Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/alexander-pick/shannon_modem_loader

Exynos Modem / Shannon baseband firmware loader for IDA Pro 8.x/9.x

baseband ida-plugin ida-pro resarch reverse-engineering samsung security

Last synced: 21 Feb 2026

https://github.com/SeisoLLC/easy_infra

A docker container to simplify and secure the use of Infrastructure as Code (IaC)

aws azure cloud docker docker-container docker-image iac infrastructure infrastructure-as-code security seiso

Last synced: 31 Mar 2025

https://github.com/zubux/drydock

drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates

audit docker security

Last synced: 12 Apr 2025

https://github.com/simeononsecurity/standalone-windows-server-stig-script

Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.

compliance cyber hardening hardware-requirements microsoft mil nsacyber security security-hardening srg srgs-applied stigs windows

Last synced: 10 Jun 2025

https://github.com/codenoid/pc-auth-notifier

Someone tried to unlock your device

fcm-notifications flutter flutter-apps golang security

Last synced: 24 Oct 2025

https://github.com/WebDecoy/FCaptcha

Detect bots, vision AI agents, and headless browsers through 40+ behavioral signals and SHA-256 proof of work. Self-hosted, privacy-first, and fully open source.

anti-bot behavioral-analysis bot-detection captcha fingerprinting go headless-browser-detection nodejs open-source playwright-detection privacy proof-of-work puppeteer-detection python scraping scraping-protection security selenium-detector self-hosted web-security

Last synced: 27 Mar 2026

https://github.com/emirozer/nixarmor

nixarmor is a linux hardening automation project

hardening linux security shell

Last synced: 14 Oct 2025

https://github.com/gregmolnar/spektr

Static code analyser to find security issues in Rails applications

rails security

Last synced: 07 May 2025

https://github.com/slynova-org/fence

🔰 Framework-agnostic package who provides powerful ACL abilities to JavaScript

acl acl-abilities framework-agnostic javascript nodejs security

Last synced: 12 Apr 2025

https://github.com/wasmCloud/wascap

Embed, extract, and validate capability claims in JWTs for WebAssembly modules

ed25519 jwt security signature webassembly

Last synced: 23 Apr 2025

https://github.com/wire-elements/livewire-strict

Livewire Strict helps to enforce security measures and prevents you from leaving sensitive public properties unprotected.

laravel livewire security strictmode

Last synced: 05 Apr 2025

https://github.com/boundless-xyz/kailua

The Ultimate ZK Proving Software Suite for Securing OP Rollups

dispute-resolution evm kailua optimism rollups security zero-knowledge-proofs

Last synced: 20 Feb 2026

https://github.com/wolfssl/wolfssljni

wolfSSL JSSE provider and JNI wrapper for SSL/TLS, supporting up to TLS 1.3!

android c cipher-suites cryptography dtls iot-security java jni jsse ocsp openjdk openssl-alternative openssl-library security ssl tls tls-library tls13 wolfssl

Last synced: 03 Jan 2026

https://github.com/sethvargo/vault-demo

Walkthroughs and scripts for my @HashiCorp Vault talks

google-cloud hashicorp-vault modern-security security vault

Last synced: 30 Jul 2025

https://github.com/zuBux/drydock

drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates

audit docker security

Last synced: 10 May 2025

https://github.com/ubient/laravel-pwned-passwords

Simple Laravel validation rule that allows you to prevent or limit the re-use of passwords that are known to be pwned (unsafe). Based on TroyHunt's Have I Been Pwned (https://haveibeenpwned.com)

haveibeenpwned laravel password password-safety passwords php pwned pwned-passwords security validation

Last synced: 09 Jul 2025

https://github.com/nikolamilosevic86/owasp-seraphimdroid

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.

android-application defender machine-learning malware-detection malware-research owasp privacy security

