Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-23 00:28:09 UTC
- JSON Representation
https://github.com/custom-cards/surveillance-card
A custom component for displaying camera feeds in the style of a surveillance system.
camera home-assistant motion security
Last synced: 07 Apr 2025
https://github.com/en0th/ElectricRat
电气鼠靶场系统是一种带有漏洞的Web应用程序,旨在为Web安全渗透测试学习者提供学习和实践的机会。The Electrical Mouse Target Range System is a web application with vulnerabilities designed to provide learning and practice opportunities for web security penetration testing learners.
Last synced: 07 Sep 2025
https://github.com/StringCare/AndroidLibrary
Android library to reveal or obfuscate strings and assets at runtime
android android-library android-reverse android-security assets assets-management encrypt encrypted-data encrypted-strings encryption gradle obfuscate-strings obfuscation reverse-engineering security security-tools string string-conversion string-encoding string-manipulation
Last synced: 11 Jul 2025
https://github.com/stamparm/blackbook
Blackbook of malware domains
domains intrusion-detection malware-detection network-forensics network-monitoring security threats
Last synced: 02 Feb 2026
https://github.com/joinmarket-webui/joinmarket-webui
Your sats. Your privacy. Your profit.
Last synced: 25 Mar 2025
https://github.com/werf/trdl
The universal solution for delivering your software updates securely from a trusted The Update Framework (TUF) repository.
continuous-delivery security tuf update werf
Last synced: 08 Apr 2025
https://github.com/remind101/ssm-env
Expand env variables from AWS Parameter Store
Last synced: 04 Feb 2026
https://github.com/0sec-labs/foxguard
A security scanner as fast as a linter, written in Rust. Batteries included, TUI for triage, secrets, post-quantum audits, diff-aware scans and more 𓃥
cli code-security linter opengrep pre-commit rust sarif sast security semgrep static-analysis tree-sitter vulnerability-scanner
Last synced: 02 Jun 2026
https://github.com/stringcare/androidlibrary
Android library to reveal or obfuscate strings and assets at runtime
android android-library android-reverse android-security assets assets-management encrypt encrypted-data encrypted-strings encryption gradle obfuscate-strings obfuscation reverse-engineering security security-tools string string-conversion string-encoding string-manipulation
Last synced: 07 May 2025
https://github.com/Pkcs11Interop/Pkcs11Interop
Managed .NET wrapper for unmanaged PKCS#11 libraries
crypto cryptography hsm pkcs pkcs11 security smartcard
Last synced: 14 Mar 2025
https://github.com/rsmusllp/termineter
Smart Meter Security Testing Framework
Last synced: 07 Apr 2025
https://github.com/pirate/webrtcchat
:lock_with_ink_pen: Pure Browser To Browser Chat (STUN & ICE Servers optional)
chat-application ice-servers javascript security stun webrtc webrtc-demos
Last synced: 24 Mar 2025
https://github.com/cado-security/varc
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security
Last synced: 08 May 2025
https://github.com/mhausenblas/rbac.dev
A collection of good practices and tools for Kubernetes RBAC
access-control authorization kubernetes permissions rbac security
Last synced: 04 Mar 2026
https://github.com/rahra/onioncat
Official repository of OnionCat, the VPN adapter for Tor and I2P.
anonymity counter-surveillance i2p ipv6 network-security security tor vpn vpn-adapter
Last synced: 19 Feb 2026
https://github.com/semmle/securityexploits
This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits
exploits ql security vulnerabilities
Last synced: 02 Apr 2025
https://github.com/presidentbeef/inject-some-sql
Have fun injecting SQL into a Ruby on Rails application!
