An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/checkedc/checkedc-fork

This was a fork of Checked C used from 2021-2024. The changes have been merged into the original Checked C repo.

c c-programming-language reliability security systems-programming

Last synced: 31 Oct 2025

https://github.com/rubysec/rubysec.github.io

Current home of rubysec.com

ruby rubygems security vulnerability

Last synced: 04 Apr 2025

https://github.com/jippi/go-metadataproxy

A proxy for AWS's metadata service that gives out scoped IAM credentials from STS

aws docker golang security sts-credentials

Last synced: 19 Mar 2025

https://github.com/leonjza/tc2

treafik fronted c2 examples

c2 cobaltstrike covenant redteam security traefik

Last synced: 01 Nov 2025

https://github.com/mdp/u2fdemo

U2F Demo and Debugger

security u2f yubikey

Last synced: 10 Apr 2025

https://github.com/luizbizzio/pihole-https

🔒 Enable HTTPS for Pi-hole with automatic SSL certificate generation, Tailscale DNS detection, and cross-platform compatibility for Windows, Linux, macOS, and Android devices.

android automation certificates dns guide https letsencrypt lighttpd linux macos open-source openssl pi-hole pihole pihole-tools security self-hosted tailscale tutorial windows

Last synced: 11 Apr 2025

https://github.com/cloudposse/terraform-aws-guardduty

Terraform module to provision AWS Guard Duty

compliance hcl2 security terraform terraform-modules

Last synced: 29 Apr 2025

https://github.com/volkansah/gpt-security-best-practices

The purpose of this document is to outline the security risks and vulnerabilities that may arise when implementing ChatGPT in web applications and to provide best practices for mitigating these risks.

ajax ajax-request chatgpt chf code-security html js php security security-risks server-side serverside-rendering vulnerabilities vulnerabilities-fix

Last synced: 12 Apr 2025

https://github.com/0xAkashsky/sub-scout

Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)

bugbounty cybersecurity infosec infosectools security tools

Last synced: 10 Mar 2025

https://github.com/linuxchata/fido2

Shark WebAuthn library for .NET. WebAuthn allows users to authenticate with cryptographic key pairs, where the private key remains securely stored on the user's device. This makes authentication resistant to phishing, credential stuffing, and data breaches.

fido2 fido2-standard passkeys passwordless passwordless-authentication security webauthn

Last synced: 14 Jan 2026

https://github.com/tanepiper/npm-lint

A linter for npm & node package.json files with a focus on dependency security

dependency-analysis linter linting-rules nodejs npm npm-scripts security security-tools

Last synced: 07 Sep 2025

https://github.com/rusty-ferris-club/recon

🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

devops devops-tools rust security security-tools

Last synced: 30 Apr 2025

https://github.com/jxnet/jxnet

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

capture-packets java jni libpcap network-security network-security-monitoring npcap packet-analyzer packet-capture packet-crafting packet-sniffer pcap-library security security-audit security-scanner sending-packets winpcap

Last synced: 09 Jul 2025

https://github.com/pilotpirxie/devcaptcha

🤖 Open source captcha made with React, Node and TypeScript for DEV.to community

captcha captcha-alternative hip mechanism puzzle react security solve typescript typescript-library

Last synced: 07 Oct 2025

https://github.com/alephao/nft-sale-proxy

A proxy to hide NFT metadata during the sale and prevent people from sniping specific NFTs.

nft nft-sale proxy security

Last synced: 31 Jul 2025

https://github.com/checkedc/checkedc

This was a fork of Checked C used from 2021-2024. The changes have been merged into the original Checked C repo.

c c-programming-language reliability security systems-programming

Last synced: 29 Mar 2025

https://github.com/mxlint/mxlint-cli

A set of tools to enhance Mendix app development workflows. They are mainly designed for professionals but should be usable for everybody.

best-practices golang linting mendix mxlint opa policies rego security xunit

Last synced: 04 Oct 2025

https://github.com/5gsec/nimbus

Intent driven security automation framework

5g 5g-core intents k8s o-ran operator-sdk security

Last synced: 14 Aug 2025

https://github.com/jenkinsci/ownership-plugin

Jenkins plugin. Provides explicit ownership of jobs and agents

adopt-this-plugin jenkins jenkins-plugin jenkins-security ownership plugin security ui

Last synced: 30 Sep 2025

https://github.com/esonhugh/springcloudheapdump

anonymous to cluster-admin via Heapdump.

heapdump kuberntes red-team security spring takeover

Last synced: 14 Jul 2025

https://github.com/pompelmi/pompelmi

File-upload malware scanning for Node.js. Express/Koa/Next.js adapters, ZIP deep-inspection, MIME/size checks, optional YARA.

antivirus api automation backend cli cybersecurity devops files filesystem javascript library module nodejs npm opensource scanner security server typescript web

Last synced: 03 Apr 2026

https://github.com/GitGuardian/ggmcp

MCP server for scanning and remediating hardcoded secrets using GitGuardian’s API. Detect over 500 secret types and prevent credential leaks before code goes public.

mcp mcp-server secrets security

Last synced: 15 Jan 2026

https://github.com/sergio11/eclipserecon

🌑 EclipseRecon is a personal project developed during my cybersecurity learning journey 🛡️. It helps practice web reconnaissance 🌐 by identifying subdomains 🧩, site structures 🧭, and vulnerabilities 🐞 in a controlled environment 🧪.

