Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-25 00:24:17 UTC
- JSON Representation
https://github.com/mitre/inspec_tools
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
checklist cis compliance converter disa disa-checklist inspec json mitre-corporation mitre-inspec security stig xccdf
Last synced: 20 Aug 2025
https://github.com/poshsecurity/posh-syslog
Send SYSLOG messages from PowerShell
powershell powershell-gallery security syslog syslog-messages
Last synced: 10 Aug 2025
https://github.com/shivasurya/code-pathfinder
An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced structural search, derive insights, find vulnerabilities in code.
ai-agents ai-sast application-security code-scanning sast security security-tools static-analysis static-code-analysis structural-search
Last synced: 25 Apr 2026
https://github.com/skerkour/chacha20-blake3
The official implementation of the ChaCha20-BLAKE3 AEAD cipher with SIMD acceleration - https://kerkour.com/chacha20-blake3
aead avx2 avx512 blake3 chacha12 chacha20 chacha8 crypto cryptography encryption neon rust security simd wasm
Last synced: 19 May 2026
https://github.com/thegodenage/waffle
Web Application Firewall, made in go.
ddos ddos-protection golang hacktoberfest open-source security waf
Last synced: 22 Jan 2026
https://github.com/veler/PaZword
A password manager made in UWP technology
csharp dropbox onedrive password-generator password-manager security uwp
Last synced: 28 Mar 2025
https://github.com/veler/pazword
A password manager made in UWP technology
csharp dropbox onedrive password-generator password-manager security uwp
Last synced: 25 Mar 2025
https://github.com/USSLab/DolphinAttack
Inaudible Voice Commands
inaudible-voice-commands security speech-recognition ultrasound
Last synced: 03 May 2025
https://github.com/syss-research/nrf24-playset
Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
nrf24 proof-of-concept security security-tools
Last synced: 10 Apr 2025
https://github.com/netflix-skunkworks/swag-client
Cloud multi-account metadata management tool.
Last synced: 07 May 2025
https://github.com/AkashHamal0x01/learn250
bug-bounty bugbounty hacking penetration-testing security
Last synced: 10 Mar 2025
https://github.com/techlore/website
Home of Techlore - digital rights for all. Techlore empowers individuals with practical digital privacy knowledge, security tools, and advocacy resources. Discover how to protect your online data and regain control of your digital identity.
cybersecurity digital-rights privacy privacy-tools resources security techlore
Last synced: 04 Apr 2026
https://github.com/michaelehab/aes-verilog
Advanced encryption standard (AES128, AES192, AES256) Encryption and Decryption Implementation in Verilog HDL
aes aes-128 aes-192 aes-256 aes-decryption aes-encryption cryptography encryption encryption-decryption fpga fpga-board fpga-soc learn rtl security verilog verilog-hdl verilog-project
Last synced: 08 Feb 2026
https://github.com/relizaio/rearm
ReARM - Release-Level Supply Chain Evidence Platform. SBOMs, xBOMs and every other artifact - stored for 10+ years, versioned and audit-ready.
cyclonedx cyclonedx-sbom hardware-supplychain release release-automation release-engineering release-management sbom sbom-distribution sbom-tool security security-tools software-supply-chain software-supply-chain-security software-transparency supply-chain supply-chain-management supply-chain-visibility vulnerability
Last synced: 25 Feb 2026
https://github.com/edoverflow/bug-bounty-responses
A collection of response templates for invalid bug bounty reports.
bugbounty infosec security template
Last synced: 24 Feb 2025
https://github.com/jpcertcc/impfuzzy
Fuzzy Hash calculated from import API of PE files
clustering impfuzzy malware neo4j python security volatility
Last synced: 11 Sep 2025
https://github.com/openclarity/vmclarity
VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
agentless cloud exploits leaked-secrets malware misconfigurations rootkits sbom secrets-detection security vulnerabilities vulnerability-scanners
Last synced: 06 Apr 2025
https://github.com/traut/stixview
STIX2 graph visualisation library in JS
cti cyber-security cyber-threat-intelligence graph library security stix stix2
Last synced: 26 Oct 2025
https://github.com/Gigamick/burnernote
Burner Note is a free, ad-free and open source tool for securely sending text based notes that are encrypted and self destruct once read.