rails ruby ruby-on-rails security sql-injection sqli
Last synced: 07 Apr 2025
https://github.com/eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
azure azure-sentinel cloudsecurity hunting incident-response ir microsoft microsoft-sentinel secops security siem soc threat-hunting threat-intelligence
Last synced: 26 Apr 2025
https://github.com/monzo/egress-operator
A Kubernetes operator to produce egress gateway Envoy pods and control access to them with network policies
egress envoy kubernetes networking operator security
Last synced: 12 Apr 2025
https://github.com/codecentric/gopass-ui
gopass CLI + UI = visual cross-platform password manager for teams
git gopass gpg pass password-manager password-store security ui
Last synced: 09 Apr 2025
https://github.com/botherder/androidqf
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
android forensics malware-research security
Last synced: 16 Jan 2026
https://github.com/bongochong/CombinedPrivacyBlockLists
Ad-blocking hosts files, IP block lists, PAC filters, ABP / uBO / ADG subscriptions, and a whole lot more. All merged from multiple reputable sources, combined with my own research. Also, script-based utilities to help you create such things yourself. Updated at least once every two weeks, usually more frequently. Since 2017.
ad-blocking ancient-truths bash bittorrent blocklists bromite cygwin dns file-sharing foss freedom gnu hosts linux mac p2p pihole privacy security shell-scripting
Last synced: 30 Apr 2025
https://github.com/cogolabs/transcend
BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust
Last synced: 19 Mar 2025
https://github.com/cogolabs/beyond
BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
beyondcorp federation golang http-proxy openid-connect perimeter-network proxy proxy-server relying-party security trust-transition vpn zero-trust
Last synced: 09 Apr 2025
https://github.com/intel/tsffs
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Last synced: 13 May 2025
https://github.com/alanvivona/pwnshop
Exploit Development, Reverse Engineering & Cryptography
arm buffer-overflow c crackme crypto cryptography exploit-development format-string-attack go golang infosec python reverse-engineering rop security shellcode writeup x64 x86
Last synced: 01 Mar 2026
https://github.com/omergunal/PoT
Phishing on Twitter
phishing security social-engineering
Last synced: 27 Jul 2025
https://github.com/sandworm-hq/sandworm-guard-js
Easy auditing & sandboxing for your JavaScript dependencies 🪱
audit compartments compliance dependencies dependency-analysis dynamic-analysis hardening intercept lockdown permission permissions sandbox security security-audit security-tools ses supply-chain vulnerability-scanners zero-trust
Last synced: 08 Apr 2025
https://github.com/ksg97031/frida-gadget
Automated tool for patching APKs to enable the use of Frida gadget by downloading the library and injecting code into the main activity.
android apk frida frida-gadget pentest reversing security
Last synced: 05 Oct 2025
https://github.com/trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
bugbounty bugbountytips enumeration infosec infosectools penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security security-tools subdomain subdomain-enumeration subdomain-finder subdomain-scanner
Last synced: 24 Dec 2025
https://github.com/activecm/passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
capturing-packets dns docker-command gplv3 hacktoberfest linux macosx network-monitoring packet-analyzer packet-sniffer packets passer pcap pcap-analyzer python python-2 scapy security sniffer
Last synced: 09 Apr 2025
https://github.com/dopplerhq/cli
The official CLI for interacting with your Doppler secrets and configuration.
