Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-23 00:28:09 UTC
- JSON Representation
https://github.com/damienbod/AspNetCoreHybridFlowWithApi
Different ASP.NET Core applications using OpenID Connect Hybrid flow Code Flow, Code Flow with PKCE, JWT APIs, MFA examples
asp-net-core asp-net-mvc hybrid-flow jwt oauth2 oidc openid pkce security token
Last synced: 09 Apr 2025
https://github.com/paretosecurity/pareto-mac
Automatically audit your Mac for basic security hygiene.
endpoint-security macos security swift swiftui
Last synced: 18 Feb 2026
https://github.com/CheshireCaat/puppeteer-with-fingerprints
Anonymous automation via puppeteer with fingerprint replacement technology.
automation browser browser-fingerprint browser-fingerprinting chrome chromedriver chromium detection-evasion device-fingerprint device-fingerprinting devtools fingerprint fingerprinting headless privacy privacy-protection puppeteer security stealth stealth-mode
Last synced: 08 Apr 2025
https://github.com/damienbod/aspnetcorehybridflowwithapi
Different ASP.NET Core applications using OpenID Connect Hybrid flow Code Flow, Code Flow with PKCE, JWT APIs, MFA examples
asp-net-core asp-net-mvc hybrid-flow jwt oauth2 oidc openid pkce security token
Last synced: 04 Jan 2026
https://github.com/spamscope/mail-parser
Tokenizer for raw mails
docker docker-image mail mail-analyzer mail-parser mailparser outlook python python3 security
Last synced: 14 May 2025
https://github.com/symfony/security-acl
Symfony Security ACL Component
acl component php security symfony symfony-component
Last synced: 14 May 2025
https://github.com/lengjibo/att-ck-cn
ATT&CK实操
apt attck hacking security security-audit
Last synced: 28 Jan 2026
https://github.com/whgojp/JavaSecLab
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
code-audit devsecops java sdl security
Last synced: 31 Oct 2025
https://github.com/yoxisem544/ScreenshotPreventing-iOS
Prevent screenshot or screenrecording on iOS devices
cocoapods ios ios-lib screencapture screenrecord screenrecording screenshot security spm swift swiftpackage swiftpm swiftui uikit xcode
Last synced: 25 Mar 2025
https://github.com/jassics/cybersecurity-roadmap
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines
application-security aws-security career-development career-guide career-plan career-roadmaps cloud-security cybersecurity-awareness cybersecurity-career-path devsecops interview-questions network-security security security-automation security-questions security-tools
Last synced: 26 Jan 2026
https://github.com/lovasoa/bad_json_parsers
Exposing problems in json parsers of several programming languages.
json json-parser parser security
Last synced: 05 Apr 2025
https://github.com/renatahodovan/grammarinator
ANTLR v4 grammar-based test generator
antlr4 bughunting fuzzer fuzzing grammar-based-testing hacktoberfest random-testing security test-automation
Last synced: 13 Apr 2025
https://github.com/anchore/anchore
This project is deprecated. Work is now done on https://github.com/anchore/syft and https://github.com/anchore/grype for local-host Software Bill of Materials and vulnerability scanning tools.
