Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-23 00:28:09 UTC
- JSON Representation
https://github.com/ivan-sincek/powershell-reverse-tcp
PowerShell scripts for communicating with a remote host.
bind-shell bind-tcp bug-bounty defensive-security ethical-hacking networking offensive-security penetration-testing powershell red-team-engagement reverse-shell reverse-tcp security tcp
Last synced: 07 Apr 2025
https://github.com/mihirdilip/aspnetcore-authentication-apikey
Easy to use and very light weight Microsoft style API Key Authentication Implementation for ASP.NET Core. It can be setup so that it can accept API Key in Header, Authorization Header, QueryParams or HeaderOrQueryParams.
api-key-authentication apikey apikey-authentication apikeyauthentication asp-net-core asp-net-core-apikey-authentication asp-net-core-authentication aspnetcore aspnetcore-apikey-authentication aspnetcore-authentication authentication authentication-scheme net50 netstandard netstandard20 security
Last synced: 16 May 2025
https://github.com/dotboris/vuejs-serverside-template-xss
Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
security vue vue2 vuejs vuejs2 xss xss-vulnerability
Last synced: 31 Jan 2026
https://github.com/10up/safe-svg
Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website.
file graphic hacktoberfest image media mime sanitize security svg svg-upload upload vector wordpress
Last synced: 14 May 2025
https://github.com/MozillaSecurity/grizzly
A cross-platform browser fuzzing framework
automated-testing automation framework fuzz-testing fuzzing python security stability test-framework testcase-reducer testing
Last synced: 09 Jul 2025
https://github.com/GaProgMan/OwaspHeaders.Core
Inject OWASP recommended HTTP Headers for increased security in a single line
application-security aspnetcore http-header middleware nuget owasp security
Last synced: 16 Mar 2025
https://github.com/noraj/rawsec-cybersecurity-inventory
An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
cyber cyber-security cyberdefense cybersecurity hacktoberfest infosec inventory ressources security security-tools tools
Last synced: 16 May 2025
https://github.com/arcaneiceman/kraken
Kraken: A multi-platform distributed brute-force password cracking system
bruteforce-password-cracker hashcat kraken kraken-client password-cracker security security-tools wpa2-cracking
Last synced: 01 Apr 2025
https://github.com/owasp/cve-lite-cli
Fast, developer-friendly JS/TS dependency vulnerability scanner with local lockfile scanning, OSV matching, direct vs transitive visibility, --fix, JSON output, and practical remediation guidance.
appsec cve javascript nodejs owasp security security-tools
Last synced: 27 May 2026
https://github.com/nextcloud/twofactor_totp
🔑 Second factor TOTP (RFC 6238) provider for Nextcloud
2fa otp rfc-6238 security totp two-factor two-factor-authentication
Last synced: 16 May 2025
https://github.com/ossf/scorecard-action
Official GitHub Action for OpenSSF Scorecard.
github github-actions openssf-scorecard security supply-chain
Last synced: 15 May 2025
https://github.com/ameenmaali/qsfuzz
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
bugbounty fuzz infosec security vulnerability-detection
Last synced: 02 Apr 2025
https://github.com/zishanadthandar/pentest
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
activedirectory cheetsheet cyber-security cybersecurity cybersecurity-tool ethical-hacking hacking hacking-tool infosec penetration-testing penetration-testing-tools pentest pentesting powershell redteam redteaming security web-application-penetration-testing web-application-security whitehat-hacker
Last synced: 16 May 2025
https://github.com/security-checklist/php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
bugbounty checklist php php-framework php-library php-security php-security-checker security security-audit security-checklist security-research security-researcher security-testing web-application web-application-framework web-application-security webapplication
Last synced: 30 Mar 2025
https://github.com/smarttang/w3a_SOC
元豚科技 - 基于日志安全分析做切入,做最好用的「云原生安全运维工作台」
anaylsis golang hacker java mybatis-plus security security-tools springboot vue
Last synced: 27 Apr 2025
https://github.com/tpm2-software/tpm2-pkcs11
A PKCS#11 interface for TPM2 hardware
crypto cryptography pkcs11 security signing tpm tpm2
Last synced: 08 Apr 2025
https://github.com/prosopo/captcha
Open-source, frictionless CAPTCHA and bot defense. A privacy-focused alternative to reCAPTCHA and hCaptcha.