cli doppler doppler-cli environment-variables secret-management secrets secrets-management secrets-manager security
Last synced: 28 Jan 2026
https://github.com/macmade/filevaultcracker
macOS FileVault cracking tool
brute-force corestorage crack cracking filevault hacking macos password security wordlist
Last synced: 19 Apr 2025
https://github.com/reveng007/reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
antirootkit-bypass backdoor c hacking-tool hacktoberfest kernel-mode-rootkit linux linux-device-driver linux-kernel linux-kernel-module malware post-exploitation-toolkit redteam redteam-tools ring0 rkhunter-antirootkit security security-tools
Last synced: 09 Apr 2025
https://github.com/JettChenT/scan-for-webcams
scan for webcams on the internet
clarifai python scraping security shodan shodan-python webcam webcams
Last synced: 12 Jul 2025
https://github.com/jarryshaw/pypcapkit
Python-based Comprehensive Network Packet Analysis Library
computer-networking network network-security network-tools packet-analyser packet-analysis packet-analyzer packet-crafting pcap pcap-analyzer pcap-parser python python3 security security-tools
Last synced: 10 Jun 2025
https://github.com/alegrey91/systemd-service-hardening
Basic guide to harden systemd services
hardening linux security systemd
Last synced: 20 Aug 2025
https://github.com/chrispetrou/hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
ethical-hacking flask hacking http-reverse https https-server injection metasploit oscp penetration-testing pentesting post-exploitation red-team reverse-shell security shellcode-injection shellcode-injector tls tls-support tornado
Last synced: 11 May 2025
https://github.com/xk11z/unauthorized
常见的未授权漏洞检测
pentest-tool redteam security unauthorized-access vulnerability-scanners
Last synced: 01 Mar 2026
https://github.com/chrispetrou/HRShell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
ethical-hacking flask hacking http-reverse https https-server injection metasploit oscp penetration-testing pentesting post-exploitation red-team reverse-shell security shellcode-injection shellcode-injector tls tls-support tornado
Last synced: 30 Mar 2025
https://github.com/xuanxuan0/TiEtwAgent
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
detection edr injection memory-scanning security
Last synced: 11 Jul 2025
https://github.com/GitHubSecurityLab/actions-permissions
GitHub token permissions Monitor and Advisor actions
Last synced: 08 Apr 2025
https://github.com/lucasfrag/kali-linux-tools-interface
Graphical Web interface developed to facilitate the use of security information tools.
analysis attack bootstrap cybersecurity education hacking hacking-tools kali-linux pentesting php7 security ssh whitehat
Last synced: 03 Apr 2025
https://github.com/Ziconius/FudgeC2
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
c2 command-and-control cybersecurity implant offensive-security post-exploitation powershell purpleteam python3 readteaming redteam security security-tools
Last synced: 24 Mar 2025
https://github.com/reconmap/pentest-reports-static
Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
hacktoberfest infosec oscp-prep penetration-testing pentest-report pentest-reports pentesting security
Last synced: 26 Feb 2025
https://github.com/geeksonsecurity/vuln-web-apps
A curated list of vulnerable web applications.
security security-scanner vulnerabilities vulnerability-scanners
Last synced: 13 May 2025
https://github.com/projectmatris/antimalwareapp
Anti-malware for Android using machine learning
android android-application android-development anti-malware antivirus foss hacktoberfest libre-av libreav machine-learning malware-detection matris project projectmatris security
Last synced: 02 Apr 2025
https://github.com/GoogleCloudPlatform/jit-groups
JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.
gcp google-cloud iam privileged-access-management security
Last synced: 22 Mar 2025
https://github.com/berryalen02/PECracker
针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.
Last synced: 07 Sep 2025
https://github.com/nodesecure/js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
ast ast-analysis javascript nodejs sast security security-audit security-tools supply-chain-security
Last synced: 03 Mar 2026
https://github.com/alechilczenko/spidex
Continuous reconnaissance network scanner designed for large-scale scans, collecting information on all Internet assets.