Last synced: 12 Oct 2025

https://github.com/riscv-non-isa/riscv-ap-tee

This repo holds the work area and revisions of the non-ISA specification created by the RISC-V AP-TEE TG. This specification defines the programming interfaces (ABI) to support the Confidential VM Extension (CoVE) confidential computing architecture for RISC-V application-processor platforms.

confidential-computing confidential-vm h-extension security smmtt supervisor-domains tee tsm virtualization

Last synced: 15 Mar 2026

https://github.com/mobb-dev/bugsy

Automatic security vulnerability remediation for your code.

ai code-assistant mcp npm-package remediation security security-tools

Last synced: 15 Jan 2026

https://github.com/angelbarrera92/hasselhoffme

Hasselhoff will teach your colleagues to lock their computer when they are away.

hassellhoff hoff security wallpaper

Last synced: 15 May 2025

https://github.com/sammwyy/ddos-mitigation

Tips to mitigate and secure your large-scale server against DDoS attacks.

ddos ddos-attacks ddos-detection ddos-mitigation firewall iptables security ssh

Last synced: 19 Apr 2025

https://github.com/SAP-archive/btp-cf-cap-multitenant-susaas

Sample project that demonstrates how to setup a multitenant application for a software-as-a-service scenario using the SAP BTP Cloud Foundry environment. Developers learn how to implement their own CAP (mtxs) based SaaS app including an SaaS API and integration with various essential SAP BTP service offerings.

api-management btp-use-case-factory ci-cd cloud-foundry logging monitoring mtxs multitenancy odatav4 saas sample sample-code sap-btp sap-cap sap-fiori sap-fiori-elements sap-hana-cloud security

Last synced: 09 May 2025

https://github.com/simeononsecurity/Standalone-Windows-Server-STIG-Script

Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.

compliance cyber hardening hardware-requirements microsoft mil nsacyber security security-hardening srg srgs-applied stigs windows

Last synced: 06 May 2025

https://github.com/d00movenok/gomalleable

🔎🪲 Malleable C2 profiles parser and assembler written in golang

c2 cobalt-strike cybersecurity go golang malleable-c2 parser pentest pentesting redteam security

Last synced: 20 Jun 2025

https://github.com/venerasf/Venera

A modular exploitation framework extensible with Lua

exploit lua pentest pentest-tool qa-automation scanner security security-tools testing venera

Last synced: 27 Sep 2025

https://github.com/edoardottt/depsdev

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

blue-team cargo defensive-security dependency-management dependency-scanning dependency-security go go-module golang-module hacktoberfest maven npm nuget package-security pypi sbom sbom-generator security supply-chain supply-chain-management

Last synced: 14 Apr 2026

https://github.com/aziz0x48/xsmtp

xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.

bot crawler exploit exploit-scanner multithreading networking pentest-tool pentesting pentesting-tools portscan portscanner python python-exploits scanner-web security security-tools smtp smtp-cracker

Last synced: 16 Aug 2025

https://github.com/firefart/sandbox

Simple Windows Sandbox Configuration

analysis sandbox security

Last synced: 07 May 2025

https://github.com/arm-software/psa-api

Documentation source and development of the PSA Certified API

api attestation cryptography firmware-update iot security

Last synced: 14 Jun 2025

https://github.com/Rektoff/Security-Roadmap-for-Solana-applications

We created a cybersecurity Systematization of Knowledge for Solana applications and protocols. We call it the Solana Security Strategy: such a database would be hugely beneficial for anyone who wants to secure their product and learn security from the best-collected resources.

blockchain-security rust security security-testing solana solana-program solana-security testing

Last synced: 25 Mar 2025

https://github.com/OracleNep/Nday-Exploit-Plan

历史漏洞的细节以及利用方法汇总收集

cve-2021 cve-2022 cve-2023 cve-2024 exploit security vulnerability

Last synced: 07 Sep 2025

https://github.com/securityfirst/Umbrella_content

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

activism android content hacking infosec journalism safety security surveillance training umbrella