aes-256-cbc encrypt-then-mac privacy security self-destructing-messages
Last synced: 10 Sep 2025
https://github.com/nollium/cve-2024-9264
Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)
authenticated cve cve-2024-9264 exploit file-read-vulnerability grafana poc rce rce-exploit security vulnerability
Last synced: 06 Apr 2025
https://github.com/capeprivacy/nitrogen
Nitrogen is a tool for deploying web services to AWS Nitro Enclaves.
aws confidential-computing docker nitro-enclaves security
Last synced: 04 Jul 2025
https://github.com/edoardottt/longtongue
Customized Password/Passphrase List inputting Target Info
hacking hacking-tool passphrase passphrase-generator password password-generator password-list pentesting python python3 security security-tools social-engineering social-engineering-attacks wordlist wordlist-generator wordlistgeneration wordlists
Last synced: 18 Feb 2026
https://github.com/flast101/php-8.1.0-dev-backdoor-rce
PHP 8.1.0-dev Backdoor System Shell Script
backdoor code code-injection exploit exploit-development pentest pentest-tool php-810-dev php8 php810-dev python python3 rce remote-code-execution security shell shell-script shell-scripts user-agent user-agentt
Last synced: 15 Apr 2025
https://github.com/Plazmaz/MongoDB-HoneyProxy
A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
honeypot information-security infosec mongo mongodb proxy security
Last synced: 27 Mar 2025
https://github.com/divineomega/laravel-password-exposed-validation-rule
🔒 Laravel validation rule that checks if a password has been exposed in a data breach.
data-breach laravel laravel-5-package laravel-validation passwords php security
Last synced: 19 Oct 2025
https://github.com/ziesemer/ad-privileged-audit
Provides various Windows Server Active Directory (AD) security-focused reports.
account-management active-directory auditing blueteam cybersecurity dfir forensics information-gathering powershell purpleteam reporting-tool risk-assessment security security-audit security-auditing-tool security-hardening security-tools system-hardening
Last synced: 12 Jul 2025
https://github.com/zomato/vinifera
A GitHub recon/monitoring tool for finding internal leaks belonging to your organisation.
Last synced: 10 Jul 2025
https://github.com/nextcloud/suspicious_login
Detect and warn about suspicious IPs logging into Nextcloud
deep-learning intrusion-detection machine-learning nextcloud-app privacy security
Last synced: 05 Apr 2025
https://github.com/aliasrobotics/aztarna
aztarna, a footprinting tool for robots.
fingerprinting footprinting ics industrial-robots robotics robots ros ros2 security
Last synced: 05 May 2025
https://github.com/paloaltonetworks/iam-deescalate
IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
aws iam prisma-cloud privilege-escalation security
Last synced: 03 May 2025
https://github.com/nmilcoff/BreachDetector
Detect root, emulation, debug mode and other security concerns in your Xamarin apps
debug detection emulation mobile owasp root security vulnerability-identification xamarin
Last synced: 13 May 2025
https://github.com/SAP/cloud-active-defense?tab=readme-ov-file
Add a layer of active defense to your cloud applications.
