Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-01-16 00:29:24 UTC
- JSON Representation
https://github.com/Security-Onion-Solutions/securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
case-management cyber-security endpoint-security information-security intrusion-detection-system monitoring network-security security security-tools threat-hunting
Last synced: 06 Apr 2025
https://github.com/hyperdbg/hyperdbg
State-of-the-art native debugging tools
binary-analysis chip debug debugger debugging debugging-tool ept fpga hardware hook hwdbg hyperdbg hypervisor kernel-debugger logic-analyzer malware-analysis reverse-engineering security security-tools windows-kernel
Last synced: 13 May 2025
https://github.com/google/nsjail
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
chroot linux linux-namespaces process-isolation seccomp-bpf-policies security
Last synced: 23 Apr 2025
https://github.com/gwen001/pentest-tools
A collection of custom security tools for quick needs.
audit bash bugbounty bugbountytips enumeration hacking nmap pentesting php python recon sectools security security-tools
Last synced: 15 May 2025
https://github.com/DedSecInside/TorBot
Dark Web OSINT Tool
algorithm crawler dark-web dedsec-inside deepweb go hacking hacktoberfest osint projects psnappz python python-web-crawler python3 security security-tools spider tor tor-network torbot
Last synced: 31 Mar 2025
https://github.com/deepfence/secretscanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
containers devsecops docker hacktoberfest infosectools k8s kubernetes password scanning-tool secret-keys secrets secrets-detection secrets-management security security-tools vulnerability-scanners
Last synced: 23 Apr 2025
https://github.com/deepfence/SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
containers devsecops docker hacktoberfest infosectools k8s kubernetes password scanning-tool secret-keys secrets secrets-detection secrets-management security security-tools vulnerability-scanners
Last synced: 06 Apr 2025
https://github.com/withsecurelabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
attack blueteam chainsaw countercept detection dfir forensics logs rust security sigma threat-hunting windows
Last synced: 25 Jun 2025
https://github.com/0xsyr0/OSCP
OSCP Cheat Sheet
cheat-sheet cheatsheet offensive offensive-security offsec oscp oscp-guide oscp-plus penetration-testing pentesting security
Last synced: 29 Apr 2025
https://github.com/openziti/zrok
Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.
file-sharing golang network peer-to-peer reverse-proxy security zero-trust
Last synced: 13 May 2025
https://github.com/Pennyw0rth/NetExec
The Network Execution Tool
active-directory hacking infosec infosectools networks pentest pentest-tool pentest-tools pentesting python python3 red-team security security-tools windows
Last synced: 05 Apr 2025
https://github.com/google/honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Last synced: 19 Mar 2025
https://github.com/nabla-c0d3/ssl-kill-switch2
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.
blackbox cydia ios macos reverse-engineering security ssl ssl-pinning
Last synced: 15 May 2025
https://github.com/qdata/textattack
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master/
adversarial-attacks adversarial-examples adversarial-machine-learning data-augmentation machine-learning natural-language-processing nlp security
Last synced: 14 May 2025
https://github.com/QData/TextAttack
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master/
adversarial-attacks adversarial-examples adversarial-machine-learning data-augmentation machine-learning natural-language-processing nlp security
Last synced: 02 Apr 2025
https://github.com/unikraft/unikraft
A next-generation cloud native kernel designed to unlock best-in-class performance, security primitives and efficiency savings.
application cloud cloud-native hacktoberfest kernel library microservice operating-system os osdev performance qemu security unikernel unikernels unikraft virtualization
Last synced: 13 May 2025
https://github.com/openssh/openssh-portable
Portable OpenSSH
c cryptography file-sharing keychain login security
Last synced: 27 Mar 2025
https://github.com/kishikawakatsumi/UICKeyChainStore
UICKeyChainStore is a simple wrapper for Keychain on iOS, watchOS, tvOS and macOS. Makes using Keychain APIs as easy as NSUserDefaults.
Last synced: 02 Aug 2025
https://github.com/kishikawakatsumi/uickeychainstore
UICKeyChainStore is a simple wrapper for Keychain on iOS, watchOS, tvOS and macOS. Makes using Keychain APIs as easy as NSUserDefaults.