antispam bot-defense bot-detection captcha captcha-alternative ddos-mitigation ddos-protection frictionless-captcha hcaptcha human-verification invisible-captcha privacy procaptcha proof-of-work recaptcha security self-host spam spam-detection spam-protection
Last synced: 16 Jun 2026
https://github.com/p3nt4/Invoke-Piper
Forward local or remote tcp ports through SMB pipes.
Last synced: 01 Apr 2025
https://github.com/p3nt4/invoke-piper
Forward local or remote tcp ports through SMB pipes.
Last synced: 09 Apr 2025
https://github.com/slok/agebox
Age based repository file encryption gitops tool
age blackbox encryption git-crypt gitops repository-secrets secrets secrets-management security security-tools sops
Last synced: 16 Oct 2025
https://github.com/dm-zharov/swift-security
Modern Swift framework for Keychain API. Supports iOS, macOS, watchOS, tvOS and visionOS
certificate cryptokit identity keychain pkcs12 security swift swiftui x509
Last synced: 17 Jun 2025
https://github.com/rams3sh/Aaia
AWS Identity and Access Management Visualizer and Anomaly Finder
aws graph iam neo4j pentesting security security-tools
Last synced: 01 Apr 2025
https://github.com/aabysszg/open-source-information-leakage
开源项目信息泄露笔记
information-leakage intelligence open-source osint osint-tools security
Last synced: 01 Jul 2025
https://github.com/rams3sh/aaia
AWS Identity and Access Management Visualizer and Anomaly Finder
aws graph iam neo4j pentesting security security-tools
Last synced: 06 Apr 2025
https://github.com/chriskalix/hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
agent ebpf ebpf-programs ebpf-sec golang hids libbpf linux netlink runtime-security rust security
Last synced: 24 May 2026
https://github.com/landlock-lsm/go-landlock
A Go library for the Linux Landlock sandboxing feature
landlock linux sandboxing security
Last synced: 19 Apr 2026
https://github.com/aquasecurity/traceeshark
Deep Linux runtime visibility meets Wireshark
epbf linux malware-analysis runtime-security security tracee tracing wireshark
Last synced: 13 Oct 2025
https://github.com/stevenaldinger/decker
Declarative penetration testing orchestration framework
automation decker docker framework go golang hacking hcl kali linux orchestration penetration security testing
Last synced: 16 Feb 2026
https://github.com/Eyadkelleh/awesome-skills-security
Security testing toolkit for AI Agent: curated SecLists wordlists, injection payloads, and expert agents for authorized pentesting, CTFs, and bug bounties
agent-skills agentic-ai appsec ctfs hacking-tool pentest-tool pentesting seclists seclists-download security
Last synced: 23 Jun 2026
https://github.com/nextcloud/end_to_end_encryption
:closed_lock_with_key: Server API to support End-to-End Encryption
encryption end-to-end-encryption security
Last synced: 16 May 2025
https://github.com/AabyssZG/Open-Source-Information-Leakage
开源项目信息泄露笔记
information-leakage intelligence open-source osint osint-tools security
Last synced: 05 Apr 2025
https://github.com/Extravi/araa-search
A privacy-respecting, ad-free, self-hosted Google metasearch engine with strong security that offers full API support and utilizes Qwant for images, and DuckDuckGo for auto-complete.
ad-free api api-support autocomplete foss google-api metasearch metasearch-engine osint privacy privacy-search python search search-engine search-results security security-tools self-hosted tor
Last synced: 14 Mar 2025
https://github.com/moqui/moqui-framework
Use Moqui Framework to build enterprise applications based on Java. It includes tools for databases (relational, graph, document), local and web services, web and other UI with screens and forms, security, file/resource access, scripts, templates, l10n, caching, logging, search, rules, workflow, multi-instance, and integration.