containers docker python security
Last synced: 30 Dec 2025
https://github.com/bytedance/varmor
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
apparmor apparmor-profiles bpf containers kubernetes lsm policy sandbox seccomp security
Last synced: 16 May 2025
https://github.com/bytedance/vArmor
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
apparmor apparmor-profiles bpf containers kubernetes lsm policy sandbox seccomp security
Last synced: 30 Apr 2025
https://github.com/jwilk/python-afl
American Fuzzy Lop fork server and instrumentation for pure-Python code
Last synced: 08 Apr 2025
https://github.com/cloudtracer/ThreatPinchLookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
alienvault censys cert chrome-extension circl cve dfir ibm-xforce incident-response misp osint passivetotal security shodan threat-hunting threat-sharing threatintel threatminer virustotal whois
Last synced: 06 Apr 2025
https://github.com/AndrewPaglusch/FlashPaper
One-time encrypted password/secret sharing
aes aes-256 bcrypt ciphertext destruct destructing disposable encryption message one-time one-time-secret password php private secret security sqlite webapp zero-knowledge
Last synced: 28 Mar 2025
https://github.com/ionescu007/Simpleator
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
containerization containers emulator hyper-v malware malware-analysis operating-systems reverse-engineering security virtualization
Last synced: 30 Mar 2025
https://github.com/ruisiang/pow-shield
Project dedicated to fight Layer 7 DDoS with proof of work, with an additional WAF and controller. Completed with full set of features and containerized for rapid and lightweight deployment.
cybersecurity ddos ddos-mitigation ddos-protection koa2 netsec network-security nodejs proof-of-work proxy-server security spam-filtering spam-protection typescript waf
Last synced: 16 May 2025
https://github.com/slowmist/eos-bp-nodes-security-checklist
EOS bp nodes security checklist(EOS超级节点安全执行指南)
blockchain checklist eosio hacking security
Last synced: 27 Jan 2026
https://github.com/emproof-com/nyxstone
Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com
aarch64 arm assembly disassembly infosec mips powerpc reverse-engineering risc-v security thumb x86 x86-64
Last synced: 15 May 2025
https://github.com/cert-manager/trust-manager
trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.
go golang hacktoberfest kubernetes security tls
Last synced: 19 Apr 2026
https://github.com/al-sultani/url-tracker
Change monitoring app that checks the content of web pages in different periods.
bugbounty change-monitoring recon reconnaissance security
Last synced: 09 Mar 2026
https://github.com/do-know/Crypt-LE
Crypt::LE - Let's Encrypt / Buypass / ZeroSSL and other ACME-servers client and library in Perl for obtaining free SSL certificates (inc. generating RSA/ECC keys and CSRs). HTTP/DNS verification is supported out of the box, EAB (External Account Binding) supported, easily extended with plugins, easily dockerized.
acme acme-client acme-v2 certificate crypt crypt-le dns docker docker-ssl ecc ecdsa free-ssl-certificates https perl pfx rsa security ssl windows-ssl zerossl
Last synced: 04 Apr 2025
https://github.com/do-know/crypt-le
Crypt::LE - Let's Encrypt / Buypass / ZeroSSL and other ACME-servers client and library in Perl for obtaining free SSL certificates (inc. generating RSA/ECC keys and CSRs). HTTP/DNS verification is supported out of the box, EAB (External Account Binding) supported, easily extended with plugins, easily dockerized.
acme acme-client acme-v2 certificate crypt crypt-le dns docker docker-ssl ecc ecdsa free-ssl-certificates https perl pfx rsa security ssl windows-ssl zerossl
Last synced: 06 Apr 2025
https://github.com/boostsecurityio/poutine
boostsecurityio/poutine
ci cli devops devsecops gh-extension github github-actions golang security security-scanner supply-chain supply-chain-security
Last synced: 09 Mar 2026
https://github.com/idaholab/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek
Last synced: 30 Mar 2025
https://github.com/keyshade-xyz/keyshade
Realtime secret and configuration management tool, with the best in class security and seamless integration support
cli configuration-management devsecops fullstack good-first-issue hacktoberfest javascript nestjs nextjs reactjs saas secret-management secrets-manager security turborepo typescript
Last synced: 05 Jan 2026
https://github.com/SofianeHamlaoui/Pentest-Notes
Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
cheatsheets offensive-security penetration-testing penetration-testing-tools pentesting security security-audit security-tools sofianehamlaoui
Last synced: 12 Jul 2025
https://github.com/mchev/banhammer
Banhammer for Laravel offers a simple way to ban any Model by ID, UUID and by IP or Country.
