An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/dina-heidar/saml2-authentication

A dotnet tool used to authenticate and logout using SAML2. It implements SAML Web SSO (HTTPGet, HTTPPost, Artifact), Logout (HTTPGet, HTTPost) profile message flows and bindings.

aspnetcore authentication dotnet identity netcore netstandard saml2 security slo sso

Last synced: 14 Jan 2026

https://github.com/zebrunner/carina-crypto

Cryptographic Java Library. Provides an interface for encrypting / decrypting based on Cipher. Part of the Carina Framework

carina carina-framework cryptography java security

Last synced: 30 Apr 2025

https://github.com/praveensirvi1212/jenkins_sonarqube_basic_project

DevSecOps Project using git, GitHub, Jenkins and sonarqube

cicd codequality jenkins-pipeline security sonarqube

Last synced: 16 Oct 2025

https://github.com/zebbern/reconx

🕷️ | ReconX is a Live-Website Crawler made to gather critical information with an option to take a picture of each site crawled!

crawler hacking information-gathering information-retrieval information-security livedata opsec osint osint-tool pentest python python-crawler search-engine security security-tools website website-crawler website-scraper website-security

Last synced: 03 Jul 2025

https://github.com/ahmed-alnassif/metasploit-termux-installer

The Metasploit-Termux-Installer script automates the setup of Metasploit Framework on Termux, enabling penetration testing on Android. It updates packages, installs dependencies, fetches Metasploit, and configures the environment for seamless use, allowing you to run Metasploit tools like `msfconsole` directly from your terminal.

ahmed-al-nassif android automation bash-script cybersecurity ethical github hacking installation-guide metasploit metasploit-framework penetration-testing script security termux vulnerability-assessment

Last synced: 09 Mar 2026

https://github.com/saed-gpr/file-deleter

this tool can delete all file (or just .psd file or another)!! you can open the "file deleter.py" with vscode and edit it how you like!

file-deleter python python-virus python3 saed-gpr security security-tools simple-virus tools virus

Last synced: 24 Feb 2026

https://github.com/oefenweb/ansible-apparmor

Ansible role to remove apparmor in Debian-like systems

ansible apparmor debian security ubuntu

Last synced: 13 Jul 2025

https://github.com/macmod/bloodhelpers

A simple set of JQ scripts to gather important info from BloodHound dumps and store them in greppable CSV files.

active-directory bloodhound csv infosec jq script security security-tools

Last synced: 09 Feb 2026

https://github.com/wayandway/spa

👾 STEALIEN SSL : Static Program Analysis for Black-Box Vulnerability Discovery

security static-analysis

Last synced: 17 Jan 2026

https://github.com/x13a/fschk

List persistence items on macOS.

macos osx security swift

Last synced: 27 Feb 2025

https://github.com/glowyphp/csrf

Csrf Package provides Cross Site Request Forgery protection by comparing provided token with session token to ensure request validity.

csrf glowy glowyphp package php php-package security

Last synced: 02 May 2025

https://github.com/binorassocies/bro-scripts

Bro IDS useful scripts

bro-ids security smtp x509

Last synced: 04 Feb 2026

https://github.com/grapheneos-archive/kernel_google_crosshatch_drivers_staging_qcacld-3.0

Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL Wi-Fi kernel driver sources.

android grapheneos security

Last synced: 04 Oct 2025

https://github.com/hollobit/wg3_tcm

a matrix to provide the clarified definition and relationship information of trustworthiness characteristics between in the AI/ML standards

accountability ai bias consistency controllability effectiveness explainability integrity ml quality reliability risk robustness security testing traceability transparency trust trustworthiness vulnerability

Last synced: 29 May 2026

https://github.com/qtsolv/laravel-auditors

Record created by, updated by and deleted by on Eloquent models automatically.

eloquent laravel php security

Last synced: 12 Apr 2025

https://github.com/timokoessler/easy-waf-data

This repository provides ip data for the Web Application Firewall EasyWAF.

javascript nodejs security typescript waf web-application-firewall

Last synced: 29 Oct 2025

https://github.com/bombinisecurity/bombini

WIP: eBPF security monitoring agent based on Aya

aya bpf ebpf security

Last synced: 21 Sep 2025

https://github.com/dariomonopoli-dev/codegate-cli

Zero Trust Runtime for AI Agents. Isolates pip install in Firecracker MicroVMs to prevent slopsquatting and hallucinated package attacks.