cybersecurity deception decoy honeytoken infosec security
Last synced: 03 Apr 2025
https://github.com/ypermitin/ypermitin.yellowcollection
Авторская коллекция разработок на платформе 1С
1c 1c-enterprise audit database perfomance security
Last synced: 04 Apr 2025
https://github.com/aliasrobotics/RSF
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
assessment cybersecurity framework penetration-testing pentesting robotics robots security
Last synced: 15 Nov 2025
https://github.com/Proviesec/xss-payload-list
xss-payload-list
bugbounty cross-site-scripting pentesting security xss
Last synced: 10 Mar 2025
https://github.com/stevespringett/disable-webassembly
Browser hacks to disable WebAssembly (WASM)
brave chrome edge firefox security security-hardening wasm webassembly
Last synced: 14 Apr 2025
https://github.com/ra1nb0rn/search_vulns?tab=readme-ov-file
A modular tool to search for known vulnerabilities, exploits and more across various data sources
cve exploit-search exploitdb nvd pentest pentest-tools security security-research security-tools vulnerability vulnerability-assessment vulnerability-scanning vulnerability-search
Last synced: 08 Jun 2026
https://github.com/skerkour/phaser
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
attack black-hat black-hat-rust infosec offensive offensive-security pentest pentest-tool pentesting rust rust-lang security security-audit security-tools vulnerability vulnerability-scanner vulnerability-scanning
Last synced: 10 Jan 2026
https://github.com/victoriadrake/django-security-check
Helps you continuously monitor and fix common security vulnerabilities in your Django application.
continuous-integration devsecops django github-actions security security-audit security-automation
Last synced: 16 Mar 2025
https://github.com/plazmaz/mongodb-honeyproxy
A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
honeypot information-security infosec mongo mongodb proxy security
Last synced: 01 Nov 2025
https://github.com/Checkmarx/2ms
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
api-keys appsec secret-keys secret-management secrets security
Last synced: 26 Mar 2025
https://github.com/nmilcoff/breachdetector
Detect root, emulation, debug mode and other security concerns in your Xamarin apps
debug detection emulation mobile owasp root security vulnerability-identification xamarin
Last synced: 09 Apr 2025
https://github.com/konstruktoid/ansible-role-docker-rootless
Ansible role to install a rootless Docker server
almalinux ansible centos debian docker docker-daemon docker-rootless hacktoberfest hardening rootless security ubuntu
Last synced: 21 Apr 2026
https://github.com/DivineOmega/laravel-password-exposed-validation-rule
🔒 Laravel validation rule that checks if a password has been exposed in a data breach.
data-breach laravel laravel-5-package laravel-validation passwords php security
Last synced: 21 Nov 2025
https://github.com/kljunowsky/CVE-2022-41040-POC
CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server
bug-bounty bugbounty cve-2022-41040 exploit hacking microsoft microsoft-exchange poc proof-of-concept security ssrf
Last synced: 12 Jul 2025
https://github.com/sap/cloud-active-defense
Add a layer of active defense to your cloud applications.
cybersecurity deception decoy honeytoken infosec security
Last synced: 07 Apr 2026
https://github.com/yanivagman/BPFroid
Trace Android framework API, native libraries, system calls and other events using eBPF
Last synced: 11 Mar 2025
https://github.com/yanivagman/bpfroid
Trace Android framework API, native libraries, system calls and other events using eBPF
Last synced: 05 May 2025
https://github.com/tumpaproject/tumpa
The usability minded OpenPGP application making PGP usage with smartcards like Yubikey super simple
encryption gui openpgp security smartcard
Last synced: 25 Apr 2026
https://github.com/belane/docker-bloodhound
BloodHound Docker Ready to Use
activedirectory bloodhound docker pentest security
Last synced: 12 May 2025
https://github.com/LubyRuffy/tcptunnel
将本地内网服务器映射到公网。
debug frp go nat ngrok proxy reverse-proxy security tunnel
Last synced: 13 Mar 2025
https://github.com/nats-io/nats-account-server
A simple HTTP/NATS server to host JWTs for nats-server 2.0 account authentication.