Last synced: 18 Jul 2025

https://github.com/asdf-community/asdf-plugin-manager

A plugin manager for the asdf version manager [maintainer=@aabouzaid]

asdf asdf-plugin security

Last synced: 11 Mar 2026

https://github.com/getify/elasi

EL/ASI: Encrypt Locally, Account Secure Interchange

apps encryption security

Last synced: 22 Apr 2025

https://github.com/rpamis/rpamis-security

rpamis-security, a mybatis encryption, decryption and desensitization component

mybatis mybatis-plus security spring-boot

Last synced: 01 Feb 2026

https://github.com/claustromaniac/httpz

Fat-free hardenable opportunistic encryption for Firefox

addon encryption extension firefox https privacy redirect security

Last synced: 16 Mar 2025

https://github.com/rode/rode-legacy

cloud native software supply chain ☁️🔗

cloud-native kubernetes security

Last synced: 21 Apr 2025

https://github.com/nextcloud/security-advisories

👮 Security advisories of Nextcloud

cve nextcloud security security-advisories

Last synced: 28 Feb 2025

https://github.com/ait-aecid/logdata-anomaly-miner

This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.

anomaly anomaly-detection cybersecurity detection hids ids intrusion-detection linux log-analysis logdata logging python security

Last synced: 10 Apr 2025

https://github.com/tranphuquy19/nestjs-ejs-mvc-boilerplate

My MRE project - built-in many features! NestJS framework

docker k8s nest nestjs nodejs postgresql security typeorm typescript

Last synced: 18 Jul 2025

https://github.com/ka0un/opprotector

Protect Operator Accounts And Prevent Unauthorized Access. Scan players for blacklisted permissions and unauthorized access

2fa mfa minecraft minecraft-plugin op paper-plugin security security-automation security-tools spigot staff-security

Last synced: 17 Mar 2025

https://github.com/codingo/dooked

DNS and Target HTTP History Local Storage and Search

bounties bug bugbounty bugbounty-tool infosec reconnaissance security security-tools

Last synced: 23 Apr 2025

https://github.com/flussonic/ssh-proxy

SSH proxy that allows support agents go to customers servers with using intermediate corporate SSH key

security ssh ssh-server

Last synced: 30 Mar 2025

https://github.com/Jipok/Jauth

Lightweight SSL/TLS reverse proxy with authorization(via Telegram and SSH) for self-hosted apps

authentication golang letsencrypt lightweight reverse-proxy security self-hosted sni ssh ssl ssl-proxy sso telegram tls

Last synced: 12 Apr 2025

https://github.com/ashwin-patil/threat-hunting-with-notebooks

Repository with Sample threat hunting notebooks on Security Event Log Data Sources

anaconda azure-data-explorer azure-data-lake datascience jupyter-notebook python r security threat-hunting wef

Last synced: 03 Aug 2025

https://github.com/hammackj/risu

Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.

nessus reporting ruby security xml-parser

Last synced: 17 Mar 2026

https://github.com/victoriadrake/link-snitch

:octocat: GitHub Action to scan your site for broken links so you can fix them 🔗

actions broken-links continuous-integration continuous-testing github-actions security

Last synced: 21 Mar 2025

https://github.com/anchore/k8s-inventory

Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use

anchore container-image containers docker go golang kubernetes security tool vulnerability

Last synced: 07 Apr 2025

https://github.com/cerberauth/awesome-openid-connect

OpenID Connect, the authentication protocol and identity layer on top of OAuth 2.0 used in many SSO and adopted in many social logins (Apple, Facebook, Google, ...etc). Find this curated list of providers, services, libraries, and resources to adopt it and know more about existing specs.

authorization awesome awesome-list ciam cybersecurity fapi iam identity oauth oauth2 oidc openid-connect openidconnect security

Last synced: 05 Sep 2025

https://github.com/Penglai-Enclave/Penglai-Enclave

This is the main repo for Penglai.

