Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/linuxfoundation/lf-podcast

From the Linux Foundation office in New York City, welcome to "The Untold Stories of Open Source". Each week we explore the people who are supporting Open Source projects, how they became involved with it, and the problems they faced along the way.

cncf finos hyperledger linuxfoundation open-source openjs-foundation openssf security

Last synced: 24 Dec 2025

https://github.com/cossacklabs/hermes-core

Security framework for building multi-user end-to-end encrypted data storage and sharing/processing with zero leakage risks from storage and transport infrastructure.

access-control crypto-library cryptography cryptography-library encryption end-to-end-encryption hermes security

Last synced: 30 Apr 2025

https://github.com/zj1244/beholder_scanner

一款监控端口变化的系统——beholder_scanner端

ports portscanner scanner security

Last synced: 12 Jul 2025

https://github.com/pdparchitect/llm-hacking-database

This repository contains various attack against Large Language Models.

hacking llm llm-security security

Last synced: 21 Jan 2026

https://github.com/innerwarden/innerwarden

Autonomous security agent for Linux and macOS. 40 eBPF hooks. 48 detectors. 20 response playbooks. 30 correlation rules. 98% MITRE ATT&CK coverage (41/42). Kill chain tracking. AI agent protection. Mesh defense. Pure Rust.

agent-guard ai-agent-security anomaly-detection autonomous-defense correlation-engine ebpf firewall honeypot host-security incident-response intrusion-detection ja3 kernel linux rust security sigma-rules threat-detection tls-fingerprinting yara

Last synced: 16 May 2026

https://github.com/pysnippet/fastapi-oauth2

Easy to integrate OAuth2 authentication with support for several identity providers.

allauth auth authentication fastapi login middleware oauth oauth2 python security social sso

Last synced: 17 Jan 2026

https://github.com/exilon/quickorm

Quick ORM RestServer and RestClient based on mORMot framework

apikey database httpserver mormot orm restclient restserver security sqlite

Last synced: 13 Aug 2025

https://github.com/d3lb3/security-code-review

My personal collection of resources (mostly tools and training materials) for source code security audits.

checklists code-review owasp security

Last synced: 13 Feb 2026

https://github.com/pymodsecurity/pymodsecurity

Python Bindings for ModSecurity v3

bindings modsecurity python python3 security

Last synced: 01 Apr 2026

https://github.com/projectdiscovery/fuzzing-templates

Community curated list of nuclei templates for finding "unknown" security vulnerabilities.

api dast fuzzing nuclei security

Last synced: 14 Jan 2026

https://github.com/InnerWarden/innerwarden

Autonomous security agent for Linux and macOS. 40 eBPF hooks. 48 detectors. 20 response playbooks. 30 correlation rules. 98% MITRE ATT&CK coverage (41/42). Kill chain tracking. AI agent protection. Mesh defense. Pure Rust.

agent-guard ai-agent-security anomaly-detection autonomous-defense correlation-engine ebpf firewall honeypot host-security incident-response intrusion-detection ja3 kernel linux rust security sigma-rules threat-detection tls-fingerprinting yara

Last synced: 03 Apr 2026

https://github.com/robin-thomas/serverless-aws-secrets

🛵 Serverless plugin that reads environment variables and replaces secrets using AWS Secrets Manager 🛵

aws aws-lambda aws-secrets-manager environment-variables javascript jest secrets-manager security serverless serverless-plugin typescript

Last synced: 20 Mar 2025

https://github.com/linuxacademy/la-aws-security_specialty

Learning Activities for the AWS Security Specialty Course

aws lambda lambda-functions linux-academy python python3 security security-automation

Last synced: 30 Apr 2025

https://github.com/zkat/ssri

Standard Subresource Integrity library for Node.js

cryptography hashing npm security sri subresource-integrity verification

Last synced: 22 Jul 2025

https://github.com/coalfire-research/sqlinator

Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS

mitmproxy plugin security sqlinjection webapps xss

Last synced: 13 May 2025

https://github.com/OpenMined/KotlinSyft

The official Syft worker for secure on-device machine learning

android-library deep-learning federated-learning kotlin security syft

Last synced: 13 May 2025

https://github.com/nodertc/dtls

Datagram Transport Layer Security (DTLS) client.

