcrypt-library bycrypt-password cli crypto hash java java-library kdf password-hash security

Last synced: 14 May 2025

https://github.com/LewisArdern/bXSS

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

blueteam bugbounty bxss cross-site-scripting infosec security xss

Last synced: 02 Apr 2025

https://github.com/ex0dus-0x/fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

binary-analysis fuzzing reverse-engineering security security-tools static-analysis

Last synced: 12 Apr 2025

https://github.com/hakky54/sslcontext-kickstart

🔐 A lightweight high level library for configuring a http client or server based on SSLContext or other properties such as TrustManager, KeyManager or Trusted Certificates to communicate over SSL TLS for one way authentication or two way authentication provided by the SSLFactory. Support for Java, Scala and Kotlin based clients with examples. Available client examples are: Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, Vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k Kohttp and Ktor. Also gRPC, WebSocket and ElasticSearch examples are included

android certificate der encryption https java keymanagerfactory keystore kotlin mutual-authentication p12 p7b pem scala security ssl sslcontext tls trustmanagerfactory truststore

Last synced: 11 Jan 2026

https://github.com/intility/fastapi-azure-auth

Easy and secure implementation of Azure Entra ID (previously AD) for your FastAPI APIs 🔒 B2C, single- and multi-tenant support.

anyio asgi asyncio authentication azure azure-active-directory azure-ad azuread fastapi oauth2 oidc openapi openid openidconnect python security trio

Last synced: 14 May 2025

https://github.com/JanssenProject/jans

An enterprise identity and access management platform-- Janssen is a distribution of standards-based, developer friendly, components that are engineered to work together in any cloud. #OAuth #OpenID #FIDO

access-management api iam identity kubernetes oauth2 openid-connect security sso

Last synced: 04 Apr 2025

https://github.com/tejado/authorizer

Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP :key::mobile_phone_off:

android auto-type bluetooth bluetooth-hid encryption gpg gpg-encryption hid keyboard-emulation otp password-manager password-store security smartphone usb usb-hid

Last synced: 04 Apr 2025

https://github.com/mehulj94/Radium

Python logger with multiple features.

keylogger python security

Last synced: 02 Apr 2025

https://github.com/tejado/Authorizer

Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP :key::mobile_phone_off:

android auto-type bluetooth bluetooth-hid encryption gpg gpg-encryption hid keyboard-emulation otp password-manager password-store security smartphone usb usb-hid

Last synced: 23 Mar 2025

https://github.com/iqiyi/qnsm

QNSM is network security monitoring framework based on DPDK.

anti-ddos dpdk kernel-bypass network-analysis network-security security suricata

Last synced: 05 Apr 2025

https://github.com/Hive2Hive/Hive2Hive

Java library for secure, distributed, P2P-based file synchronization and sharing.

distributed file-sharing security synchronization

Last synced: 03 Apr 2025

https://github.com/neilalexander/sigmavpn

Light-weight, secure and modular VPN solution which makes use of NaCl encryption (also available for Android using jnacl in "sigmavpn-android")

c libsodium nacl security tunnel vpn

Last synced: 06 Oct 2025

https://github.com/algolia/sup3rS3cretMes5age

Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

golang hashicorp-vault secrets security vault

Last synced: 28 Mar 2025

https://github.com/tirrenotechnologies/tirreno

Monitor, analyze, and protect your web application from cyber fraud, account takeovers, fake accounts, bots, and abuse. Get started — free.

analytics antispam application-monitoring audit-trail bot-detection bot-management ciso fraud fraud-detection fraud-prevention intelligence intranet log-analysis monitoring php-project security self-hosted siem web-analytics

Last synced: 11 Jan 2026

https://github.com/404notf0und/always-learning

404 Not Found的知识库:计算机理论基础、计算机技术基础、底层研究、安全技术、安全研究、人工智能、企业安全建设、安全发展、职业规划、综合素质、国内外优秀技术人

artificial-intelligence future knowledgedatabase research security

Last synced: 08 Nov 2025

https://github.com/grapheneos/auditor

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

android attestation authenticity cryptography grapheneos hsm integrity monitoring remote-attestation secure-boot secureboot security strongbox verifiedboot

Last synced: 15 May 2025

https://github.com/limpkin/mooltipass

Github repository dedicated to the mooltipass project

password-keeper password-manager passwords security

Last synced: 26 Mar 2025

https://github.com/0x4D31/galah

Galah: An LLM-powered web honeypot.