banner-grabbing censys command-line-tool internet-of-things iot pentesting port-scanner port-scanning python3 scraping search-engine security security-tools shodan zoomeye
Last synced: 12 Jul 2025
https://github.com/SimplyBuilt/SimonSays
💂 Simple, declarative, role-based access control system for Rails and Ruby
authorization authorizer declarative rails role-based-access-control ruby security
Last synced: 16 Jul 2025
https://github.com/NodeSecure/js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
ast ast-analysis javascript nodejs sast security security-audit security-tools supply-chain-security
Last synced: 09 May 2025
https://github.com/simplybuilt/simonsays
💂 Simple, declarative, role-based access control system for Rails and Ruby
authorization authorizer declarative rails role-based-access-control ruby security
Last synced: 05 Apr 2025
https://github.com/joychou93/sks
Security Knowledge Structure(安全知识汇总)
deserialize java nginx-lua php python security waf webshell xxe
Last synced: 10 May 2025
https://github.com/JoyChou93/sks
Security Knowledge Structure(安全知识汇总)
deserialize java nginx-lua php python security waf webshell xxe
Last synced: 13 Mar 2025
https://github.com/tink-crypto/tink-java
Java implementation of Tink
crypto cryptography java security
Last synced: 14 Jan 2026
https://github.com/pralab/secml_malware
Create adversarial attacks against machine learning Windows malware detectors
adversarial-machine-learning attack infosec machine-learning python security
Last synced: 14 Jan 2026
https://github.com/onur-ozkan/nestjs-rate-limiter
Highly configurable and extensible rate limiter library
guard nestjs rate-limiter request-limiter security
Last synced: 01 Oct 2025
https://github.com/qoomon/aws-ssm-ssh-proxy-command
AWS SSM SSH Proxy Command
aws aws-cli aws-ssm ec2 managed-instance proxy-command security ssh ssh-proxy-command
Last synced: 16 May 2025
https://github.com/karimhabush/cyberowl
A daily updated summary of the most frequent types of security advisories currently being reported from different sources.
cisa cve security security-alerts vulnerability
Last synced: 16 Apr 2025
https://github.com/ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
401 403 broken-access-controls brute-force bug-bounty bypass curl ethical-hacking fuzzing offensive-security open-redirect owasp-top-10 penetration-testing pycurl python python-requests red-team-engagement security web web-penetration-testing
Last synced: 15 May 2025
https://github.com/FuzzingLabs/thoth
Cairo/Starknet security toolkit (bytecode analyzer, disassembler, decompiler, symbolic execution, SBMC)
analysis cairo-lang callflow cfg decompiler disassembler reversing security sierra starknet symbolic-execution
Last synced: 18 Apr 2025
https://github.com/aspnetrun/run-aspnet-identityserver4
Secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. Protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies.
aspnet aspnetcore identityserver4 microservices oauth2 ocelot-gateway openid-connect security
Last synced: 25 Jan 2026
https://github.com/nullarray/intrec-pack
Intelligence and Reconnaissance Package/Bundle installer.
automation bash enumeration install-script installer linux osint pentest pentesting recon reconnaissance security security-tools threatintel
Last synced: 01 Mar 2026
https://github.com/sublime-security/sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
detection-rules email-security phishing phishing-detection security security-tools
Last synced: 18 Jan 2026
https://github.com/nielsing/yar
Yar is a tool for plunderin' organizations, users and/or repositories.
golang infosec osint reconnaissance secrets security tool trufflehog yar
Last synced: 14 Jan 2026
https://github.com/jd-opensource/joysafeter
🚀 JoySafeter: An enterprise AI Agent Platform—Not just chatting. building、running、testing, and tracing autonomous Agent Teams with visual orchestration...
a2a agent agent-platform agent-studio agents coding-agent deepagents mcp memory multi-agent openclaw sandboxing security security-tools skills vulnerability-detection
Last synced: 08 Apr 2026
https://github.com/ATpiu/asset-scan
asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统
golang network-discovery nmap port-scanner security service-discovery vulnerability-detection
Last synced: 11 Jul 2025
https://github.com/rog3rsm1th/frelatage
Coverage-based fuzzer for python applications
fuzz-testing fuzzer fuzzing python python3 security testing
Last synced: 11 Sep 2025
https://github.com/vet-run/vet
vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.