Last synced: 11 Apr 2025
https://github.com/buzzfeed/sso
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
aes authentication go oauth security sso
Last synced: 14 May 2025
https://github.com/PurpleI2P/i2pd
🛡 I2P: End-to-End encrypted and anonymous Internet
anonymity c-plus-plus communication cryptography i2p i2p-client openssl p2p privacy security vpn
Last synced: 15 Mar 2025
https://github.com/express-rate-limit/express-rate-limit
Basic rate-limiting middleware for the Express web server
api express express-js express-middleware nodejs rate-limiter rate-limiting rest-api security web
Last synced: 13 May 2025
https://github.com/decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
compound forensics macros malware-analysis ms-office-documents ole-files olefile parser pyparsing python python-library rtf security vba
Last synced: 14 May 2025
https://github.com/nanovms/nanos
A kernel designed to run one and only one application in a virtualized environment
edge microservice operating-systems osdev sandbox security unikernel unikernels virtualization
Last synced: 14 Jan 2026
https://github.com/0xsyr0/oscp
OSCP Cheat Sheet
cheat-sheet cheatsheet offensive offensive-security offsec oscp oscp-guide oscp-plus penetration-testing pentesting security
Last synced: 24 Feb 2025
https://github.com/chipsec/chipsec
Platform Security Assessment Framework
firmware firmware-security firmware-tools security security-tools
Last synced: 12 May 2025
https://github.com/jokob-sk/NetAlertX
🖧🔍 WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
arp-scan docker intrusion-detection ipam network-analysis network-security networking pi-hole security selfhosted wifi-network wifi-security
Last synced: 06 Apr 2025
https://github.com/milesmcc/shynet
Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.
a17t analytics django docker kubernetes monitoring noscript privacy python security self-hosted web-analytics
Last synced: 10 Apr 2025
https://github.com/expressgateway/express-gateway
A microservices API Gateway built on top of Express.js
api-gateway endpoints express-gateway express-middleware expressjs javascript microservice microservices oauth2 oauth2-server security service-discovery
Last synced: 13 May 2025
https://github.com/duffn/dumb-password-rules
A compilation of sites with dumb password rules.
hacktoberfest passwords security
Last synced: 13 May 2025
https://github.com/pallets/itsdangerous
Safely pass trusted data to untrusted environments and back.
hmac itsdangerous pallets python security serialization
Last synced: 11 Dec 2025
https://github.com/samsar4/ethical-hacking-labs
Practical Ethical Hacking Labs 🗡🛡
ethical-hacking-labs hacking linux penetration-testing pentesting security security-tools tutorial tutorials
Last synced: 15 May 2025
https://github.com/SUSE/Portus
Authorization service and frontend for Docker registry (v2)
containers docker docker-distribution rails ruby security
Last synced: 14 Mar 2025
https://github.com/suse/portus
Authorization service and frontend for Docker registry (v2)
containers docker docker-distribution rails ruby security
Last synced: 29 Sep 2025
https://github.com/legrandin/pycryptodome
A self-contained cryptographic library for Python
Last synced: 12 May 2025
https://github.com/dependencytrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection
Last synced: 13 May 2025
https://github.com/Samsar4/Ethical-Hacking-Labs
Practical Ethical Hacking Labs 🗡🛡
ethical-hacking-labs hacking linux penetration-testing pentesting security security-tools tutorial tutorials
Last synced: 05 Apr 2025
https://github.com/payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
application application-security bugbounty command command-injection injection linux macos os os-injection payload payload-list security security-research security-testing security-vulnerability unix vulnerability vulnerability-research windows
Last synced: 15 May 2025
https://github.com/ExpressGateway/express-gateway
A microservices API Gateway built on top of Express.js
api-gateway endpoints express-gateway express-middleware expressjs javascript microservice microservices oauth2 oauth2-server security service-discovery
Last synced: 21 Mar 2025
https://github.com/ulisesbocchio/jasypt-spring-boot
Jasypt integration for Spring boot
encryptable-properties encryption java java-8 java8 security spring spring-boot spring-boot-2 spring-boot-starter spring-boot2 web webapp website
Last synced: 13 May 2025
https://github.com/DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection
Last synced: 30 Mar 2025
https://github.com/crytic/echidna?tab=readme-ov-file
Ethereum smart contract fuzzer
ethereum evm fuzzer security smart-contracts solidity testing
Last synced: 08 Jul 2025
https://github.com/hardentools/hardentools
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Last synced: 31 Mar 2025
https://github.com/ph4ntonn/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
ctf ecc encrypt golang multi-hop pentest-tool pentesting port-forward redteam security security-tools socks5 ssh stowaway tunnel
Last synced: 30 Mar 2025
https://github.com/the-tcpdump-group/tcpdump
the TCPdump network dissector
auditing berkeley-packet-filter bpf bsd-packet-filter libpcap packet-capture pcap pcapng security sniffer tcpdump troubleshooting
Last synced: 14 May 2025
https://github.com/HyperDbg/HyperDbg
State-of-the-art native debugging tools