aead aes aes-gcm crypto dtls ecdhe ecdsa js mtu node nodejs psk rsa safety security sha256 sha384 tls udp webrtc

Last synced: 15 Apr 2025

https://github.com/Trusera/ai-bom

AI Bill of Materials — discover every AI agent, model, and API in your infrastructure

ai ai-security bill-of-materials cyclonedx github-actions llm sarif sbom security

Last synced: 24 Feb 2026

https://github.com/mondoohq/installer

Linux, macOS and Windows Install scripts for cnquery & cnspec

aws cloud-native container docker kubernetes linux macos scanner security terraform vmware vulnerability windows

Last synced: 05 May 2026

https://github.com/jedisct1/was-not-wasm

A hostile memory allocator to make WebAssembly applications more predictable.

assemblyscript heartbleed malloc memory-management security wasm webassembly

Last synced: 21 Jul 2025

https://gitlab.com/librewolf-community/browser/source

This GitLab mirror is only used for CI, please report issues here: https://codeberg.org/librewolf/issues and submit changes here: https://codeberg.org/librewolf/source

browser firefox privacy security

Last synced: 27 Sep 2025

https://github.com/custom-components/authenticated

A platform which allows you to get information about sucessfull logins to Home Assistant.

custom-components home-assistant homeassistant security

Last synced: 07 Apr 2025

https://github.com/spiffe/spike

SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane. It protects your secrets and helps your ops, SREs, and sysadmins manage sensitive data securely with minimal overhead.

cloud-native devops devsecops identity-management infrastructure infrastructure-security secrets-management secrets-manager secrets-store security spiffe spire zero-trust

Last synced: 06 Apr 2025

https://github.com/lukebaggett/google_socks

A proof of concept demonstrating the use of Google Drive for command and control.

google-api google-drive penetration-testing python security

Last synced: 11 May 2025

https://github.com/mhausenblas/the-container-security-book

The Container Security Book—a free book for practitioners

aws book containers ecs kubernetes open-policy-agent policy security service-mesh

Last synced: 13 Oct 2025

https://github.com/jermeyyy/rooty

Academic project of Linux rootkit made for Bachelor Engineering Thesis.

academic bachelor-engineering-thesis kernel kernel-module linux linux-rootkit rootkit security thesis

Last synced: 08 Feb 2026

https://github.com/Northern-Lights/yara-parser

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

detection go golang grammar json lexer ruleset security security-tools signatures yara yara-parser yara-ruleset

Last synced: 05 May 2025

https://github.com/hex-five/multizone-sdk

MultiZone® Security TEE is the quick and safe way to add security and separation to any RISC-V processors. The RISC-V standard ISA doesn't define TrustZone-like primitives to provide hardware separation. To shield critical functionality from untrusted third-party components, MultiZone provides hardware-enforced, software-defined separation of multi

attestation container digilent-arty-board firmware fpga freertos hypervisor microkernel multizone risc-v root-of-trust secure-boot secure-element security sifive tee trusted-computing trusted-execution-environment trustzone xilinx

Last synced: 17 Apr 2025

https://github.com/narkisr/nmap4j

A Java Nmap wrapper

java java-nmap-wrapper nmap security

Last synced: 30 Apr 2025

https://github.com/virb3/jvm-dump-proxy

A proxy DLL for Windows to dump JVM classes at JNI level

classes dll dump jni jvm proxy reverse-engineering security windows

Last synced: 24 Jun 2026

https://github.com/codingo/retrieve-windows-wifi-passwords

Retreives the SSID names and passwords in cleartext for each Wifi network stored on the computer running this powershell script and output to JSON.

bash-bunny network-analysis penetration-testing powershell-adminscripts powershell-script security security-tools wifi wifi-hotspot wifi-network wifi-password wifi-security wireless wireless-hotspot wireless-network

