An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/turbot/steampipe-export

Steampipe Export is a zero-ETL CLI to fetch data from cloud services and APIs. Hundreds of plugins with thousands of documented examples.

aws azure backup data devsecops etl gcp golang kubernetes security steampipe steampipe-engine zero-etl

Last synced: 31 Jul 2025

https://github.com/riteshpuvvada/anonymous-board

Create a forum, chat or replay anonymously.

anonymous-chat board helmetjs javascript message mocha node-js security

Last synced: 12 Oct 2025

https://github.com/andrew-tsegaye/password_generator

A simple password generator app is a helpful tool for anyone who wants to improve the security of their online accounts and protect their sensitive information from potential breaches.

css3 html5 javascript password-generator security

Last synced: 28 Jul 2025

https://github.com/badchars/cve-mcp

23-tool MCP server for CVE & vulnerability intelligence. NVD, EPSS, CISA KEV, GitHub Advisory, OSV — unified in one server. Risk scoring, bulk triage, exploit search. 2 dependencies, runs with npx.

ai-security cisa claude cve cvss cybersecurity epss ghsa kev mcp model-context-protocol nvd osv pentesting security vulnerability vulnerability-intelligence

Last synced: 30 Jun 2026

https://github.com/mablanco/docker-reconftw

Docker image for reconftw, a simple script intended to perform a full recon on an objective with multiple subdomains

docker pentesting security

Last synced: 11 Jul 2025

https://github.com/katexochen/govulncheck-nixpkgs

Scanning nixpkgs for vulnerabilities in Go packages

go golang nix nixos nixpkgs security

Last synced: 26 Oct 2025

https://github.com/JannisHoch/copro

(ML) model for computing conflict risk from climate, environmental, and societal drivers.

climate conflict environment projection risk security

Last synced: 20 Jul 2025

https://github.com/potato-industries/dartrs

portable dart based reverse shell

dart reverse-shell security

Last synced: 24 Oct 2025

https://github.com/mnavarrocarter/authorize-aws-security-group-ingress-action

A Github Action that allows you to create temporary inbound rules for an AWS Security Group

aws ec2 ip security security-group-rules security-groups ssh vpc

Last synced: 05 Sep 2025

https://github.com/dbus2/zbus_polkit

PolicyKit zbus proxy

policykit security unix zbus

Last synced: 07 Oct 2025

https://github.com/geritol/write-guard

Github Action to enforce file level write access for monorepos

access-control github-actions monorepos security

Last synced: 14 Jan 2026

https://github.com/schooloffreelancing/ubuntu-server-hardening

Ubuntu server hardening standards for defending ubuntu Linux systems and data against Cyberattacks. The best security measures GitHub repository based on CIS Benchmark.

cis-benchmarks firewall hackproof-ubuntu linux security ubuntu-hardening ubuntu-server-hardening

Last synced: 22 Apr 2025

https://github.com/turbot/steampipe-mod-terraform-azure-compliance

Run compliance and security controls to detect Terraform Azure resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

azure compliance hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 22 Apr 2025

https://github.com/firesphere/silverstripe-haveibeenpwnd

Check user passwords and emails against the HaveIBeenPwnd database

hacktoberfest haveibeenpwned password security silverstripe silverstripe-4 silverstripe-module

Last synced: 07 Oct 2025

https://github.com/unlock-security/wshell

A handy interactive shell through {code,command,template} injection

ctf-tools penetration-testing penetration-testing-tools rce security security-tools shell webshell

Last synced: 18 Jan 2026

https://github.com/rezmoss/network-vulnerability-scanner

Build a network vulnerability scanner from scratch in Go, port scanning, service detection, and vulnerability identification. Full walkthrough

cybersecurity go golang infosec networking penetration-testing port-scanner security tutorial vulnerability-scanner

Last synced: 12 Jun 2026

https://github.com/cipherstash/protectjs

Encrypt and protect data using industry standard algorithms, field level encryption, a unique data key per record, bulk encryption operations, and decryption level identity verification. Powered by CipherStash Encryption.

data data-security encryption javascript postgres postgresql security typescript

Last synced: 29 Oct 2025

https://github.com/turbot/flowpipe-mod-aws

AWS pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect AWS to the people, systems and data that matters.