binary-analysis chip debug debugger debugging debugging-tool ept fpga hardware hook hwdbg hyperdbg hypervisor kernel-debugger logic-analyzer malware-analysis reverse-engineering security security-tools windows-kernel
Last synced: 08 Apr 2025
https://github.com/goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
containers docker go golang kubernetes linter security security-audit security-tools vulnerability
Last synced: 14 May 2025
https://github.com/jpcertcc/logontracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
active-directory blueteam dfir event-log javascript python-3 security visualization
Last synced: 14 May 2025
https://github.com/zegl/kube-score
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
analysis automation charts ci go hacktoberfest helm k8s kube-score kubernetes kubernetes-manifests kubernetes-monitoring linter security security-scanner static-code-analysis static-code-analyzer
Last synced: 14 May 2025
https://github.com/crytic/echidna
Ethereum smart contract fuzzer
ethereum evm fuzzer security smart-contracts solidity testing
Last synced: 13 May 2025
https://github.com/rizinorg/rizin
UNIX-like reverse engineering framework and command-line toolset.
debugging exploitation program-analysis reverse-engineering security
Last synced: 12 May 2025
https://github.com/airbnb/streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
analysis aws kinesis lambda rules security serverless terraform
Last synced: 15 May 2025
https://github.com/JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
active-directory blueteam dfir event-log javascript python-3 security visualization
Last synced: 09 Apr 2025
https://github.com/az0x7/vulnerability-checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability
Last synced: 23 Mar 2025
https://github.com/Legrandin/pycryptodome
A self-contained cryptographic library for Python
Last synced: 27 Mar 2025
https://github.com/inspec/inspec
InSpec: Auditing and Testing Framework
audit compliance devops devsec inspec security spec tdd tdd-utilities testing
Last synced: 01 Apr 2025
https://github.com/Az0x7/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability
Last synced: 31 Oct 2025
https://github.com/containerssh/containerssh
ContainerSSH: Launch containers on demand
containers devsecops docker kubernetes security security-tools ssh
Last synced: 12 Jan 2026
https://github.com/eteran/edb-debugger
edb is a cross-platform AArch32/x86/x86-64 debugger.
c-plus-plus capstone debugger edb linux ollydbg qt reverse-engineering security x86 x86-64
Last synced: 14 May 2025
https://github.com/pyllyukko/user.js
user.js -- Firefox configuration hardening
firefox mozilla mozilla-firefox privacy security security-hardening
Last synced: 15 Mar 2025
https://github.com/ContainerSSH/ContainerSSH
ContainerSSH: Launch containers on demand
containers devsecops docker kubernetes security security-tools ssh
Last synced: 15 Mar 2025
https://github.com/netflix/bless
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
aws bastion lambda python security serverless ssh ssh-certificates
Last synced: 11 Apr 2025
https://github.com/Netflix/bless
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
aws bastion lambda python security serverless ssh ssh-certificates
Last synced: 13 Mar 2025
https://github.com/opensc/opensc
Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend
c minidriver opensc pkcs11 security smartcard tokend
Last synced: 12 May 2025
https://github.com/ivRodriguezCA/RE-iOS-Apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
app-security ios online-course reverse-engineering security
Last synced: 26 Mar 2025
https://github.com/mgeeky/penetration-testing-tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools
Last synced: 15 May 2025
https://github.com/yamato-security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
attack cybersecurity detection dfir event forensics hayabusa hunting incident incident-response logs response rust security security-automation sigma threat threat-hunting windows yamato
Last synced: 03 Jul 2025
https://github.com/ivrodriguezca/re-ios-apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
app-security ios online-course reverse-engineering security
Last synced: 26 Mar 2025
https://github.com/grayddq/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
auditing security security-audit security-scanning security-tools vulnerability-scanning
Last synced: 14 Apr 2025
https://github.com/rubysec/bundler-audit
Patch-level verification for Bundler
bundler-audit dependency-checker patch-management ruby ruby-advisory-db security security-audit security-tools
Last synced: 14 May 2025
https://github.com/freach/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide
best-practice best-practices guide kubernetes security
Last synced: 24 Oct 2025
https://github.com/cliffe/secgen
Create randomly insecure VMs
ctf-challenges cybok labs provisioning randomization security security-vulnerability virtualization
Last synced: 02 Apr 2025
https://github.com/e-m-b-a/emba
EMBA - The firmware security analyzer
artificial-intelligence binary-analysis embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking infosec iot linux penetration-testing pentesting reverse-engineering sbom security security-tools static-analyzer vulnerability-scanner vulnerability-scanners
Last synced: 14 May 2025
https://github.com/mgeeky/Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools
Last synced: 30 Mar 2025
https://github.com/awnumar/memguard
Software sandbox for storage of sensitive information in memory.