golang honeypot llm openai openai-api security security-tools

Last synced: 01 Apr 2025

https://github.com/0x4d31/galah

Galah: An LLM-powered web honeypot.

golang honeypot llm openai openai-api security security-tools

Last synced: 08 Apr 2025

https://github.com/0x4d31/honeylambda

honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

aws deception honeypot honeytoken lambda python security serverless

Last synced: 06 Apr 2025

https://github.com/x13a/Wasted

Lock and wipe on emergency

android kotlin security

Last synced: 03 Apr 2025

https://github.com/0x4D31/honeyLambda

honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

aws deception honeypot honeytoken lambda python security serverless

Last synced: 19 Jul 2025

https://github.com/fuzzinglabs/mcp-security-hub

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

ai claude cybersecurity docker ghidra mcp mcp-server nmap nuclei offensive-security osint pentesting security vulnerability-scanner

Last synced: 21 May 2026

https://github.com/x13a/wasted

Lock and wipe on emergency

android kotlin security

Last synced: 29 Mar 2025

https://github.com/duo-labs/efigy

A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmware

efi firmware macos security

Last synced: 05 Apr 2025

https://github.com/duo-labs/EFIgy

A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmware

efi firmware macos security

Last synced: 01 Apr 2025

https://github.com/lewisardern/bxss

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

blueteam bugbounty bxss cross-site-scripting infosec security xss

Last synced: 02 Apr 2025

https://github.com/Yamato-Security/EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

auditing dfir event forensics hayabusa logs monitoring security sigma sysmon windows

Last synced: 08 May 2025

https://github.com/northpolesec/santa

A binary and file access authorization system for macOS.

allowlist authorization blocklist endpoint-security macos santa security system-extension

Last synced: 10 Apr 2026

https://github.com/Intility/fastapi-azure-auth

Easy and secure implementation of Azure Entra ID (previously AD) for your FastAPI APIs 🔒 B2C, single- and multi-tenant support.

anyio asgi asyncio authentication azure azure-active-directory azure-ad azuread fastapi oauth2 oidc openapi openid openidconnect python security trio

Last synced: 15 Mar 2025

https://github.com/splitline/How-to-Hack-Websites

開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

ctf security web-security

Last synced: 02 Apr 2025

https://github.com/xchwarze/cain

Password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks and more!

security tools

Last synced: 04 Apr 2025

https://github.com/mervick/aes-bridge

AesBridge is a modern, secure and cross-language AES encryption library that supports CBC, GCM, and Legacy CBC modes. The goal is to ensure secure, interoperable encryption across multiple platforms and programming languages

aes-256 aes-cbc aes-encryption aes-gcm cbc cross-language crypto crypto-library decryption encryption gcm openssl secure security

Last synced: 16 Jan 2026

https://github.com/HXSecurity/TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 11 May 2025

https://github.com/life4/enc

🔑🔒 A modern and friendly CLI alternative to GnuPG: generate and download keys, encrypt, decrypt, and sign text and files, and more.

cli cryptography decryption encryption gnupg go golang gpg keybase pgp rsa-cryptography security signature

Last synced: 05 Apr 2025

https://github.com/milesrichardson/docker-onion-nmap

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

docker nmap pentesting proxychains recon scanner security tor

Last synced: 27 Dec 2025

https://github.com/hxsecurity/terraformgoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

aws-security azure-security cloud-security cloudsecurity gcp gcp-security kubernetes-security security terraform

Last synced: 05 Apr 2025

https://github.com/saturneric/GpgFrontend

A free, open-source, robust yet user-friendly, compact and cross-platform tool for OpenPGP encryption. It stands out as an exceptional GUI frontend for the modern GnuPG (gpg).

communication crypto decrypt digital-signature dsa ecc ecdh ecdsa encrypt encryption-decryption gpg openpgp rsa security security-tools signature signature-verification

Last synced: 26 Mar 2025

https://github.com/HarmVeenstra/Powershellisfun

Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below or buy me a coffee :) https://www.buymeacoffee.com/powershellisfun

365 active-directory endpoint-manager exchange fun hyper-v intune microsoft networking powershell powershell-script sandbox scripts security security-audit security-tools server windows windowssandbox winget

Last synced: 09 Apr 2025

https://github.com/harmveenstra/powershellisfun

Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below or buy me a coffee :) https://www.buymeacoffee.com/powershellisfun

365 active-directory endpoint-manager exchange fun hyper-v intune microsoft networking powershell powershell-script sandbox scripts security security-audit security-tools server windows windowssandbox winget