devsecops llm malware-detection python security supply-chain

Last synced: 14 Jan 2026

https://github.com/marcjulian/pyoram

Crypto tool written in python which stores files on a cloud storage and disguises the access of the files

cloud-storage oram privacy python security

Last synced: 31 Mar 2025

https://github.com/roptat/hayha

Verifying CloudFormation deployments for intra-update sniping vulnerabilities

security

Last synced: 15 Mar 2026

https://github.com/mauricelambert/chromepasswordsstealer

This module steals chrome and chromium passwords on Windows.

browser chrome password passwords pypi-package python3 recovery security stealer windows

Last synced: 15 Mar 2026

https://github.com/marthijn/sidio.web.security

Helper functions and middleware to secure ASP.NET Core applications

asp-net-core content-security-policy http security web-security

Last synced: 26 Oct 2025

https://github.com/barrersoftware/barrer-secure-browser

Privacy and security-focused web browser based on Chromium with zero telemetry, DNS-over-HTTPS, WebRTC protection, and enhanced security features. Built for Linux, Windows, and macOS.

browser chromium cross-platform degoogled dns-over-https open-source privacy privacy-browser secure-browser security webrtc-protection

Last synced: 14 May 2026

https://github.com/skyf0l/sveltekit-helmet

Important security headers for SvelteKit

csp headers helmet hsts http-headers security sveltekit

Last synced: 11 Apr 2025

https://github.com/cossacklabs/dockerfiles

Repository with docker containers, useful for running Themis and Acra

docker security themis

Last synced: 16 Mar 2026

https://github.com/szgabsz91/oauth2-authorization-proxy-server-spring-boot

Library for easily securing REST API endpoints in a Spring Boot applications using the reactive Spring WebFlux stack

facebook google oauth2 security spring-boot

Last synced: 20 Feb 2026

https://github.com/paratron/next-server-session

Functions to handle serverside session data and csrf tokens

csrf-tokens nextjs react security serverside-sessions session-lifetime

Last synced: 26 Feb 2026

https://github.com/vt-alt/ipt-so

Селектор меток безопасности для iptables

cipso ipso iptables kernel-module rfc1108 security

Last synced: 05 Oct 2025

https://github.com/foxcpp/secutils

Random security-related scripts for Linux systems

linux-security security

Last synced: 24 Mar 2025

https://github.com/equk/ffox_profiles_win

🦊 firefox profiles with security presets & userchrome styles on windows

firefox pin profiles security shortcuts userchrome windows

Last synced: 10 Apr 2025

https://github.com/dajiaji/mkkey

Application-layer Key Generator supporting JWK (JSON Web Key) and PASERK (Platform-Agnostic Serialized Keys).

cryptography jose jwk jwt paserk paseto python security

Last synced: 14 Jan 2026

https://github.com/badrap/docs.badrap.io

The docs.badrap.io experience™

documentation github-pages security vuepress

Last synced: 03 Jan 2026

https://github.com/franckferman/systematic

👻 SYSTEMatic: Systematically Seizing SYSTEM Rights. Token Impersonation POC. Alternative to PSExec for token theft. From Administrator to NT Authority\SYSTEM.

administration-system administrator c cyber-security cybersecurity elevation-of-privilege exploiting poc privilege-elevation privilege-escalation proof-of-concept proof-of-work psexec security security-tools system-administration token-stealer windows windows-10 windows-server

Last synced: 02 Apr 2026

https://github.com/thezakman/thegoonies-assets

All the assets done for TheGoonies CTF Team.

assets ctf hacking security

Last synced: 07 Feb 2026

https://github.com/customcommander/xss-lang

An experimental grammar for parsing XSS attacks

grammar javascript nearley parser security xss

Last synced: 25 Aug 2025

https://github.com/ghr-actions/settings-check

Checks that a GitHub repo's settings line up with a specification

actions github-actions github-api security

Last synced: 16 Apr 2026

https://github.com/someaspy/fuckie

Fuck Internet Explorer, Redirect users to a page explaining why its bad.

internet-explorer security website-development

Last synced: 09 Oct 2025

https://github.com/tpritc/verboten_keys

Verboten Keys is a last line of defense to help prevent you and your team from accidentally leaking private information via your APIs.

rack rails ruby security

Last synced: 08 Oct 2025

https://github.com/gordonzhang2024/xss-shield

A Python library to prevent your website from being attacked

python python-3 python-package python3 security web xss xss-attacks xss-scanner

Last synced: 24 Apr 2025

https://github.com/magnetikonline/cloudfront-edge-secgroup-update

Lambda function to synchronize a set of EC2 security groups allowing ingress only from CloudFront edge locations.

cloudfront ingress lambda security

Last synced: 02 Sep 2025

https://github.com/robertdebock/ansible-role-upgrade

Upgrade a package only if it is installed otherwise do nothing.