access autorization ban block countries ip laravel middleware package php restrict security trait user
Last synced: 22 Jan 2026
https://github.com/elliotkillick/qvm-create-windows-qube
Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS
automation cybersecurity infosec privacy qubes qubes-os security virtualization whonix windows windows-10
Last synced: 16 May 2025
https://github.com/many-passwords/many-passwords
Default credentials list. 🐱💻 Leave a star if you like this project! (that motivates me)⭐️
beginner-friendly beginners-friendly cheatsheet cheatsheets contributions-welcome default default-credentials default-password default-value defaults hacktoberfest hacktoberfest2020 hacktoberfest2021 help-wanted iot list open-source password passwords security
Last synced: 24 Mar 2025
https://github.com/cryptofinlabs/audit-checklist
A Solidity smart contract auditing checklist
Last synced: 21 Feb 2026
https://github.com/jserv/talks
schedule and materials about my presentations
aarch64 arm c-programming guts kernel linux microcontroller open-source rtos security
Last synced: 16 May 2025
https://github.com/hashgraph-online/hol-guard
AI antivirus for developer agents: protect Codex, Claude Code, Cursor, Gemini, OpenCode, plugins, skills, MCP servers, and AI harnesses before tools run.
cli codex codex-plugins mcp plugin-scanner python scanner security
Last synced: 18 Jun 2026
https://github.com/ElliotKillick/qvm-create-windows-qube
Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS
automation cybersecurity infosec privacy qubes qubes-os security virtualization whonix windows windows-10
Last synced: 09 Apr 2025
https://github.com/FenkoHQ/dnsmonster
Passive DNS Capture and Monitoring Toolkit
dns dns-server dns-traffic golang nsm passive-dns passivedns pcap security security-tools
Last synced: 01 Apr 2026
https://github.com/fenkohq/dnsmonster
Passive DNS Capture and Monitoring Toolkit
dns dns-server dns-traffic golang nsm passive-dns passivedns pcap security security-tools
Last synced: 03 Apr 2026
https://github.com/SHAdd0WTAka/Zen-Ai-Pentest
🛡⚔️AI-Powered Penetration Testing Framework with automated vulnerability scanning, multi-agent system, and compliance reporting🛡⚔️
ai automation compliance cybersecurity ethical-hacking framework penetration-testing pentesting python security security-tools vulnerability-scanner
Last synced: 04 May 2026
https://github.com/GrapheneOS/platform_manifest
Repo manifest for the GrapheneOS mobile privacy and security hardening project.
android grapheneos privacy security
Last synced: 11 Jul 2025
https://github.com/SAP/credential-digger
A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models :lock:
credentials machine-learning python regex scanner secret security security-tools
Last synced: 11 Jul 2025
https://github.com/rfc-st/humble
A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.
analysis checklist cybersecurity header-parser headers http infosec kali-linux owasp python3 security security-audit security-scanner security-tools
Last synced: 15 Feb 2026
https://github.com/hgascon/pulsar
Protocol Learning and Stateful Fuzzing
fuzzing networking protocol-learning security simulation vulnerability-identification
Last synced: 13 Mar 2026
https://github.com/Skiller9090/Lucifer
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
automation automation-framework cyber-security cybersec cybersecurity enumeration exfiltration framework hacking hacking-framework hacking-tool modular modules pentest-tool pentesting privilege-escalation python security security-tools
Last synced: 12 Jul 2025
https://github.com/LyleMi/papers
Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记
awesome fuzzing papers read-papers reading-notes security
Last synced: 11 Jul 2025
https://github.com/wolfSSL/wolfssh
wolfSSH is a small, fast, portable SSH implementation, including support for SCP and SFTP.