Last synced: 28 Oct 2025

https://github.com/ionuttbara/melody_android

Melody Script for Android.

android battery battery-life phone security

Last synced: 15 Apr 2025

https://github.com/jiazhang0/meta-secure-core

OpenEmbedded layer for the use cases on secure boot, integrity and encryption

efi encryption ima integrity modsign secure-boot security sgx signing-keys tpm tpm2 uefi

Last synced: 20 Apr 2025

https://github.com/the404hacking/xsscan

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

cross-site-scripting hacking python scan scanner security security-scanner subdomain the404hacking xss xss-vulnerability xssscan

Last synced: 05 Oct 2025

https://github.com/jipok/jauth

Lightweight SSL/TLS reverse proxy with authorization(via Telegram and SSH) for self-hosted apps

authentication golang letsencrypt lightweight reverse-proxy security self-hosted sni ssh ssl ssl-proxy sso telegram tls

Last synced: 09 Apr 2025

https://github.com/balos1/easy-gpg-to-paper

easy-gpg-to-paper aims to make exporting your secret gpg key to paper, and then restoring from paper, an easy and painless process.

gpg privacy qrcode security

Last synced: 25 Mar 2025

https://github.com/aquasecurity/tracee-action

Protect GitHub Actions with Tracee

ebpf github-actions runtime-scanner security

Last synced: 09 Mar 2026

https://github.com/attackiq/sigmaiq

A pySigma wrapper and langchain toolkit for automatic rule creation/translation

detection-engineering langchain llm python3 security security-tools sigma sigma-rules

Last synced: 14 Oct 2025

https://github.com/jarelllama/scam-blocklist

Blocklist for newly created scam, phishing, and other malicious domains automatically retrieved daily using Google Search API, automated detection, and public databases.

adblock-list adguard adguard-blocklist adguard-home blacklist blocklist dns filterlist google phishing phishing-sites pihole pihole-blocklists scam scam-sites scamblock scammers-database scams security

Last synced: 09 Apr 2025

https://github.com/dajiaji/pyseto

A Python implementation of PASETO and PASERK.

cryptography encryption paserk paseto python security signature token

Last synced: 16 May 2025

https://github.com/openziti/ziti-sdk-nodejs

An SDK for embedding zero trust into Node.JS applications and web servers to improve security.

appsec javascript netsec node nodejs sdk sdk-js security zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztna

Last synced: 28 Apr 2026

https://github.com/k4yt3x/scutum

Linux Automatic ARP (TCP / UDP / ICMP) Firewall

arp arp-spoofing firewall linux security ufw

Last synced: 21 Jun 2025

https://github.com/jarelllama/Scam-Blocklist

Blocklist for newly created scam, phishing, and other malicious domains automatically retrieved daily using Google Search API, automated detection, and public databases.

adblock-list adguard adguard-blocklist adguard-home blacklist blocklist dns filterlist google phishing phishing-sites pihole pihole-blocklists scam scam-sites scamblock scammers-database scams security

Last synced: 10 Apr 2025

https://github.com/luijait/gonet-scanner

Golang network scanner with arp discovery and own parser

arp golang hacking networking nmap parser pentesting portscanner scanports security

Last synced: 11 Apr 2025

https://github.com/zongdeiqianxing/WebSecurityArticles

爬取及整理Freebuf\安全客\先知\知道创宇等站点的”web安全“类优质文章

anquanke articles crawl crawler freebuf leavesongs security seebug vulhub web xianzhi

Last synced: 28 Sep 2025

https://github.com/nyxragon/ejpt-roadmap

This repository contains a roadmap for preparing for the EJPT exam.

certification cybersecurity ejpt ethical-hacking exam hacking ine security vulnerability

Last synced: 17 Jan 2026

https://github.com/blackberry/Falco-bypasses

Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).