ansible molecule playbook security tox upgrade

Last synced: 02 Apr 2026

https://github.com/okikio/broadcast-channel-security-vulnerablility

Vulnerability in Broadcast Channel allowing for Arbitrary Code Execution when using Eval (In-direct and with "use strict")

security

Last synced: 18 Jan 2026

https://github.com/architecpoint/plesk-scripts

Standalone automation scripts for Plesk server management (Windows & Linux) — MySQL backups, WordPress cleanup, malware scanning, PCI-DSS header checks, and more. Self-updating bash scripts with PID locking and detailed logging.

automation backup bash linux malware-scanner mysql pci-dss plesk security shell-script windows wordpress

Last synced: 22 Jun 2026

https://github.com/bewakerai/bewaker

Guardrails for agentic coding

ai githooks guardrails merkle security vscode

Last synced: 21 Feb 2026

https://github.com/nikogura/keymaster

A tool for configuring Hashicorp Vault for Managed Secrets

security

Last synced: 14 Jan 2026

https://github.com/sebescudie/vl.virustotal

A not-complete-at-all implementation of the VirusTotal V3 API for vvvv

malware security virustotal vl vvvv

Last synced: 30 Oct 2025

https://github.com/kulkansecurity/mindthegap

A Python-based tool specifically designed for users to identify the "patch gap" in their Ubuntu release - the delay between the disclosure of a vulnerability and the patch release. By querying Ubuntu's CVE system, it provides a clearer picture of the current security standing of different Ubuntu versions.

cve patchgap security ubuntu

Last synced: 14 Mar 2025

https://github.com/divinemonk/hackers_n_devs

Collective resources for HACKERS and DEVELOPERS

dev developer github github-repos hackers repo security

Last synced: 09 Oct 2025

https://github.com/landlock-lsm/tuto-lighttpd

Landlock tutorial to patch lighttpd

landlock linux sandboxing security

Last synced: 09 Aug 2025

https://github.com/hhruszka/secrethunter

secretshunter is a penetration testing tool that uses regular expressions to search a filesystem for secrets (logins, passwords, API keys, hashes, ssh keys etc.).

scaning secrets secrets-detection security

Last synced: 14 Jan 2026

https://github.com/guardrailsio/docker-phpcs-security-audit

Dockerized version of PHPCS-Security-Audit

devsecops php security security-tools

Last synced: 02 Apr 2025

https://github.com/irfaardy/encrypt-file-laravel

🛡️A Simple Laravel Encrypt uploaded file plugin

aes256 encrypt encrypt-file laravel php7 secure security storage upload upload-file

Last synced: 27 Oct 2025

https://github.com/soapbucket/mcptest

The test suite your MCP server is missing. Tool, resource, agent-loop, schema-drift, compliance, and security tests against any Model Context Protocol server, in CI on every commit. One YAML suite, deterministic cassette replay, multi-model comparison, and LLM-judge evals. Rust, Apache-2.0.

agent-testing ai-agents anthropic compliance conformance developer-tools evals llm llm-as-a-judge llm-as-a-jury llm-evaluation llm-testing mcp mcp-testing openai security test-automation testing

Last synced: 26 Jun 2026

https://github.com/sorah/vault2kube

manage Vault lease on Kubernetes secrets and keep it fresh

hashicorp-vault kubernetes security vault

Last synced: 30 Apr 2026

https://github.com/kevcui/passgen

:key: Sync-less password manager generating password from a string and a file

bash bash-script passgen password password-generator password-hash password-manager password-safety password-store security security-tools

Last synced: 03 May 2026

https://github.com/javded-itres/holix

Helix is ​​a powerful self-learning AI agent with memory, skills, and the ability to recall tools. It learns from successful tasks and creates reusable skills for the future.

agent-skills ai assistant claude-code hermes hermes-agent llm llm-agents ouroboros python russian security self-hosted

Last synced: 12 Jun 2026

https://github.com/phamlongh230-lgtm/yamtam-engine

Personal Agent OS for Claude Code — 42 hooks, 3,432 skills, 93 agents. Blocks rm -rf, prompt injection, pipe-to-shell at runtime. Apache 2.0.

agent-os agents agentskills agi ai-safety aider claude-code cursor deepseek gemini hooks llm-safety prompt-injection runtime-hooks security