c cryptography embedded iot iot-security portable scp scp-example scp-support security sftp sftp-example ssh ssh-client ssh-client-library ssh-library ssh-server ssh-server-library sshv2 wolfssl
Last synced: 30 Mar 2025
https://github.com/mosajjal/dnsmonster
Passive DNS Capture and Monitoring Toolkit
dns dns-server dns-traffic golang nsm passive-dns passivedns pcap security security-tools
Last synced: 24 Jan 2026
https://github.com/wolfssl/wolfssh
wolfSSH is a small, fast, portable SSH implementation, including support for SCP and SFTP.
c cryptography embedded iot iot-security portable scp scp-example scp-support security sftp sftp-example ssh ssh-client ssh-client-library ssh-library ssh-server ssh-server-library sshv2 wolfssl
Last synced: 06 Jan 2026
https://github.com/ParetoSecurity/pareto-mac
Automatically audit your Mac for basic security hygiene.
endpoint-security macos security swift swiftui
Last synced: 12 Mar 2025
https://github.com/jpcertcc/toolanalysisresultsheet
Tool Analysis Result Sheet
Last synced: 09 Apr 2025
https://github.com/grapheneos/platform_manifest
Repo manifest for the GrapheneOS mobile privacy and security hardening project.
android grapheneos privacy security
Last synced: 09 Jan 2026
https://github.com/vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
adversary-emulation azuread cloud-administration cloud-security entra-id identity-access-management microsoft microsoft-azure-security microsoft-graph microsoft365 mitre powershell red-team security security-testing ttp
Last synced: 15 Apr 2025
https://jpcertcc.github.io/ToolAnalysisResultSheet/
Tool Analysis Result Sheet
Last synced: 24 Mar 2025
https://github.com/feross/safe-buffer
Safer Node.js Buffer API
buffer javascript nodejs safe security
Last synced: 13 Apr 2025
https://github.com/wecooperate/iMonitorSDK
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
access-control defender edr endpoint-security etw kernel monitoring-tool procmon security sysmon zero-trust
Last synced: 11 Jul 2025
https://github.com/ahussam/url-tracker
Change monitoring app that checks the content of web pages in different periods.
bugbounty change-monitoring recon reconnaissance security
Last synced: 10 Mar 2025
https://github.com/paloaltonetworks/rbac-police
Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
kubernetes kubernetes-rbac kubernetes-security prisma-cloud rbac security
Last synced: 16 May 2025
https://github.com/xyfir/ptorx
📩🛡 Email privacy. Anonymously send and receive with alias forwarding. (Abandoned)
alias aliases email email-forwarding forward forwarding mail mail-server msa mta pgp privacy proxy security smtp spam-filtering
Last synced: 15 Apr 2025
https://github.com/RobThree/TwoFactorAuth.Net
.Net library for Two Factor Authentication (TFA / 2FA)
csharp dotnet multi-factor qrcode security totp two-factor twofactorauth
Last synced: 04 May 2025
https://github.com/robthree/twofactorauth.net
.Net library for Two Factor Authentication (TFA / 2FA)
csharp dotnet multi-factor qrcode security totp two-factor twofactorauth
Last synced: 16 May 2025
https://github.com/cea-sec/usbsas
Tool and framework for securely reading untrusted USB mass storage devices.
Last synced: 16 May 2025
https://github.com/palkeo/pakala
Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine
ethereum ethereum-virtual-machine security security-scanner symbolic-execution
Last synced: 13 Dec 2025
https://github.com/sap/credential-digger
A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models :lock:
credentials machine-learning python regex scanner secret security security-tools
Last synced: 15 May 2025
https://github.com/mageni/mageni
Open-source vulnerability scanner
cloud cybersecurity laravel linux macos networking opensource penetration-testing pentesting php security security-audit security-tools vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanner vulnerability-scanners vulnerability-scanning windows
Last synced: 30 Mar 2025
https://github.com/HomeSecExplorer/Proxmox-Hardening-Guide
Security hardening guides for PVE and PBS, built on CIS Debian Benchmark with Proxmox specific best practices.