crypto cryptography go golang memory security
Last synced: 12 Jan 2026
https://github.com/netflix-skunkworks/scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
Last synced: 17 Dec 2025
https://github.com/Netflix-Skunkworks/Scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
Last synced: 05 Apr 2025
https://github.com/cliffe/SecGen
Create randomly insecure VMs
ctf-challenges cybok labs provisioning randomization security security-vulnerability virtualization
Last synced: 05 Apr 2025
https://github.com/tracecathq/tracecat
Open source Tines / Splunk SOAR alternative. All-in-one automation platform (workflows, tables, cases) for security and IT teams.
automation cybersecurity event-driven fastapi incident-response llm low-code monitoring nextjs openapi orchestration pydantic security temporalio workflow-engine
Last synced: 08 Jan 2026
https://github.com/grayddq/gscan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
auditing security security-audit security-scanning security-tools vulnerability-scanning
Last synced: 02 Apr 2025
https://github.com/qihoo360/safe-rules
详细的C/C++编程规范指南,由360质量工程部编著,适用于桌面、服务端及嵌入式软件系统。
code-quality guidelines safe security
Last synced: 14 May 2025
https://github.com/blackjacx/wwdc
You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳
apple authentication darkmode design hacktoberfest ios ipad macos networking nfc safari security session swift swiftui tvos videos watchos wwdc
Last synced: 14 May 2025
https://github.com/Blackjacx/WWDC
You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳
apple authentication darkmode design hacktoberfest ios ipad macos networking nfc safari security session swift swiftui tvos videos watchos wwdc
Last synced: 08 May 2025
https://github.com/glauth/glauth
A lightweight LDAP server for development, home use, or CI
developer-tools go golang ldap ldap-server security
Last synced: 13 May 2025
https://github.com/denji/nginx-tuning
NGINX tuning for best performance
best-practices details nginx security tuning
Last synced: 15 May 2025
https://github.com/flipkart-incubator/astra
Automated Security Testing For REST API's
ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation
Last synced: 15 May 2025
https://github.com/WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
attack blueteam chainsaw countercept detection dfir forensics logs rust security sigma threat-hunting windows
Last synced: 27 Mar 2025
https://github.com/OpenSC/OpenSC
Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend
c minidriver opensc pkcs11 security smartcard tokend
Last synced: 16 Mar 2025
https://github.com/flipkart-incubator/Astra
Automated Security Testing For REST API's
ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation
Last synced: 26 Mar 2025
https://github.com/blackorbird/apt_report
Interesting APT Report Collection And Some Special IOC
apt cybersecurity malware security threat-hunting
Last synced: 14 May 2025
https://github.com/TracecatHQ/tracecat
The open source Tines / Splunk SOAR alternative for security and IT engineers. Built on simple YAML templates for integrations and response-as-code.
automation cybersecurity event-driven fastapi incident-response llm low-code monitoring nextjs openapi orchestration pydantic security temporalio workflow-engine
Last synced: 24 Mar 2025