distributed-systems messaging nats-server security
Last synced: 15 Dec 2025
https://github.com/openmined/kotlinsyft
The official Syft worker for secure on-device machine learning
android-library deep-learning federated-learning kotlin security syft
Last synced: 02 Jul 2025
https://github.com/sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
advisories bugs cve cwe mitre security vulnerabilities
Last synced: 24 Mar 2025
https://github.com/guardianproject/camerav
CameraV: InformaCam Default Android App
camera encryption evidence privacy security
Last synced: 14 Mar 2026
https://github.com/ixortalk/ixortalk.aws.cognito.jwt.security.filter
Spring Boot security filter for decoding Cognito JWT IdTokens
aws cognito cognito-identity-pool jwt security spring-boot spring-security
Last synced: 27 Jul 2025
https://github.com/lubyruffy/tcptunnel
将本地内网服务器映射到公网。
debug frp go nat ngrok proxy reverse-proxy security tunnel
Last synced: 30 Apr 2025
https://github.com/narasimha1997/py4jshell
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
bug log4j python remote-code-execution security
Last synced: 12 Apr 2025
https://github.com/webpwnized/mutillidae-docker
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.
application cybersecurity docker docker-compose environment mutillidae owasp security training web
Last synced: 05 Apr 2025
https://github.com/edersonbrilhante/vilicus
Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
anchore cicd clair docker docker-image docker-scanner golang oci oci-image oci-scanner scan-images security security-scanner security-tools security-vulnerability trivy vilicus
Last synced: 15 Apr 2025
https://github.com/hexagon/cryptalk
HTML5/Node.js based, client side (E2EE) encrypted instant chat
aes aes-256 aes-encryption chat communication docker docker-setup e2ee encrypted-chat instant-messaging secure-communication security
Last synced: 29 Jul 2025
https://github.com/macmod/goblob
A fast enumeration tool for publicly exposed Azure Storage blobs.
azure-blob-storage azure-storage blob-storage brute-force bruteforce bug-bounty bugbounty enumeration go golang infosec pentest recon reconnaissance scanner security
Last synced: 22 Mar 2025
https://github.com/capeprivacy/tf-trusted
tf-trusted allows you to run TensorFlow models in secure enclaves
confidential-computing machine-learning secure-enclaves security sgx
Last synced: 20 Apr 2025
https://github.com/cisofy/cisofy-security-policy
This is the public security policy of CISOfy, with extra resources like security tools.
policy security security-tools
Last synced: 05 Mar 2026
https://github.com/neosmart/securestore
A .NET implementation of the cross-platform SecureStore (symmetrically-encrypted secrets) protocol
asp-net-core csharp dotnet encryption secret-management secrets security
Last synced: 10 Apr 2025
https://github.com/anvilsecure/lookinsidethebox
Breaks the encryption and obfuscation layers that Dropbox applies to their modified Python interpreter.
decompilation dropbox python python3 reverse-engineering security
Last synced: 06 Mar 2026
https://github.com/JPCERTCC/impfuzzy
Fuzzy Hash calculated from import API of PE files
clustering impfuzzy malware neo4j python security volatility
Last synced: 01 Sep 2025
https://github.com/neyslim/ultimate-ca-manager
A comprehensive PKI/Certificate Authority management platform
acme certificate-authority certificate-management certificate-manager crl crl-list fido2 hsm letsencrypt mtls ocsp ocsp-responder pki scep scep-server security ssl-certificates webauthn x509
Last synced: 12 Jun 2026
https://github.com/FedericoCeratto/nim-httpauth
HTTP Authentication library for Nim
authentication authorization http nim nim-lang security
Last synced: 24 Mar 2025
https://github.com/holly-hacker/keepasshax
A tool to extract a KeePass master password from memory
keepass keepass-related password-manager security
Last synced: 07 May 2025
https://github.com/aapanel/bt-waf
堡塔云WAF,宝塔免费(free)的私有云网站应用防火墙(firewall),基于docker/nginx/lua开发
acl captcha cc-attack ddos ddos-attacks ddos-defense ddos-protection docker firewall http-flood modsecurity nginx security security-tools sqli-injection waf web-application-firewall web-security xss
Last synced: 31 Mar 2025
https://github.com/vigiloauth/vigilo
OAuth 2.0 & OIDC Auth Server and Identity Provider
auth-server authentication authorization golang identity-provider idp oauth2 oidc open-source security
Last synced: 13 Mar 2026
https://github.com/openziti/ziti-sdk-py
Ziti SDK for Python
appsec netsec openziti python sdk security zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztna
Last synced: 10 Feb 2026
https://github.com/games647/flexiblelogin
A Sponge minecraft server plugin for second factor authentication
2fa auth authentication cracked minecraft mod plugin security sponge
Last synced: 16 Mar 2025
https://github.com/ntraiseharderror/kaiser
Fileless persistence, attacks and anti-forensic capabilties.