Last synced: 15 May 2025

https://github.com/nette/forms

📝 Generating, validating and processing secure forms in PHP. Handy API, fully customizable, server & client side validation and mature design.

forms html javascript nette nette-framework php safety security validation

Last synced: 29 Apr 2025

https://github.com/ultrasecurity/darkside

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

hack hack-tool js penetration-testing pentest-tool php python security

Last synced: 10 Apr 2025

https://github.com/llsoftsec/llsoftsecbook

Low-Level Software Security for Compiler Developers

book compiler compiler-development security

Last synced: 04 Apr 2025

https://github.com/andryou/scriptsafe

a browser extension to bring security and privacy to chrome, firefox, and opera

blacklist block browser chrome control extension fingerprinting firefox javascript noscript opera privacy protection scriptsafe security tracking whitelist

Last synced: 04 Apr 2025

https://github.com/archstrike/archstrike

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

arch-linux arch-pkgbuilds archstrike armv6 armv7 armv8 distro hackers hacking linux linux-distribution odroid-c2 penetration-testing pentesting raspberry-pi repository security security-audit security-professionals tools

Last synced: 04 Apr 2025

https://github.com/armijnhemel/binaryanalysis-ng

Binary Analysis Next Generation (BANG)

compliance licensecompliance reverseengineering security

Last synced: 15 May 2025

https://github.com/jedisct1/edgedns

A high performance DNS cache designed for Content Delivery Networks

cache cdn dns rust security

Last synced: 05 Apr 2025

https://github.com/Quillhash/QuillAudit_Auditor_Roadmap

This repository contains a mindmap and stepwise resource to get started with Smart Contract Auditing. If you find anything missing or want to update existing resources, feel free to create a pull request.

blockchain ethereum evm security solidity

Last synced: 08 Apr 2025

https://github.com/escape-technologies/graphql-armor

🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️

apollo apollo-server cybersecurity envelop graphql hacktoberfest middleware security security-tools typescript

Last synced: 14 May 2025

https://github.com/Escape-Technologies/graphql-armor

🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️

apollo apollo-server cybersecurity envelop graphql hacktoberfest middleware security security-tools typescript

Last synced: 04 May 2025

https://github.com/nnsee/fileless-elf-exec

Execute ELF files without dropping them on disk

elf linux python redteam security security-tools

Last synced: 12 Jan 2026

https://github.com/crocs-muni/javacard-curated-list

Curated list of open-source Java Card applets and related applications for cryptographic smartcards

cryptography currated javacard security smartcard

Last synced: 31 Jan 2026

https://github.com/libaibaia/cloudSec

云安全利用工具-云平台AK/SK-WEB利用工具,添加AK/SK自动检测资源,无需手动执行,支持云服务器、存储桶、数据库操作

cloudsec security security-tools webapp

Last synced: 07 Sep 2025

https://github.com/tar-ser/automated-liquid-staking-tool-cross-chain-rwa-optimizer

Professional tool for automating trading on DEX (Ethereum, BSC, Solana, AVAX and 15+ networks) with a focus on liquid staking, cross-chain arbitrage and investing in RWA (Real World Assets).

1inch aave algorithmic-trading arbitrage curve-finance defi dex ethereum finance gas-optimization high-frequency-trading layer2 liquidity makerdao multichain security solana staking trading-strategies zk-proof

Last synced: 02 Mar 2025

https://github.com/google/capillary

Capillary is a library to simplify the sending of end-to-end encrypted push messages from Java-based application servers to Android clients.

android crypto cryptography end-to-end-encryption java privacy security

Last synced: 06 Apr 2025

https://github.com/stanfrbd/cyberbro

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

blueteam cti cyber-threat-intelligence cybersecurity dfir docker hash incident-response infosec ioc ipinfo osint osint-python python security security-tools threat threat-hunting threat-intelligence virustotal

Last synced: 27 Jan 2026

https://github.com/tar-ser/automated-liquidity-management-and-security-for-solana-projects

is a powerful tool for projects with >$100k liquidity. It provides automatic pool rebalancing, hacker protection, real-time analytics and cross-chain management.

anchor-framework blockchain cross-chain cryptocurrency dao defi liquidity-pools marinade orca raydium rust security solana solend spl-tokens staking tokenomics web3 wormhole yield-farming

Last synced: 03 Mar 2025

https://github.com/sevagas/swap_digger

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

dfir forensics hacking post-exploitation security

Last synced: 05 Apr 2025

https://github.com/ArchStrike/ArchStrike

An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

arch-linux arch-pkgbuilds archstrike armv6 armv7 armv8 distro hackers hacking linux linux-distribution odroid-c2 penetration-testing pentesting raspberry-pi repository security security-audit security-professionals tools