enclave risc-v security systems tee

Last synced: 20 Apr 2025

https://github.com/arch3rPro/SecurityRSS

A Collection of Security RSS Feeds OMPL 网络安全资讯RSS订阅源

cybersecurity opml rss-feed security

Last synced: 03 Apr 2026

https://github.com/pure-dns/puredns

How to secure your internet in Indonesia with pure DNS.

anonymized dns dns-over-https dns-over-quic dns-resolver dns-server dnscrypt internet privacy secure security

Last synced: 19 Jan 2026

https://github.com/theunknownsoul/htb-certified-bug-bounty-hunter-exam-cheetsheet

All cheetsheets with main information from HTB CBBH role path in one place.

bugbounty cheetsheet htb security

Last synced: 14 Apr 2025

https://github.com/fkie-cad/yapscan

Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.

golang memory security yara yara-scanner

Last synced: 12 Nov 2025

https://github.com/pkgdeps/update-github-actions-permissions

A CLI that update GitHub Actions's `permissions` automatically

github-actions permissions security tool

Last synced: 02 May 2025

https://github.com/beerisgood/mobile_security

a collection of differently important stuff about mobile phones

android ios linuxphone privacy security smartphone

Last synced: 13 Apr 2025

https://github.com/DigitallyRefined/docker-wireguard-tunnel

Connect two or more Docker servers together sharing container ports between them via a WireGuard tunnel

docker-tunnel encription security tunnel tunnel-client tunnel-server wireguard

Last synced: 19 Jul 2025

https://github.com/nccgroup/metadataplus

A tool to use novel locations to extract metadata from Office documents.

excel metadata office security word

Last synced: 26 Apr 2025

https://github.com/taviso/scanlimits

Tool to examine the behaviour of setuid binaries under constrained limits.

audit linux security

Last synced: 25 Mar 2025

https://github.com/mylamour/blog

Your internal mediocrity is the moment when you lost the faith of being excellent. Just do it.

blog machine-learning security security-architecture wisdom

Last synced: 27 Jan 2026

https://github.com/dazhengs/tools

a standalone toolkit supporting AES, SM4 encryption, RSA, SM2 encryption/sign/verify, hash,SM3 algorithms, encoding, and password generation—all offline and secure. 这是一个支持AES、SM4加密,RSA、SM2 签名/验签,哈希算法,SM3,编码与密码生成的独立工具箱,可断网运行,确保安全性。

encryption-decryption hashing offline-tool random-password-generator security

Last synced: 11 May 2025

https://github.com/yuawn/mediatek-fuzzing-workshop

MediaTek Fuzzing Workshop in HITCON 2021

automation education fuzzing security testing workshop

Last synced: 15 Aug 2025

https://github.com/fcmam5/jelban-js

Another email addresses filter; filters out disposable and addresses' alias

antispam email gmail security

Last synced: 19 Aug 2025

https://github.com/Aditya-dom/moonwalk-back

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

exploit linux security testing

Last synced: 08 Apr 2025

https://github.com/giantswarm/starboard-exporter

A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).

kubernetes prometheus prometheus-exporter security starboard trivy trivy-operator

Last synced: 21 Jan 2026

https://github.com/dsopas/rfd-checker

RFD Checker - security CLI tool to test Reflected File Download issues

bugbounty golang infosec pentest rfd security

Last synced: 11 Jul 2025

https://github.com/advboxes/perceptron-benchmark

Robustness benchmark for DNN models.

adversarial-machine-learning benchmarking security

Last synced: 04 Apr 2025

https://github.com/ronin-rb/ronin-vulns

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

hacktoberfest lfi open-redirect pentest-tool pentesting rfi ronin-rb ruby security sql-injection sqli ssti vulnerability-detection vulnerability-scanners web-security xss