bypass falco kubernetes security

Last synced: 11 May 2025

https://github.com/AdamWhiteHat/Judge-Jury-and-Executable

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

antivirus csharp forensic-analysis forensics forensics-investigations forensics-level-scanning mft query-language scanner security threat-hunting threat-monitor yara yara-rules yara-scanner

Last synced: 11 Jul 2025

https://github.com/seojoonkim/prompt-guard

Advanced prompt injection defense system for AI agents. Multi-language detection, severity scoring, and security auditing.

ai-agent ai-security clawdbot llm-security moltbot prompt-injection python security

Last synced: 01 Mar 2026

https://github.com/sandflysecurity/sandfly-setup

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

forensics intrusion-detection intrusion-detection-system linux security security-automation security-scanner security-tools

Last synced: 21 Jan 2026

https://github.com/markets/sudo_rails

🔒 Sudo mode for your Rails controllers

password-confirmation rails rails-engine ruby security sudo

Last synced: 09 Apr 2025

https://github.com/SAP/risk-explorer-for-software-supply-chains

A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and other resources. The taxonomy as well as related safeguards can be explored using an interactive visualization tool.

open-source security

Last synced: 18 Feb 2026

https://github.com/red-kite-solutions/stalker

Stalker, the Extensible Attack Surface Management tool.

attack-surface-management bug-bounty easm security security-automation security-tools xasm

Last synced: 27 Sep 2025

https://github.com/seyz/clawbands

ClawBands is a security middleware for OpenClaw AI agents.

ai openclaw security

Last synced: 15 Feb 2026

https://github.com/ckotzbauer/vulnerability-operator

Scans SBOMs for vulnerabilities with Grype

cve grype kubernetes policyreport sbom security vulnerabilities

Last synced: 06 Apr 2025

https://github.com/m8sec/taser

Python resource library for creating security related tooling

bugbounty hacking pentesting python3 security

Last synced: 10 May 2025

https://github.com/HoLLy-HaCKeR/KeePassHax

A tool to extract a KeePass master password from memory

keepass keepass-related password-manager security

Last synced: 07 May 2025

https://github.com/turbot/steampipe-postgres-fdw

The Steampipe foreign data wrapper (FDW) is a zero-ETL product that provides Postgres foreign tables which translate queries into API calls to cloud services and APIs. It's bundled with Steampipe and also available as a set of standalone extensions for use in your own Postgres database.

aws azure data devsecops gcp golang hacktoberfest kubernetes postgres postgresql postgresql-fdw security sql steampipe steampipe-engine

Last synced: 07 May 2025

https://github.com/cooptilleuls/urlsignerbundle

Create and validate signed URLs with a limited lifetime in Symfony

encryption security sign symfony symfony-bundle url

Last synced: 12 Apr 2025

https://github.com/DefectDojo/sample-scan-files

Sample scan files for testing DefectDojo imports

appsec scans security

Last synced: 07 May 2025

https://github.com/snyk/snyk-maven-plugin

Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.

maven maven-plugin monitors security security-tools snyk snyk-cli vulnerabilities

Last synced: 07 May 2025

https://github.com/sdslabs/beast

Jeopardy-style CTF challenge deployment and management tool.

automation ctf docker education go jeopardy-ctf security

Last synced: 06 Oct 2025

https://github.com/mgeeky/msi-shenanigans

Proof of Concept code and samples presenting emerging threat of MSI installer files.

malware red-team security

Last synced: 26 Mar 2025

https://github.com/getspooky/laravel-mitnick

🔐 laravel-security helps you secure your Laravel apps by setting various HTTP headers.

composer headers http-headers laravel laravel-apps middleware php security

Last synced: 08 May 2025

https://github.com/codingo/Retrieve-Windows-Wifi-Passwords

Retreives the SSID names and passwords in cleartext for each Wifi network stored on the computer running this powershell script and output to JSON.

bash-bunny network-analysis penetration-testing powershell-adminscripts powershell-script security security-tools wifi wifi-hotspot wifi-network wifi-password wifi-security wireless wireless-hotspot wireless-network