Last synced: 30 Apr 2025

https://github.com/houqp/sqlvet

Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.

golang linter security sql static-analysis

Last synced: 09 Apr 2025

https://github.com/zoph-io/aws-security-survival-kit

Bare minimum AWS Security Alerting and Secure by default Configuration

alerting aws observability security

Last synced: 09 Apr 2026

https://github.com/Paradoxis/Flask-Unsign

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

bruteforce ctf ctf-tools penetration-testing pentesting security security-tools

Last synced: 12 Jul 2025

https://github.com/minio/kes

[Deprecated] Key Encryption Server

cryptography encryption kms modern scale secure-by-default security

Last synced: 20 Jun 2025

https://github.com/trimstray/technical-whitepapers

Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.

bsd databases devops hacking linux manuals pdfs pentesters security security-researchers sysadmin whitepapers

Last synced: 06 Apr 2025

https://github.com/modzero/mod0BurpUploadScanner

HTTP file upload scanner for Burp Proxy

burp extension fileupload multipart scanner security uploadscanner

Last synced: 19 Apr 2025

https://github.com/The-Viper-One/Pentest-Everything

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

active-directory active-directory-security bloodhound crto crtp ctf ctf-writeups ecpptv2 ejpt hacking hackthebox offensive-security oscp penetration-testing pentest-tools pentesting proving-grounds-writeups security tryhackme

Last synced: 20 Apr 2025

https://github.com/JPCERTCC/MalConfScan

Volatility plugin for extracts configuration data of known malware

forensics malware memory python security volatility

Last synced: 30 Mar 2025

https://github.com/jpcertcc/malconfscan

Volatility plugin for extracts configuration data of known malware

forensics malware memory python security volatility

Last synced: 05 Apr 2025

https://github.com/bage2014/study

Java全栈工程师学习笔记;Spring、shiro、CAS、oauth2单点登录;cache 、Redis; web 安全及解决思路;redis、mq、quartz、docker;Docker各种组件实践等;mybatis、spring、spring boot实践;分布式锁;基于分库分表等等;Java full-stack engineer study notes; Spring, shiro, CAS, oauth2 single sign-on; cache, Redis; web security and solutions; redis, mq, quartz, docker; Docker various component practices, etc.;

cache cas java jwt mq nginx redis security spring spring-boot sso swagger tomcat web

Last synced: 11 Jul 2025

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 83 awesome-security 330 awesome-web-security 423 awesome-ctf 220 awesome-hacker-search-engines 564 awesome-privacy 635 android-security-awesome 230 awesome-incident-response 221 Awesome-WAF 175 DevSecOps 184 awesome-security-hardening 207 awesome-infosec 215 awesome-cybersecurity-blueteam 252 WebHackersWeapons 431 backend-cheats 961 awesome-sec-talks 265 awesome-vehicle-security 227 awesome-nodejs-security 219 awesome-game-security 92 awesome-cloud-security 154 awesome-iot-hacks 70 awesome-embedded-and-iot-security 131 alternative-frontends 119 DevSecOps 48 Awesome-FL 4,069 Awesome-Cybersecurity-Datasets 54 awesome-golang-security 34 awesome-windows-domain-hardening 70 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 311 osx-and-ios-security-awesome 58 awesome-llm-security 101 awesome-executable-packing 754 awesome-aws-security 173 awesome-lists 737 awesome-ethereum-security 81 Awesome-Jailbreak-on-LLMs 427 awesome-vulnerable-apps 97 awesome-he 90 MobileHackersWeapons 73 npm-security-best-practices 33 awesome-security-GRC 81 awesome-anti-forensic 143 security-apis 115 awesome-python-security 35 awesome-opa 224 awesome-runners 38 graph-adversarial-learning-literature 314 npm-security-best-practices 36
Security Categories
Uncategorized 3,608 fl in top-tier journal 3,220 :books: Literature 2,589 fl in top ml conference and journal 1,564 Tools 1,402 Pentesting 1,162 Operating Systems 1,117 Attack 1,063 カテゴリ 730 Other Lists 714 fl in top ai conference and journal 705 fl in top cv conference and journal 673 Papers 588 Weapons 499 Resources 492 Threat Hunting: 480 **Мероприятия** 457 Defense 442 Official 434 fl on graph data and graph neural networks 429