automation aws aws-cli cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 03 Jul 2025

https://github.com/mishal/jwt

JWT (JSON Web Tokens) for PHP

json jwt php security webtoken

Last synced: 09 Mar 2026

https://github.com/listendev/lstn

A CLI tool to analyze the behavior of your dependencies using listen.dev

behavioral-analysis dependencies npm o11y security software-supply-chain-security

Last synced: 05 Sep 2025

https://github.com/1hehaq/oty

Oty is a fast, customizable, CLI tool designed to streamline your Bug Bounty and Pentesting workflows. Powered by a simple yet flexible YAML based DSL, Oty allows you to integrate your tools into it

automation bugbounty developer devops pentest security

Last synced: 26 Jan 2026

https://github.com/dye-tech/gatekey

GateKey is a zero-trust VPN solution that wraps OpenVPN. Users authenticate via their company's identity provider (Okta, Azure AD, etc.) and get short-lived VPN credentials automatically. No passwords to remember, no certificates to manage.

helm identity-management kubernetes oidc openvpn security self-hosted sso vpn wireguard zero-trust

Last synced: 30 May 2026

https://github.com/plume-org/rocket_csrf

Rocket fairing for automatic csrf protection

csrf fairing rocket rust security web

Last synced: 13 May 2025

https://github.com/built-fast/phpstan-sensitive-parameter

PHPStan extension for detecting parameters that should use SensitiveParameter

code-quality php phpstan phpstan-extension security sensitive-parameter static-analysis

Last synced: 13 Jan 2026

https://github.com/qiwi/masker

Composite data masking utility

security

Last synced: 27 Apr 2025

https://github.com/djadmin/fort

macOS CLI: endpoint security audit + SOC 2 readiness reports

cli compliance devops endpoint-security golang hardening iso27001 macos security soc2

Last synced: 11 Jun 2026

https://github.com/manavalan2517/login-and-register-system-in-python

This Python script is a comprehensive solution for managing user authentication, which includes both registration and login functionalities. It utilizes a local JSON file to store user credentials securely.

authentication interactive json py3 python realtime regex security terminal user-management

Last synced: 04 Jul 2025

https://github.com/robertdebock/ansible-role-tailscale

Install and configure tailscale on your system.

ansible molecule network networking playbook security tailscale tox vpn

Last synced: 05 Oct 2025

https://github.com/codestates-seb/seb39_main_013

고오급 남성 쇼핑몰 STATE MALL 입니다 https://statemall.click/

jpa mysql react reactquery security spring-boot styled-components

Last synced: 13 Apr 2025

https://github.com/ege-erdogan/splitguard

Supplementary code for the paper "SplitGuard: Detecting and MitigatingTraining-Hijacking Attacks in Split Learning"

machine-learning privacy security split-learning

Last synced: 13 Aug 2025

https://github.com/tomiok/vaultik

Vaultik is a cloud agnostic secret manager that helps developers to create, read, update and delete variables and easily export to a remote location or any cloud. Avoid using environment variables and these are fully encrypted.

cloud cloud-computing cobra encryption environment-variables go golang secret secret-management secrets secrets-management secure secure-storage security security-tools

Last synced: 28 Oct 2025

https://github.com/cedricbonhomme/ip-link

Visualizing the relationships between different IP from network traffic capture.

circos network-traffic-capture pcap python security visual-analysis visualisation

Last synced: 14 Apr 2025

https://github.com/pforret/bumpkeys

Upgrade your SSH keys for better security

bash bashew crypto ecdsa ed25519 rsa security security-audit ssh ssh-key

Last synced: 10 Apr 2025

https://github.com/apetenchea/earl

Evaluate Application Risk Level

android malware-detection security tensorflow

Last synced: 14 May 2025

https://github.com/arcxteam/na0ris-node

Naoris Protocol is the world's first Decentralized Security Layer designed for system and data reliability across Web2 & Web3 architecture

ai cyber-security depin naoris naoris-network post-quantum security web3

Last synced: 15 Apr 2025

https://github.com/josehelps/blackcert

Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also checks if any domain changes with that keyword look like a phishing domain.

certificate monitoring security

Last synced: 14 Apr 2025

https://github.com/dominicbreuker/goncat

netcat-like CLI tool with advanced features for bind/reverse shells

bind-shell golang offsensive-security pentesting port-forwarding pty reverse-shell security tunneling

