An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/SAP-samples/risk-explorer-execution-pocs

A collection of proof-of-concepts in multiple languages and for different package managers, showcasing how third-party dependencies trigger code execution on downstream projects, leading to potential open-source software supply chain attacks.

proof-of-concepts sample security

Last synced: 10 Mar 2026

https://github.com/ryankurte/fwsig

packaging, signing, and verification for embedded firmware

embedded firmware security signing

Last synced: 04 Mar 2025

https://github.com/mxncson/pnpm-audit-html

A tool to generate an HTML report from pnpm audit.

audit html pnpm report security

Last synced: 12 Jan 2026

https://github.com/andstor/verified-smart-contracts-audit

:bug: Verified smart contract dataset with vulnerability labeling

dataset ethereum etherscan huggingface language-modeling security smart-contracts text-generation

Last synced: 19 Sep 2025

https://github.com/tegridydev/multi-agent-secops-llm

This project is a multi-agent security framework that utilizes multiple LLM models to analyze and generate comprehensive security briefs.

ai llm local localllm ollama secops security

Last synced: 11 Jul 2025

https://github.com/mjmccans/docker-socket-proxy

Docker socket proxy using Nginx for security.

docker docker-compose proxy security

Last synced: 23 May 2026

https://github.com/hhimanshu/google-oauth2-jwt-secure-api

Demonstrates how to write secure Web Applications using Google Oauth2 on client side and securing protected resources with JWT based token

full-stack google jwt oauth2 security spring-boot webapp

Last synced: 02 May 2025

https://github.com/didinj/springboot-security-mongodb-example

Spring Boot, Security, MVC, Data and MongoDB Login Example

data example login mongodb mvc security springboot

Last synced: 30 Jul 2025

https://github.com/eclipse-theia/security-audit

Automated Security Audit for Theia framework dependencies

audit eclipse-theia security theia theia-ide

Last synced: 11 Apr 2025

https://github.com/plabick/actions-secret-decoder

Decode secrets extracted with the GitHub Secret Extractor action

github-actions secrets security

Last synced: 31 Jul 2025

https://github.com/kyra-1/otw-banditgames

You can try the games provided here at the given link

basics cyber-security cybersecurity linux security securitybasics shell-scripting

Last synced: 16 Apr 2025

https://github.com/cpulvermacher/secret-scanner

Browser extension to scan web pages for API keys or passwords

browser-extension chrome-extension firefox-extension secret security security-tools web-development

Last synced: 17 May 2026

https://github.com/volkansah/sqlp-edu

Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

bypass cross-site-scripting ehtical-hacking-tools exploit exploitation explotation hacking hacking-tool hacking-tools penetration-testing pentesting phishing python security sql-xss vulnerability xss xss-attacks xss-exploitation xss-injection

Last synced: 11 Jul 2025

https://github.com/jesperancinha/your-finance-je

Using JWT in KumuluzEE. Two solutions are provided to understand how simple the JWT authentication/authorization system actually is.

angular java javascript jee jwt jwt-token kotlin kotlin-dsl kumuluzee material-ui security typescript

Last synced: 11 Jul 2025

https://github.com/reasonsoftware/security-group-manager

:closed_lock_with_key: AWS Security Group Management Lambda :closed_lock_with_key:

aws devops firewall lambda security whitelist

Last synced: 08 May 2025

https://github.com/trishankatdatadog/tuf-on-a-plane

Allegedly, a minimal, Pythonic TUF client can be written on a long flight. This was written after that flight, but hey, it's a shot.

security tuf updates

Last synced: 14 Apr 2025

https://github.com/kabragaurav/whaling-phishing

A demo of whaling attack in computer networks

cns networks phishing security whaling

Last synced: 02 Jan 2026

https://github.com/opcod3r/godan

Shodan tool subdomains with rotation keys.. 🎩

bugbounty bugbounty-tool golang pentest recon security shodan subdomains

Last synced: 18 Jun 2025

https://github.com/l0wk3y-iaan/hunting-with-l0wk3y

This repository documents my path from cybersecurity enthusiast to a skilled bug bounty hunter. Here, I share the tools, resources, techniques, and real-world insights I've gathered along the way, aimed at uncovering vulnerabilities and improving application security.

bounty bug-bounty bugbounty cheatsheet enumeration hacking methodology penetration-testing pentest redteam security vulnerability web-application web-penetration-testing