ceph cis debian enterprise hardening homelab pbs proxmox proxmox-backup-server proxmox-ve pve security virtualization zfs
Last synced: 18 Apr 2026
https://github.com/ztosec/hunter
Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。
Last synced: 11 Jul 2025
https://github.com/dymmond/esmerald
Esmerald framework - Highly scalable, performant, easy to learn, easy to code and for every sizeable and complex application
api async asyncio framework json json-schema openapi openapi3 pydantic python python-types python3 redoc rest security starlette swagger swagger-ui uvicorn web
Last synced: 15 May 2025
https://github.com/joswha/Secure-Coding-Handbook
Web Application Secure Coding Handbook resource.
appsecurity blueteam owasp secure-coding secure-coding-practices security webappsecurity
Last synced: 14 Apr 2025
https://github.com/kac89/vulnrepo
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
angular bugbounty burpsuite cve cwe end-to-end-encryption mitre-attack nessus nmap openvas pci-dss pentesting security security-team security-tool trivy vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research
Last synced: 03 Apr 2025
https://github.com/tarraschk/richelieu
List of the most common French passwords
audit bruteforce-wordlist cybersecurity dictionary security
Last synced: 15 Mar 2026
https://github.com/andreiverse/grc2
grim reaper c2
command-and-control infosec redteam security security-tools
Last synced: 08 Nov 2025
https://github.com/puliczek/cve-2022-0337-poc-google-chrome-microsoft-edge-opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
bugbounty bugbounty-writeups bugbountytips cve cve-2022-0337 cybersecurity exploit hacking payload pentest pentesting red-team security security-writeups writeups
Last synced: 27 Jan 2026
https://github.com/invariantlabs-ai/invariant
Guardrails for secure and robust agent development
Last synced: 12 Jan 2026
https://github.com/Aabyss-Team/awsKeyTools
AWS云平台 AccessKey 泄漏利用工具
accesskey accesskeysecret aws cloud-native-security cloud-security cloud-security-tools security security-tools
Last synced: 11 May 2025
https://github.com/splx-ai/agentic-radar
A security scanner for your LLM agentic workflows
agentic-ai agentic-framework agentic-workflow ai ai-red-teaming ai-security cli devsecops generative-ai llm llm-security red-teaming security security-tools
Last synced: 01 Apr 2025
https://github.com/inquest/omnibus
The OSINT Omnibus (beta release)
iocs osint python security security-automation threat-intelligence
Last synced: 17 Jan 2026
https://github.com/MarkoH17/Spray365
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
enumeration password-spray pentest python3 security
Last synced: 12 Jul 2025
https://github.com/googlecloudplatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
audit-logs bigquery chronicle cloud-security-command-center gcp google-cloud log-analytics logging network-analysis network-logs security security-operations threat-detection
Last synced: 05 Apr 2025
https://github.com/cloudogu/k8s-diagrams
A collection of kubernetes-related diagrams
authc authn container deployment k8s kubernetes node pod podsecuritypolicies psp rbac security
Last synced: 16 May 2025
https://github.com/e-m-b-a/embark
EMBArk - The firmware security scanning environment
data-analysis django embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking iot linux penetration-testing pentesting scanner security security-automation security-scanner security-testing security-tools ubuntu-server vulnerability-scanners
Last synced: 16 May 2025
https://github.com/Quillhash/QuillAudit_Reports
QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
audit-reports bep20 binance-smart-chain blockchain bockchain dapps erc20 erc721 nft penetration-testing polygon security security-audit security-vulnerabilities smartcontract-dapp solana solidity tron vulnerability
Last synced: 24 Mar 2025
https://github.com/sanix-darker/antiddos-system
🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!
captcha captcha-breaking captcha-image connection-frequency ddos ddos-attacks hack hacking php protected protection protector robot secure secure-access secured security security-tools verification web
Last synced: 06 Jul 2025