Last synced: 11 Apr 2025

https://github.com/dhruvpatel-7/loginregister-try

Login and register In Angular using Api , Validation , JWT token and refresh token

angular jwt-authentication refresh-token security

Last synced: 04 Oct 2025

https://github.com/alphaville/safemsg

SafeMessage - Secure web-based message exchange system

encryption javascript message-exchange secure-by-default security

Last synced: 10 Apr 2025

https://github.com/volkansah/implementing-ai-systems-whitepaper

This whitepaper provides best practices and concrete examples for the secure implementation of artificial intelligence in web applications. It covers topics such as security, data protection, ethics, AI models and algorithms, development process, user training, and regulation.

ai api artificial-intelligence artificial-neural-networks chatgpt gpt gpt4 how-to security whitepaper whitepapers

Last synced: 12 Sep 2025

https://github.com/apocas/wireguarode

Wireguard with ACLs and TOTP 2FA

acls iptables javascript nodejs security vpn wireguard

Last synced: 03 Oct 2025

https://github.com/badisi/auth-js

🛡️ Authentication and authorization support for web based desktop and mobile applications

angular auth authentication authn authorization capacitor cordova hybrid identity ionic mobile oauth oauth2 oidc openid openidconnect security web

Last synced: 12 Apr 2025

https://github.com/tspascoal/dependabot-alerts-helper

A set of (simple) scripts to help manage dependabot alerts

dependabot scripts-collection security

Last synced: 07 May 2025

https://github.com/theakito/userdef

A more advanced adduser for your Alpine based Docker images.

alpine docker linux musl permissions security

Last synced: 10 Aug 2025

https://github.com/k4yt3x/ssh_config

K4YT3X's Hardened OpenSSH Client Configuration

hardening linux openssh security ssh

Last synced: 29 Oct 2025

https://github.com/m3nu/wp-audit

Audit the versions of your Wordpress sites to find old, vulnerable versions.

golang security security-audit security-tools wordpress

Last synced: 24 Oct 2025

https://github.com/fusion/crystalvault

A zero-knowledge server to store and share secrets: credentials, keys, etc.

browser crystal javascript pgp secret-management secrets security vault zero-knowledge

Last synced: 14 Apr 2025

https://github.com/actions-rust-lang/audit

Audit Rust Dependencies using the RustSec Advisory DB

cargo-audit ci github-actions hacktoberfest rust rust-lang rustsec security

Last synced: 10 Apr 2025

https://github.com/sk3pp3r/devsecops-arsenal

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

cybersecurity devops devsecops devsecops-pipeline infrastructure sdlc security ssdlc

Last synced: 12 Jan 2026

https://github.com/thecalcaholic/bash-utils

Various shell script utilities I've come to write over the years to make life easier

bash csv dyndns gcp gsutil inotify iperf3 keepass-mounter nautilus networking pulseaudio security utility

Last synced: 15 May 2025

https://github.com/mh37/Argos

A passive WiFi tracking and profiling based on probe request frames.

linux pentesting probe-requests python reconnaissance security sniffing tracking wifi wireless

Last synced: 23 Jul 2025

https://github.com/rifuki/dokuru

Agent-based Docker security audit platform with CIS Benchmark v1.8.0 compliance. Real-time WebSocket monitoring, automated vulnerability scanning, and interactive remediation

audit cis-benchmark compliance container container-security docker security

Last synced: 28 Jun 2026

https://github.com/contextforge-org/cpex

A composable enforcement framework for AI agents and toolchains

a2a agents ai extensibility framework hooks library llm mcp plugins safety security tools

Last synced: 27 Jun 2026

https://github.com/cristianzsh/chromepass

:mag: A simple script to show your Chrome passwords

chrome crack-hash google-chrome password password-cracker python security

Last synced: 17 Jul 2025

https://github.com/iowacomputergurus/dnntelerikidentifier

This is a utility module designed to look at all loaded assemblies and identify any that might have a dependency on Telerik. Designed to help individuals understand the risk of removing Telerik from DNN Platform

dnn dnncms dotnetnuke hacktoberfest security

Last synced: 19 Apr 2025

https://github.com/elastic/llm-detection-proxy

A proxy tool for detecting and logging LLM queries to Elasticsearch.