Last synced: 05 Apr 2025

https://github.com/rednaga/frida-stack

Getting better stacks and backtraces in Frida

android frida reverse-engineering security stacks

Last synced: 27 Feb 2026

https://github.com/edoardottt/companies-hiring-security-remote

List of companies that hire security people full remote.

job job-search jobs jobs-search remote remote-work remote-working security work

Last synced: 02 Mar 2026

https://github.com/sorkila/lockpaw

Cover your Mac screen with a hotkey while AI agents keep running. Free, open source, 3.4 MB, Touch ID unlock.

ai-agents developer-tools hotkey macos macos-app macos-menubar menu-bar menubar open-source privacy screen-lock screen-privacy security swift swiftui touch-id utilities utility

Last synced: 02 Apr 2026

https://github.com/secdec/attack-surface-detector-zap

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

dast pentesting security vulnerability

Last synced: 10 May 2025

https://github.com/sap/fosstars-rating-core

A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.

calculating-ratings java scores security security-rating security-risks security-tools

Last synced: 06 Apr 2025

https://github.com/verifynpm/tbv

Package verification for npm

javascript npm security

Last synced: 05 May 2025

https://github.com/bes2008/langx-java

Java tools, helper, common utilities. A replacement of guava, apache-commons, hutool

aop classpath collection common cron csv diff helper idgenerator java pinyin pipeline reflect reflection repository security stream timer tools

Last synced: 10 Apr 2025

https://github.com/supabase/supautils

PostgreSQL extension that secures a cluster on a cloud environment

postgresql postgresql-extension roles security

Last synced: 09 Apr 2025

https://github.com/jeromer/mumbojumbo

Obfuscates golang strings

golang obfuscation security

Last synced: 12 Mar 2026

https://github.com/SAP/fosstars-rating-core

A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.

calculating-ratings java scores security security-rating security-risks security-tools

Last synced: 03 Apr 2025

https://github.com/chainreactors/zombie

a weak weak pass tool

redteam security security-tools

Last synced: 07 May 2025

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 83 awesome-security 330 awesome-web-security 424 awesome-ctf 220 awesome-hacker-search-engines 564 awesome-privacy 635 android-security-awesome 230 awesome-incident-response 221 Awesome-WAF 175 DevSecOps 187 awesome-security-hardening 207 awesome-infosec 215 awesome-cybersecurity-blueteam 252 WebHackersWeapons 431 backend-cheats 961 awesome-vehicle-security 227 awesome-sec-talks 265 awesome-nodejs-security 219 awesome-game-security 92 awesome-cloud-security 154 awesome-iot-hacks 70 awesome-embedded-and-iot-security 131 alternative-frontends 119 DevSecOps 48 Awesome-FL 4,069 Awesome-Cybersecurity-Datasets 54 awesome-golang-security 34 awesome-windows-domain-hardening 70 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 311 osx-and-ios-security-awesome 58 awesome-llm-security 101 awesome-executable-packing 754 awesome-aws-security 173 awesome-lists 737 awesome-ethereum-security 81 Awesome-Jailbreak-on-LLMs 427 awesome-vulnerable-apps 97 awesome-he 90 MobileHackersWeapons 73 npm-security-best-practices 33 awesome-security-GRC 81 awesome-anti-forensic 143 security-apis 115 awesome-python-security 35 awesome-opa 226 awesome-runners 38 graph-adversarial-learning-literature 314 npm-security-best-practices 36
Security Categories
Uncategorized 3,617 fl in top-tier journal 3,220 :books: Literature 2,589 fl in top ml conference and journal 1,564 Tools 1,401 Pentesting 1,160 Operating Systems 1,115 Attack 1,063 カテゴリ 721 Other Lists 713 fl in top ai conference and journal 705 fl in top cv conference and journal 673 Papers 591 Weapons 499 Resources 492 Threat Hunting: 480 **Мероприятия** 457 Defense 442 Official 434 fl on graph data and graph neural networks 429