application-framework crm database-access ecommerce entity erp framework freemarker groovy java moqui moqui-framework rest security server service web
Last synced: 02 Mar 2026
https://github.com/nitrokey/nitrokey-app
Nitrokey's Application (Win, Linux, Mac)
c-plus-plus cross-platform debian-packages encrypted-store libusb linux nitrokey one-time-passwords otp password-manager password-store password-vault qt5 security ubuntu-linux
Last synced: 06 Apr 2025
https://github.com/spamscope/spamscope
Fast Advanced Spam Analysis Tool
ansible ansible-playbook apache-storm application-security dialect docker docker-image mail-analyzer outlook python security smtp spam-analyzer spamscope streamparse
Last synced: 04 Apr 2025
https://github.com/SpamScope/spamscope
Fast Advanced Spam Analysis Tool
ansible ansible-playbook apache-storm application-security dialect docker docker-image mail-analyzer outlook python security smtp spam-analyzer spamscope streamparse
Last synced: 05 May 2025
https://github.com/0x4D31/deception-as-detection
Deception based detection techniques mapped to the MITRE’s ATT&CK framework
deception detection honeypot honeytoken security
Last synced: 24 Mar 2025
https://github.com/restran/fomalhaut
🚀 A Simple API Gateway for Building Security and Flexible Microservices.
api-gateway microservice python security tornado waf
Last synced: 09 May 2025
https://github.com/duo-labs/isthislegit
Dashboard to collect, analyze, and respond to reported phishing emails.
infosec phishing phishing-reports security security-automation security-tools
Last synced: 07 Apr 2025
https://github.com/op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
att edr edr-solutions incident-response mitre security security-audit
Last synced: 12 Apr 2025
https://github.com/strongdm/leash
Leash by StrongDM - take your AI agents for a walk
agentic ai claude-code codex-cli container sandbox security
Last synced: 12 Mar 2026
https://github.com/warpnet/ms-rpc-fuzzer
Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By following this approach, a security researcher will hopefully identify interesting RPC services in such a time that would take a manual approach significantly more.
exploit internals research rpc security vulnerability windows
Last synced: 04 Sep 2025
https://github.com/apache/syncope
Apache Syncope
access-management api-gateway api-management authentication authorization enforce-policies identity-governance identity-management identity-provider identity-provisioning microservices oauth2 openidconnect proxy request-routing saml2 scim security service-mesh sso
Last synced: 03 Apr 2026
https://github.com/lyshark/LyScript
A powerful automatic disassembly control module developed for x64dbg improves the efficiency of reverse analysis.
debugging dissassembler hacktoberfest security x64dbg x64dbg-plugin x64dbg-theme x86-64
Last synced: 12 Jul 2025
https://github.com/0x4d31/deception-as-detection
Deception based detection techniques mapped to the MITRE’s ATT&CK framework
deception detection honeypot honeytoken security
Last synced: 02 Jan 2026
https://github.com/dev-sec/puppet-os-hardening
This puppet module provides numerous security-related configurations, providing all-round base protection.
hardening linux puppet security
Last synced: 23 Nov 2025
https://github.com/burpheart/PHPAuditGuideBook
《PHP代码审计入门指南》 这本指南包含了我在学习PHP代码审计过程中整理出的一些技巧和对漏洞的一些理解
Last synced: 11 Jul 2025
https://github.com/hahwul/droid-hunter
(deprecated) Android application vulnerability analysis and Android pentest tool
android hacking scanner security vulnerability
Last synced: 26 Mar 2025
https://github.com/tailscale/security-policies
Security policies for Tailscale
Last synced: 18 Oct 2025
https://github.com/spring-projects/spring-vault
Provides familiar Spring abstractions for HashiCorp Vault
encryption framework java secrets security spring vault
Last synced: 20 Apr 2026
https://github.com/reposaur/reposaur
Open source compliance tool for development platforms.