elastic enrichment flask kibana llm proxy security

Last synced: 13 Jul 2025

https://github.com/namuan/oauth2-proxy-httpbin

Secure applications using OAuth2 Proxy

docker docker-compose httpbin oauth2 security

Last synced: 19 Apr 2025

https://github.com/virb3/winsock-dump-proxy

A proxy DLL for Windows to dump Windows Socket connections

dll dump proxy reverse-engineering security windows winsock

Last synced: 24 Jun 2026

https://github.com/cityofnewyork/nyco-wp-boilerplate

Local development suite for creating and running instances of WordPress sites and managing them on WP Engine. Maintained by @NYCOpportunity

composer docker nyc-opportunity nycopportunity security wordpress wp-cli wp-engine wpengine

Last synced: 12 May 2025

https://github.com/jorianwoltjer/subsolver

CLI tool to Solve Substitution Ciphers using a wordlist

cli crypto security solver substitution-cipher wordlist

Last synced: 13 Jun 2025

https://github.com/sub1to/ctninja

Compile-time string encryption and import obfuscation for Windows PE32(+) binaries

compile compile-time cplusplus encryption imports joaat joaat64 ninja obfuscation pe32 pe32plus peb peb-walking security stealth string time windows xorstr

Last synced: 19 Apr 2025

https://github.com/turbot/steampipe-mod-github-compliance

Run individual controls or full compliance benchmarks for across all of your GitHub resources using Powerpipe and Steampipe.

cis cis-benchmark compliance github hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod

Last synced: 22 Apr 2025

https://github.com/turbot/steampipe-mod-alicloud-compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your Alibaba Cloud accounts using Powerpipe and Steampipe.

alibaba-cloud alibabacloud alicloud cis cis-benchmark compliance hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod

Last synced: 22 Apr 2025

https://github.com/port19x/deadsniper

A fast, specialized dead-link checker

broken-links dead-links github-actions security seo seo-optimization

Last synced: 01 Apr 2025

https://github.com/bcrowe/cakephp-encrypted-type

:lock_with_ink_pen: CakePHP plugin that provides field-level (column) encryption within the application layer before data is stored or transmitted to the database, supporting regulatory compliance, zero-trust security, end-to-end encryption, and contextual awareness.

cakephp cakephp-plugin data-encryption data-security database encryption end-to-end-encryption field-level-encryption field-level-security gdpr hipaa pci pci-compliance pci-dss php regulatory-compliance security zero-trust zero-trust-security

Last synced: 08 Mar 2026

https://github.com/cryxnet/cve-2022-42889-rce

Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability)

cve-2022-42889 exploit exploits poc security vulnerability

Last synced: 27 Dec 2025

https://github.com/serverfarmer/compliance

Tools related to Server Farmer compliance with GDPR, PCI DSS, HIPAA and/or other regulations.

compliance gdpr hipaa linux pci-dss security server-management

Last synced: 12 Jul 2025

https://github.com/smeso/sara

S.A.R.A. development branch. Rebased often. Use at your own risk.

hardening kernel linux lsm sara security

Last synced: 14 Jun 2026

https://github.com/belane/codeauditor

Take notes and categorize issues during a source code audit.

audit code-audit security vscode vscode-extension

Last synced: 12 May 2025

https://github.com/saveourtool/osv4k

Kotlin and Java serialization schema for OSV

java kotlin osv security

Last synced: 23 Apr 2025

https://github.com/swirrl/nvd-clojure-gh-action

Automated Github Action to automate scanning of Clojure projects for known vulnerabilities in the National Vulnerability Database

clojure github-action nvd security security-audit vulnerability vulnerability-scanner

Last synced: 28 Feb 2025

https://github.com/hqarroum/arp-spoofer

👾 A command-line tool to easily run a man-in-the-middle attack leveraging ARP cache poisoning.

arp-cache-poisoning man-in-the-middle-attack rust security

Last synced: 19 Apr 2025

https://github.com/louib/nix2sbom

nix2sbom extracts the CycloneDX and SPDX SBOM (Software Bill of Materials) from a Nix derivation

cyclonedx github-actions nix nixos purl sbom sbom-generator security software-bill-of-materials spdx supply-chain supply-chain-security

Last synced: 24 Mar 2025

https://github.com/apriorit/simple-dll-injection-protect

Simple DLL injection protect with the idea of hooking the LoadLibrary function and failing it if it is a call for an unauthorized DLL.

api api-hooking attack-defense dll-injection protection security

Last synced: 10 Apr 2025

https://github.com/mini-ware/file-locker

Keep your files obfuscated by locking them with XOR encryption

cli encryption hacking linux password security shell xor

Last synced: 03 Oct 2025