Last synced: 29 Jul 2025

https://github.com/Azathothas/Arsenal

Hastly written Tools & Scripts for Personal Use Cases & Bug Bounties

bug-bounty bugbounty hacking recon recon-tools security security-tools tools

Last synced: 16 Feb 2026

https://github.com/agamm/claude-code-owasp

Claude Code skill for OWASP security best practices (2025-2026). Includes Top 10:2025, ASVS 5.0, Agentic AI security, and 20+ language-specific security quirks.

ai-security appsec asvs claude claude-code claude-skills owasp secure-coding security vulnerability

Last synced: 07 Apr 2026

https://github.com/mitre/aws-foundations-cis-baseline

InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark

aws aws-security cis cloud ia inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security

Last synced: 05 Apr 2025

https://github.com/syss-research/icestick-lpc-tpm-sniffer

FPGA-based LPC bus sniffing tool for Lattice iCEstick Evaluation Kit

attack fpga ice40 icestick it-security lpc security security-tools security-vulnerability sniffer sniffing tool

Last synced: 03 Jan 2026

https://github.com/lennolium/privacyshield

A comprehensive All-in-One AdGuard Filter List optimized for DNS level blocking of Ads, Analytics, Tracking, Malware & Scam.

ad-blocker adblock adguard ads analytics blacklist blocklist dns filter hosts malware phishing pi-hole privacy protection scam security tracking whitelist

Last synced: 24 Oct 2025

https://github.com/highflame-ai/ramparts

mcp scan that scans any mcp server for indirect attack vectors and security or configuration vulnerabilities

agent ai llm mcp modelcontextprotocol security

Last synced: 23 Jan 2026

https://github.com/elastic/silhouette

Keep it secret, keep it safe

security windows

Last synced: 09 Apr 2025

https://github.com/cipherstash/jseql

Encrypt and protect data using industry standard algorithms, field level encryption, a unique data key per record, bulk encryption operations, and decryption level identity verification.

data data-security encryption javascript postgres postgresql security typescript

Last synced: 09 Apr 2025

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 83 awesome-security 330 awesome-web-security 424 awesome-ctf 220 awesome-hacker-search-engines 564 awesome-privacy 635 android-security-awesome 230 awesome-incident-response 221 Awesome-WAF 175 DevSecOps 187 awesome-security-hardening 207 awesome-infosec 215 awesome-cybersecurity-blueteam 252 WebHackersWeapons 431 backend-cheats 961 awesome-vehicle-security 227 awesome-sec-talks 265 awesome-nodejs-security 219 awesome-game-security 92 awesome-cloud-security 154 awesome-iot-hacks 70 awesome-embedded-and-iot-security 131 alternative-frontends 119 DevSecOps 48 Awesome-FL 4,069 Awesome-Cybersecurity-Datasets 54 awesome-golang-security 34 awesome-windows-domain-hardening 70 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 311 osx-and-ios-security-awesome 58 awesome-llm-security 101 awesome-executable-packing 754 awesome-aws-security 173 awesome-lists 737 awesome-ethereum-security 81 Awesome-Jailbreak-on-LLMs 427 awesome-vulnerable-apps 97 awesome-he 90 MobileHackersWeapons 73 npm-security-best-practices 33 awesome-security-GRC 81 awesome-anti-forensic 143 security-apis 115 awesome-python-security 35 awesome-opa 226 awesome-runners 38 graph-adversarial-learning-literature 314 npm-security-best-practices 36
Security Categories
Uncategorized 3,617 fl in top-tier journal 3,220 :books: Literature 2,589 fl in top ml conference and journal 1,564 Tools 1,401 Pentesting 1,160 Operating Systems 1,118 Attack 1,063 カテゴリ 721 Other Lists 713 fl in top ai conference and journal 705 fl in top cv conference and journal 673 Papers 591 Weapons 499 Resources 492 Threat Hunting: 480 **Мероприятия** 457 Defense 442 Official 434 fl on graph data and graph neural networks 429