audit compliance git github github-actions gitlab go golang golang-tools opa rego report security
Last synced: 17 Jan 2026
https://github.com/zacharyzcr/secgpt
A Test Project for a Network Security-oriented LLM Tool Emulating AutoGPT
ai autogpt cybersecurity langchain llm secgpt security
Last synced: 06 Apr 2025
https://github.com/clarkio/azure-mask
A browser extension (Chromium, Firefox) that toggles concealment of sensitive information found in the Azure Portal web page such as Subscription Id's
browser-extension chrome chrome-extension firefox firefox-addon hacktoberfest hacktoberfest2022 security
Last synced: 06 Apr 2025
https://github.com/ZacharyZcR/SecGPT
A Test Project for a Network Security-oriented LLM Tool Emulating AutoGPT
ai autogpt cybersecurity langchain llm secgpt security
Last synced: 04 Apr 2025
https://github.com/CervantesSec/cervantes
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
audit burpsuite collaboration collaboration-platform collaborative cve hacking nessus nmap penetration-testing penetration-testing-tools pentesters pentesting red-team red-teaming report reporting security vulnerability vulnerability-management
Last synced: 11 Jul 2025
https://github.com/step-security/wait-for-secrets
Publish from GitHub Actions using multi-factor authentication
action actions github-actions mfa security
Last synced: 16 May 2025
https://github.com/danielroe/provenance-action
Fail CI when dependencies in your lockfile lose npm provenance or trusted publisher status
github-actions provenance security trusted-publishing
Last synced: 09 Oct 2025
https://github.com/dev-sec/ssh-baseline
DevSec SSH Baseline - InSpec Profile
audit baseline devsec hacktoberfest hardening inspec security ssh
Last synced: 04 Jul 2025
https://github.com/z0ph/aws-security-toolbox
AWS Security Tools (AST) in a simple Docker container. :package:
amazon-web-services assessments audit aws security
Last synced: 26 Mar 2025
https://github.com/capnspacehook/whalewall
Automate management of firewall rules for Docker containers
docker firewall golang security
Last synced: 05 Jul 2025
https://github.com/inspektor-dev/inspektor
Inspektor is a protocol-aware proxy that is used to enforce access policies👮
access-control acl authorization go iam openpolicyagent permissions rbac rust security vuejs
Last synced: 03 Apr 2025
https://github.com/chriskaliX/Hades
Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
agent ebpf ebpf-programs ebpf-sec golang hids libbpf linux netlink runtime-security rust security
Last synced: 11 Jul 2025
https://github.com/joinmarket-webui/jam
Your sats. Your privacy. Your profit.
Last synced: 15 May 2025
https://github.com/ThinkInAIXYZ/clawdhome
ClawdHome securely isolates and manages multiple OpenClaw gateway instances on one Mac.
isolation local-first macos multi-instance openclaw private-ai-assistant security zero-trust
Last synced: 15 Apr 2026
https://github.com/pashword/pashword
🔒 Pashword - Never forget passwords ever again! Free and Open Source Hashed Password Generator
pashword password password-generator password-manager security
Last synced: 04 Apr 2025
https://github.com/trailofbits/SecureEnclaveCrypto
Demonstration library for using the Secure Enclave on iOS
apple crypto ios keychain keypair macos secure-enclave-processor security swift
Last synced: 02 Aug 2025
https://github.com/zaproxy/action-full-scan
A GitHub Action for running the ZAP Full scan
actions dast devsecops github-actions security
Last synced: 23 Aug 2025
https://github.com/affaan-m/agentshield
AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️
ai-agent anthropic claude-code hackathon mcp opus security
Last synced: 01 Apr 2026
https://github.com/slowmist/papers
SlowMist Vulnerability Research Advisories
advisories blockchain security vulnerability
Last synced: 11 Apr 2025
https://github.com/projectdiscovery/dnsprobe
DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
bugbounty dns dns-utils dnsprobe retryabledns security subdomain
Last synced: 06 Apr 2025
https://github.com/breard-r/libreauth
LibreAuth is a collection of tools for user authentication.