bash cli command-line curl developer-tools devops-tools pipe-security security security-hardening shell shell-script shellcheck sysadmin-tools vet wget
Last synced: 04 Jul 2025
https://github.com/EtherDream/js-port-knocking
Web 端口敲门的奇思妙想
ddos-mitigation javascript portknocking security
Last synced: 20 Mar 2025
https://github.com/dschadow/JavaSecurity
Java web and command line applications demonstrating various security topics
appsec cryptography csp csrf esapi google-tink java java-security java-web owasp security security-topics spring spring-boot spring-security xss
Last synced: 09 Aug 2025
https://github.com/mozilla/eslint-plugin-no-unsanitized
Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
Last synced: 14 May 2025
https://github.com/webarx-security/wpbullet
A static code analysis for WordPress (and PHP)
cyber-security security static-code-analysis wordpress wordpress-development
Last synced: 01 Aug 2025
https://github.com/dbarzin/deming
Management tool for the information security management system / Outil de gestion du système de management de la sécurité de l'information
27001 27002 controls grc isms nis2 nis2directive security smsi
Last synced: 19 Jan 2026
https://github.com/ernw/AndroTickler
Penetration testing and auditing toolkit for Android apps.
android auditing java pentesting security
Last synced: 11 Jul 2025
https://github.com/marcobellaccini/pyaescrypt
A Python 3 module and script that uses AES256-CBC to encrypt/decrypt files and streams in AES Crypt file format (version 2).
aes aes-256 aes-encryption cryptography python3 security
Last synced: 06 Apr 2025
https://github.com/rastating/shiva
An Ansible playbook to provision a host for penetration testing and CTF challenges
ansible ansible-playbook ctf ctf-tools security
Last synced: 03 Aug 2025
https://github.com/buttercup/buttercup-browser-extension
:earth_asia: Buttercup browser extension
buttercup chrome chrome-extension firefox hacktoberfest login login-automation password-manager password-store password-vault security
Last synced: 06 Apr 2025
https://github.com/PwnKit-Labs/foxguard
A security scanner as fast as a linter, written in Rust. Live in the terminal? It also comes with a TUI triage for secrets, post-quantum audits, diff-scans and more 🦊
cli code-security linter opengrep pre-commit rust sarif sast security semgrep static-analysis tree-sitter vulnerability-scanner
Last synced: 06 May 2026
https://github.com/Grunny/zap-cli
A simple tool for interacting with OWASP ZAP from the commandline.
owasp penetration-testing pentesting python security security-audit zap
Last synced: 10 May 2025
https://github.com/mensfeld/code-on-incus
Run coding agents in isolated Incus containers (sandboxes) with session persistence, workspace isolation, and multi-slot support.
ai-tools anthropic claude claude-code cli coding-assistant containers developer-tools devtools incus llm-security llm-tools lxc opencode sandbox sandboxing security
Last synced: 10 Mar 2026
https://github.com/zoicware/RemoveWindowsAI
Force Remove Copilot, Recall and More in Windows 11
ai copilot debloat generative-ai image-creator powershell privacy recall rewrite security windows
Last synced: 24 Sep 2025
https://github.com/aviggiano/theauditorbook
The Auditor Book
audit security security-audit solidity
Last synced: 26 Jul 2025
https://github.com/wkovacs64/pwned
A command-line tool for querying the 'Have I been pwned?' service.
breach dump hack hacktoberfest haveibeenpwned hibp passwords pastes pwned security
Last synced: 06 Apr 2025
https://github.com/lockc-project/lockc
Making containers more secure with eBPF and Linux Security Modules (LSM)
containers ebpf kubernetes lsm lsm-hooks security
Last synced: 29 May 2026
https://github.com/Stratus-Security/Subdominator
The Internets #1 Subdomain Takeover Tool
bug-bounty infosec penetration-testing penetration-testing-tools pentesting security subdomain subdomain-takeover
Last synced: 27 Sep 2025
https://github.com/grunny/zap-cli
A simple tool for interacting with OWASP ZAP from the commandline.
owasp penetration-testing pentesting python security security-audit zap
Last synced: 04 Apr 2025