Last synced: 13 Sep 2025

https://github.com/sjinks/node-modsecurity

ModSecurity Connector for Node.js

modsec modsecurity security waf

Last synced: 10 Apr 2025

https://github.com/nickssilver/rsa-factoring-challenge

RSA (cryptosystem) is a public-key cryptosystem that is widely used for secure data transmission

encryption factorization python security

Last synced: 14 Apr 2025

https://github.com/Bilal-Belli/DictionaryWifiAttackTool

This repository presents a simple Python program for testing a large number of passwords (dictionary) to connect to a WiFi network.

dictionary-attack python security security-tools wifi-hacking wifi-security

Last synced: 14 Apr 2025

https://github.com/4m3rr0r/mac-changerpro

This is a bash script that can change the MAC address of either the eth0 or wlan0 network interface.

bash mac-address-changer mac-address-generator mac-cangerpro macaddress macchanger security

Last synced: 11 Apr 2025

https://github.com/humanjavaenterprises/nostr-auth-middleware

The nostr-auth-middleware repository offers a TypeScript-based middleware solution for managing authentication and enrollment in Nostr web applications. It supports NIP-07 compatible authentication, secure user enrollment, event validation, and JWT-based session management, with optional Supabase integration for data persistence.

authentication decentralized-protocols event-validation jwt middleware nostr security supabase web-applications

Last synced: 13 Jun 2025

https://github.com/co-browser/vibe

The Secure Browser for Programmable AI Agents

a2a agent ai ai-agents browser chatbot llm mcp memory rag security

Last synced: 24 Jun 2025

https://github.com/codingchili/sidechannel-timing-tool

Small tool for measuring system latency during string comparison.

network proof-of-concept security side-channel

Last synced: 06 Apr 2025

https://github.com/jonzeolla/lab-internetofinsecurity

An introductory lab to IOT device security.

information-security infosec iot iot-security lab security

Last synced: 09 Mar 2026

https://github.com/Popsiclestick/falco-filebeat-daemonset

Easily deployable daemonset which moves logs from falco with filebeat.

containers daemonset falco filebeat kubernetes security

Last synced: 12 May 2025

https://github.com/merci-libre/genpass-rs

A password management tool written in Rust. Generates Extended ASCII, ASCII, and alphanumeric strings, and uses steganography to store passwords into images as pixels.

cli cryptographically-secure linux modular password-generator password-manager rust security security-tools steganography windows

Last synced: 03 Apr 2026

https://github.com/kulkansecurity/mindthegap

A Python-based tool specifically designed for users to identify the "patch gap" in their Ubuntu release - the delay between the disclosure of a vulnerability and the patch release. By querying Ubuntu's CVE system, it provides a clearer picture of the current security standing of different Ubuntu versions.

cve patchgap security ubuntu

Last synced: 14 Mar 2025

https://github.com/alexrasch/virustotal-desktop-widget

VirusTotal Desktop Widget: A VirusTotal desktop widget for Windows that performs file scans and displays system information such as RAM and CPU usage. Note: An API key is required to use the VirusTotal API.

api desktop desktop-app dotnet-core security virustotal virustotal-api windowsforms

Last synced: 04 Jan 2026

https://github.com/idriz4work/cs50w

In CS50W, I'm gaining proficiency in the foundational aspects of full-stack web development. I working on numerous projects encompassing both frontend and backend components.CS50W (Web Development)

ci-cd css django git html javascript migrations models python react scalability security sql testing user-interface

Last synced: 18 Aug 2025

https://github.com/jwilk/vcsnoop

Linux virtual console snooping via TIOCLINUX

security

Last synced: 20 Mar 2025

https://github.com/thisdougb/go-fsvault

Easy to use filesystem datastore, with encryption, for Go

cli datastore encryption golang golang-cli golang-package security

Last synced: 02 Jan 2026

https://github.com/jokk-itu/authserver

Authorization server with OAuth 2.1 and OpenId Connect 1.0

csharp identity oauth2 oidc-server openid-connect security

Last synced: 09 Sep 2025

https://github.com/nkhmelni/obscura

An LLVM pass plugin for compile-time encryption of all primitive kinds of variables

arm64 code-protection compiler-plugin encryption llvm macos obfuscation security

Last synced: 07 Mar 2026

https://github.com/yhs0602/android-capstone-example

Example of capstone disassrmbly engine java bindings on android, using jna.

android capstone example-project java java-native-access jna reverse-engineering security tool tutorial

Last synced: 18 May 2026

https://github.com/customcommander/xss-lang

An experimental grammar for parsing XSS attacks

grammar javascript nearley parser security xss

Last synced: 25 Aug 2025

https://github.com/hockeyinjune/check-security

checksec for Windows

security verification windows

Last synced: 18 May 2026

https://github.com/redshiftzero/scrubber

Simple tool to scrub metadata from images ✨🛁

anonymity metadata security

Last synced: 30 Aug 2025

https://github.com/eriksjolund/empty-argv-segfault-check

Test if an executable segfaults when started with an empty argv. The script may be used as a vulnerability-scanner to find setuid executables having buggy code (but it will probably not find any direct security vulnerabilities).