anti-forensics file-less forensics malware-research persistence powershell security winapi wmi
Last synced: 12 May 2025
https://github.com/rsc-dev/pbd
Pbd is a Python module to disassemble serialized protocol buffers descriptors (https://developers.google.com/protocol-buffers/).
disassembler protocol-buffers protocol-buffers-disassembler python reverse-engineering security
Last synced: 23 Jul 2025
https://github.com/owasp/www-project-csrfguard
The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
csrf csrf-protection hacktoberfest java maven owasp security security-tools
Last synced: 15 May 2025
https://github.com/audibleblink/gorsh
A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
c2 golang infosec redteam reverse-shell reverseshell security security-tools
Last synced: 05 Apr 2025
https://github.com/liamg/extrude
:detective: Analyse binaries for missing security features, information disclosure and more...
binary elf macho nx pie portable-executable relro scanner security
Last synced: 15 Apr 2025
https://github.com/syss-research/radio-hackbox
PoC tool to demonstrate vulnerabilities in wireless input devices
proof-of-concept security security-tools
Last synced: 19 Jun 2025
https://github.com/stellarsand/password-monitor
Ensure your password safety by scanning in real data breaches.
android android-app android-application data-breach f-droid fdroid haveibeenpwned kotlin kotlin-android material-design material-ui material-you open-source password password-breach password-safety privacy security security-tools
Last synced: 09 Apr 2025
https://github.com/Narasimha1997/py4jshell
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
bug log4j python remote-code-execution security
Last synced: 12 Jul 2025
https://github.com/tuxcoding/flexiblelogin
A Sponge minecraft server plugin for second factor authentication
2fa auth authentication cracked minecraft mod plugin security sponge
Last synced: 03 Jul 2025
https://github.com/kpcyrd/pacman-bintrans
Experimental pacman integration for Reproducible Builds and Binary Transparency (with sigstore/rekor)
archlinux binary-transparency security supply-chain supply-chain-security
Last synced: 11 Oct 2025
https://github.com/qwaz/solved-hacking-problem
:heavy_check_mark: My solutions for CTF & wargame challenges
ctf ctf-writeups hacking security
Last synced: 07 Jan 2026
https://github.com/suzuki-shunsuke/tfprovidercheck
CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions, and check if disallowed providers aren't used
Last synced: 09 Apr 2025
https://github.com/ariary/cfuzz
Command line fuzzer and bruteforcer 🌪 wfuzz for command
bruteforce bruteforcing cli fuzzing hacking pentest security
Last synced: 10 Oct 2025
https://github.com/The-OAG-Development-Project/Application-Gateway
OWASP Application Gateway is an HTTP proxy that handles Oauth2 authentication and session management
gateway iam reverse-proxy security spring-boot
Last synced: 20 Nov 2025
https://github.com/spatie/mixed-content-scanner-cli
A cli tool to check your site for mixed content
command-line developer-tools mixed-content-error security ssl
Last synced: 13 Apr 2025
https://github.com/blacklanternsecurity/red-run
Offensive security toolkit for Claude Code
claude claude-code ctf offensive-security penetration-testing red-team security
Last synced: 01 Apr 2026
https://github.com/murphysecurity/murphysec-jetbrains-plugin
MurphySec plugin for JetBrains IDEs, identify and fix open source vulnerabilities in your project. 墨菲安全推出的一款 JetBrains IDE 插件,可以用来识别并修复项目中的开源组件漏洞
code-scanner dependency intellij intellij-plugin jetbrains jetbrains-plugin phpstorm security
Last synced: 25 Apr 2025