Last synced: 13 Jun 2026

https://github.com/mycloudlab/example-maven-dependency-check-sonar

Exemplo de uso do dependency check com sonar

dependency-check devops devsecops java security sonar

Last synced: 04 May 2026

https://github.com/mozilla-services/audit-filter

Filter for npm audit results

audit npm security

Last synced: 11 Oct 2025

https://github.com/jwplayer/github-vul

:octocat: Enable GitHub vulnerability alerts for all repositories

github security security-fix vulnerability-alerts vulnerability-management

Last synced: 24 Apr 2026

https://github.com/adamyordan/go-die

Go-DIE is a go wrapper module for Detect-It-Easy (https://github.com/horsicq/Detect-It-Easy/)

detect detect-it-easy detector disassembler go golang packer reverse-engineering security signature unpacker wrapper

Last synced: 18 Oct 2025

https://github.com/erwinkramer/running-a-container-securely-in-azure

Considerations for choosing an Azure container service for secure use cases.

azure container-apps container-instances security web-app-for-containers

Last synced: 09 Feb 2026

https://github.com/thirdkeyai/symbiont-sdk-python

Python DSK for Symbiont DSL and agent framework.

agent agents ai python sdk security symbiont

Last synced: 22 Apr 2026

https://github.com/unicef/holistic-assessments-for-ict4d

Guidance that provides a methodology for ICT4D practitioners to assess software from the security an privacy point of view.

assessment audit digital-impact evaluation guidance ict4d methodology security t4d technology-for-development unicef

Last synced: 03 Mar 2026

https://github.com/turbot/steampipe-mod-terraform-oci-compliance

Run compliance and security controls to detect Terraform OCI resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

compliance hacktoberfest oci oracle-cloud oracle-cloud-infrastructure powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 12 Feb 2026

https://github.com/timgrossmann/securitycat

Conent and PoC of my security testing automation thesis

policy security security-rat security-tools thesis

Last synced: 16 Feb 2026

https://github.com/wolfeidau/github-action-workflow-check

CLI which checks if the version of actions used in your workflow are up to date

github github-actions security

Last synced: 03 May 2026

https://github.com/alexander-naumov/pam2control

Easily configurable authentication provider

linux login pam pam-authentication protection security

Last synced: 22 Jan 2026

https://github.com/isaacpeel/solesonic-mcp-server

An enterprise-grade MCP server with built-in federated identity support for SSO across providers and secure, scalable access management.

ai identity java mcp mcp-security mcp-server mcp-tools security spring-boot-ai

Last synced: 01 Mar 2026

https://github.com/rhinobase/hono-under-pressure

Measure process load with automatic handling of "Service Unavailable" plugin for Hono Nodejs runtime.

api hono honojs middleware nodejs optimization security server web

Last synced: 04 Mar 2026

https://github.com/zj-dreamly/dreamly

java工具集合,整合了web开发常用组件

develop java jwt mail queue security springboot swagger tool

Last synced: 18 Feb 2026

https://github.com/joocer/fides

Fides - helping you keep secrets secret

action information-leakage passwords scanner security

Last synced: 12 Oct 2025

https://github.com/brandonfl/discord-virustotal-bot

Discord bot using VirusTotal API to check if the content of messages sent by discord users is safe

discord discord-bot security virustotal

Last synced: 17 Apr 2026

https://github.com/swissjake/seampass-generator

A comprehensive password generation solution with web app, browser extension, and CLI package. Generate secure random and memorable passwords with strength analysis.

chrome-extension cli cybersecurity monorepo nextjs password-generator password-strength react security tailwindcss typescript

Last synced: 05 Apr 2026

https://github.com/gmoqa/paranoik

HTTP Request integrity verifier middleware for Node.js

checksum express javascript middleware nodejs security

Last synced: 01 May 2026

https://github.com/astrohelm/isolation

How often do you see libraries which mutates global variables. Or how often do you check libraries actions 🥸 ?This library prevents unexpected behavior and global pollution.

astrohelm container context dependency-injection isolation javascript loader nodejs pollution-control realm realms runner sandbox script script-loader security v8 vm wrapper zero-dependencies

Last synced: 09 Apr 2026

https://github.com/johnny-morrice/sensephreak

Sensephreak: Single-exe outgoing port block scanner for the web

golang network security

Last synced: 12 Oct 2025

https://github.com/somniasum/crimsonhat

Fedora performance script. For linux beginners and hobbyist who want the most out of their system.

automation beginner beginner-friendly fedora linux performance security

Last synced: 03 May 2026

https://github.com/turbot/flowpipe-mod-entra

Microsoft Entra ID pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect Microsoft Entra ID to the people, systems and data that matters.

automation cloud devops entra flowpipe flowpipe-mod hacktoberfest integrations low-code microsoft-entra orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 01 Mar 2026