security segfault setuid vulnerability-scanners

Last synced: 06 Apr 2025

https://github.com/edivangalindo/gistz

An easy way to dump gists

bugbounty osint red-team secrets security

Last synced: 25 Jan 2026

https://github.com/nathanhi/avrlarm

AVRlarm is an open source alarm system for 8-Bit Atmel CPUs (ATmega2560).

alarm avr burglar gsm gsm-based monitoring security sensor sms sms-notifications

Last synced: 10 Jul 2025

https://github.com/atbashee/jsf-renderer-extensions

Extensions on the JSF renderer to have advanced validation and security

java javaee jsf security validation

Last synced: 28 Jun 2025

https://github.com/msaadshabir/pci-segment

Go CLI for PCI-DSS network segmentation. Validates YAML policies, enforces via eBPF (Linux) or pf (macOS), syncs to AWS/Azure, and generates compliance reports.

audit-logging aws azure cli compliance ebpf golang network-policy network-seg pci-dss pf security

Last synced: 05 Apr 2026

https://github.com/usk6666/yorishiro-proxy

AI-native MITM proxy — MCP server for traffic interception, recording & replay

mcp-server mitm-proxy penetration-testing proxy security vulnerability-assessment

Last synced: 23 May 2026

https://github.com/ichhabrecht/devtools

Adds nice developer tools to your TYPO3 installation

changes developement extension integrity manager security typo3 typo3-cms typo3-extension

Last synced: 12 Apr 2025

https://github.com/marcjulian/pyoram

Crypto tool written in python which stores files on a cloud storage and disguises the access of the files

cloud-storage oram privacy python security

Last synced: 31 Mar 2025

https://github.com/numberly/windows-defender-textfile-exporter

Windows defender textfile exporter to use with windows_exporter

prometheus security windows windows-exporter windowsdefender

Last synced: 16 May 2025

https://github.com/parzibyte/ransomware-linux-gpg

Ejemplo de Ransomware en Linux usando GPG

bash-script gpg-encryption ransomware security

Last synced: 27 Jun 2025

https://github.com/timokoessler/easy-waf-data

This repository provides ip data for the Web Application Firewall EasyWAF.

javascript nodejs security typescript waf web-application-firewall

Last synced: 29 Oct 2025

https://github.com/sug0/git-signify

Harness the power of signify(1) to sign arbitrary git objects

cryptography git openbsd rust security signature signify

Last synced: 07 May 2025

https://github.com/giosil/saml-idp

Boilerplate for SAML Identity Provider implementation.

authentication java javaee saml saml-authentication saml-identity-provider saml-idp saml2 security

Last synced: 05 Nov 2025

https://github.com/stackitcloud/certbot-dns-stackit

The Certbot DNS-Stackit Authenticator Plugin is an advanced utility designed to streamline the acquisition of SSL/TLS certificates from Let's Encrypt with Certbot. This plugin facilitates automated certificate issuance and rejuvenation by employing the DNS-01 challenge protocol.

automation certbot-plugin cloud-services devops dns-01-challenge lets-encrypt python security ssl-certificates stackit

Last synced: 11 Feb 2026

https://github.com/lycanthropy3301/syncseed

An open-source, secure authentication module built using python. Uses a challenge-response system to authenticate users.

authentication contributions-welcome module open-source pip python python3 security

Last synced: 09 Apr 2026

https://github.com/isabellaalstrom/nd-motionsnapshot

Takes snapshots of your cameras and sends to discord

automation camera cameras discord hacs home-assistant netdaemon security snapshot

Last synced: 15 Apr 2026

https://github.com/tigera-solutions/cc-aks-strengthen-security-workshop

In this AKS-focused workshop, you will work with Calico Cloud to learn how to strengthen your Microsoft AKS cluster security posture.

aks azure cc regismartins security workshop

Last synced: 13 Apr 2025

https://github.com/graphtylove/python_with_tor

Repo to demonstrate how to use TOR with python.

python python3 sec security tor

Last synced: 11 Jun 2026

https://github.com/adhit-r/aran

Aran API Sentinel: Your AI-Powered API Security & Governance Platform

ai api cybersecurity ml security

Last synced: 09 Apr 2026

https://github.com/statcan/aaw-security-proposal

Proposal for the implementation of Protected B workloads in the Advanced Analytics Workspace

aaw daaas kubernetes security

Last synced: 01 Aug 2025

https://github.com/malikmaky/keemanager

KeeManager is a secure password and data management desktop application designed to help users securely store, manage, and access sensitive information.