authentication hotp library oath password password-hash password-storage security totp
Last synced: 15 May 2025
https://github.com/leiweibau/Pi.Alert
Scan the devices connected to your WIFI / LAN and alert you the connection of unknown devices. It also warns if a "always connected" device disconnects. In addition, it is possible to check web services for availability. For this purpose HTTP status codes and the response time of the service are evaluated.
arp-scan intrusion-detection network-security pi-hole pialert security self-hosted
Last synced: 07 Apr 2025
https://github.com/avahowell/masterkey
secure interactive password manager with xchacha20poly1305, argon2id, and Go
cryptography interactive password-manager security unix vault
Last synced: 23 Jun 2025
https://github.com/madhuakula/hacker-container
The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.
container docker hacker-container hacking infosec kubernetes kubernetes-cluster pentest pentesting security security-tools tools
Last synced: 08 Oct 2025
https://github.com/tensult/cloud-reports
Scans your AWS cloud resources and generates reports. Check out free hosted version:
analyzer aws best-practices cloud cloud-computing html json pdf puppeteer reports scans security
Last synced: 16 May 2025
https://github.com/dhammon/ai-goat
Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.
Last synced: 06 Apr 2025
https://github.com/0x4d31/honeybits
A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
breadcrumbs deception go golang honeybits honeypot honeytoken honeytrap security trap
Last synced: 12 May 2025
https://github.com/alulsh/personal-security-checklist
Personal security checklist for securing your devices and accounts.
infosec personal-security security
Last synced: 02 Mar 2026
https://github.com/0x4D31/honeybits
A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
breadcrumbs deception go golang honeybits honeypot honeytoken honeytrap security trap
Last synced: 11 Jul 2025
https://github.com/deadbits/insecureprogramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
c exploitation learning-exercise security security-vulnerability vulnerabilities
Last synced: 09 Apr 2025
https://github.com/firefart/hijagger
Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
bugbounty golang hacking npm pypi security security-tools
Last synced: 07 Apr 2025
https://github.com/rapidfort/community-images
:gem: RapidFort hardened secure images
cve docker docker-image hardened hardened-image mariadb mysql nginx postgresql redis security
Last synced: 09 Mar 2026
https://github.com/envless/envless
OpenSource, frictionless and secure way to share and manage app secrets across teams.
aws azure cli coss e2ee e2ee-encryption env envless gcp good-first-issue javascript k8s nextjs openpgp opensource secrets security typescript vercel
Last synced: 15 May 2025
https://github.com/juice-shop/multi-juicer
Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
capture-the-flag ctf-platform hacking hacktoberfest juice-shop kubernetes owasp security
Last synced: 08 Apr 2025
https://github.com/edoardottt/missing-cve-nuclei-templates
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
automation bug-bounty bug-hunting bugbounty bugbounty-tool bugbountytips cve cve-scanning hacking nuclei nuclei-engine nuclei-templates penetration-testing pentesting projectdiscovery security security-tools vulnerability-detection vulnerability-scanners
Last synced: 09 Apr 2025
https://github.com/nairuzabulhul/.codebits
:books: List of resources for Algorithms and Data Structures in Python & other CS topics @2017
algorithm algorithms books c computer-science databases django-tutorial hackerrank interview interview-questions leetcode networking operating-system programming programming-tutorial python python-tutorial resources security tech-interviews
Last synced: 06 Apr 2025
https://github.com/ivangabriele/clamav-desktop
Cross-platform Desktop GUI for ClamAV antivirus.
antivirus clamav clamav-client daemon debian desktop desktop-app desktop-client gui linux macos open-source react rust security sidecar tauri typescript ubuntu windows
Last synced: 12 Apr 2025