encryption-decryption hash javascript key-der rust security svelte tailwindcss tauri tauri-app

Last synced: 11 Apr 2026

https://github.com/lreimer/hands-on-distroless

Demo repository to showcase the usage of Google's Distroless base images.

distroless docker example golang payara-micro security showcase spring-boot

Last synced: 23 Jul 2025

https://github.com/vstanchev/wafty

Simple firewall that prevents XSS, SQLi, filters by IP and blocks file uploads

go golang libinjection security waf

Last synced: 12 Jan 2026

https://github.com/0xirison/PrintNightmare-Patcher

A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]

cve-2021-34527 printnightmare python3 security security-tools vulnerability windows

Last synced: 12 Jul 2025

https://github.com/mitre/apache-tomcat-7-cis-baseline

(WIP) (ALPHA) InSpec Profile for the CIS Apache Tomcat v7 Benchmark

inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat tomcat7

Last synced: 21 Apr 2025

https://github.com/sylvainmouquet/pydantic2-settings-vault

A Pydantic v2 settings extension for secure configuration management using HashiCorp Vault OpenSource (OSS) and Enterprise

configuration enterprise hashicorp opensource pydantic python secrets-management security settings vault

Last synced: 02 Aug 2025

https://github.com/eth-sri/insec

Reproduction Package for "Black-Box Adversarial Attacks on LLM-Based Code Completion" [ICML 2025]

adverserial-attack code-completion llm security

Last synced: 23 Jul 2025

https://github.com/jonzeolla/lab-smartcontractsecurity

A lab that focuses on smart contract security

ethereum lab security smart-contract

Last synced: 18 Oct 2025

https://github.com/phptuts/starterbundleforsymfony

Startkit Bundle For Symfony Projects

guard security symfony

Last synced: 27 Apr 2026

https://github.com/bocaletto-luca/fileintegritychecker

FileIntegrityChecker Author: Bocaletto Luca FileIntegrityChecker is a Linux application written in Python with a Tkinter GUI that monitors critical files or entire directories by calculating and comparing their SHA256 hashes. By detecting any unauthorized modifications, it helps maintain file integrity and alerts you to changes. The project comes..

admin-tool bocaletto-luca english file-integrity-check file-integrity-checker gui italian linux monitor-critical-files multilanguages opensource python security security-tool sha256 tkinter

Last synced: 03 Aug 2025

https://github.com/nozaq/terraform-aws-parked-domain-baseline

A terraform module to set up DNS records to harden the parked(unused) domain using AWS Route53.

aws devops dns domain email-security hardening security security-hardening terraform terraform-module

Last synced: 17 Jul 2025

https://github.com/bxavaby/caligra

Linux CLI utility for sanitizing, analysing, and subverting file metadata

anonymization cli golang linux metadata opsec privacy security

Last synced: 19 Jul 2025

https://github.com/meinto/anonymous-api-auth-provider

Prevent unauthorised access of public endpoints by for example bots or bad clients.

auth authorization public-api security session-token

Last synced: 29 Mar 2025

https://github.com/catman85/arduino-gsm-pir-alarm

Arduino Uno + GSM Shield + PIR sensor = sweet simple alarm!

alarm arduino-uno gsm-shield physical pir-sensor security

Last synced: 05 Apr 2025

https://github.com/rodrigooler/rrmd

Rust + Rocket + MongoDB + Docker

api docker fast http mongo mongodb rocket rust security type

Last synced: 08 Apr 2026

https://github.com/volkansah/tor-scapy-application

This project is a simple example of using Stem and Scapy together to create an anonymized network analysis tool. The application can connect to a running Tor process or start a new one, send network packets through the Tor network, and rotate identities.

admins analytics defense hack hacking offensive python scapy script security stem tor wardrive

Last synced: 17 Aug 2025

https://mohamedabdallah-14.github.io/awesome-claude-hooks/

Production-ready Claude Code hooks: security guards, quality gates, automation, context injection, and starter packs. Tested, auditable, copy-paste installable.

ai-coding anthropic automation awesome-list claude claude-code developer-tools devtools hooks security shell

Last synced: 17 Jun 2026

https://github.com/jkribeiro/drupal-composer-paranoia-acquia

Experimental Composer plugin to improve the security of composer-based Drupal projects by moving all PHP files out of docroot for Acquia environments.

composer drupal drupal-8 security

Last synced: 23 Jun 2025