blue-team bug-bounty cybersecurity ethical-hacking information-gathering owasp penetration-testing reconnaissance red-team scan-tools security security-analysis security-reporting security-tools subdomain-scanner vulnerability vulnerability-scanner web-application-security web-crawler web-security

Last synced: 06 Sep 2025

https://github.com/cymmetria/honeycomb_plugins

The plugin repository for Honeycomb, the honeypot framework by Cymmetria

honeycomb python security security-tools

Last synced: 04 Apr 2026

https://github.com/johackim/privacy-checklist

Checklist to protect your privacy.

checklist privacy security

Last synced: 07 Feb 2026

https://github.com/trusera/ai-bom

AI Bill of Materials — discover every AI agent, model, and API in your infrastructure

ai ai-security bill-of-materials cyclonedx github-actions llm sarif sbom security

Last synced: 14 Feb 2026

https://github.com/michaelgrafnetter/webauthn-interop

Passkeys/FIDO2/WebAuthn .NET Library for Windows Desktop and CLI Applications

authenticator dotnet dotnet-core fido2 interop nuget-package passkeys security webauthn winapi windows-hello

Last synced: 05 Jun 2026

https://github.com/infineon/optiga-tpm

Infineon OPTIGA™ TPM 2.0

iot security tpm2

Last synced: 06 Feb 2026

https://github.com/feliz-szk/neutron

Powerful and smart Traffic Anonymizer using tor as a transparent proxy

anonymizer archlinux debian iptables kali-linux manjaro privacy proxy security tor tor-proxy transparent-proxy

Last synced: 03 May 2025

https://gitlab.com/coroner/cryptolyzer

CryptoLyzer is a fast, flexible, and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI.

DNSSEC HASSH HTTP headers JA3 LMTP MySQL/MariaDB POP3 RDP TLSv1.3 audit auditing certificate-transparency cryptography cybersecurity tools forward security ftp imap jabber ldap library mailsieve nntp openvpn pentest postgresql python root certificate scanner-cli security security scan security tools security-scanner security-tools sieve smtp ssh ssh keys sshkeys ssl tls tls13 vulnerability scanning xmpp xmpp-transport

Last synced: 30 Apr 2025

https://github.com/fabianacampanari/average-calculator

📊 Creation of a Grade Average calculator to find out if the final grade was sufficient or not for approval.

code-review css3 github github-actions github-pages html5 javascript license love-and-joy math photoshop programming security sponsors

Last synced: 28 Apr 2025

https://github.com/nwtgck/web-ssh-keygen

🔒🔑 Generate a key-pair of ssh-keygen for Web browser

browser secure security ssh-keygen web webcrypto

Last synced: 15 Apr 2025

https://github.com/jotygill/privacy-fighter

Easy to install, privacy protection browser setup. A collection of best browser extensions and configurations to help you fight for your online privacy.

browser chrome firefox privacy privacy-protection privacy-tools python python3 security

Last synced: 09 Oct 2025

https://github.com/perkss/tinklj

A Cryptographic Clojure Api for the Google Tink library

clojure crypto cryptography encryption encryption-algorithms encryption-decryption security

Last synced: 12 Apr 2025

https://github.com/levidurfee/gowafp

A Web Application Firewall for PHP written in Go

fastcgi fpm go golang php security waf

Last synced: 05 Oct 2025

https://github.com/zapalm/prestashop-security-vulnerability-checker

PrestaShop security vulnerability checker for known vulnerabilities.

cve hacktoberfest php-library prestashop security vulnerability

Last synced: 04 Sep 2025

https://github.com/lissy93/permissionator

🐧 A Linux chmod calculator, for generating safe file permissions

calculator chmod chmod-calculator filesystem linux permissions security

Last synced: 28 Oct 2025

https://github.com/lirantal/pie-my-vulns

Visualize your project security vulnerabilities as a pie chart in the terminal

nodejs npm npx security security-tools snyk

Last synced: 30 Apr 2025

https://github.com/mozilla-services/foxsec-pipeline

Log analysis pipeline utilizing Apache Beam

apache-beam dataflow log-analysis security

Last synced: 11 Apr 2025

https://github.com/ranguli/ioccheck

A tool for simplifying the process of researching IOCs.

blueteam hacking hacktoberfest ioc security

Last synced: 12 Jul 2025

https://github.com/securestackco/actions-sbom

A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!

automation-testing bill-of-materials deployment deployment-automation o sbom sbom-distribution sbom-generator sbom-repository sbom-tool security security-audit security-automation

Last synced: 12 Jul 2025

https://github.com/jeremylong/malicious-dependencies

Demonstrates how a malicious dependency could negatively impact the build output.

demonstration-project malicious-code reproducible-builds security

Last synced: 11 Apr 2025

https://github.com/penmast/chameleon

A Windows application-specific VPN and network monitoring tool

cplusplus dll-hooking dll-injection matplotlib monitoring network nmap openvpn pyqt5 pyqtgraph python scapy security vpn windows

Last synced: 09 Jul 2025

https://github.com/typo3/html-sanitizer

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

html parser php sanitization security xss

Last synced: 08 May 2025

https://github.com/whoopscs/scoop-security

用于渗透测试和网络安全相关工具下载、安装和自动更新的Scoop软件仓库。Scoop bucket for Penetration Testing and Cybersecurity related tools.

cybersecurity cybersecurity-tools pentesting pentesting-tools scoop scoop-bucket security security-tools windows

Last synced: 31 Oct 2025

https://github.com/caronc/ha-ultrasync

Interlogix ZeroWire and Hills ComNav (NX-595E) UltraSync Security Panel for Integration for Home Assistant Comunity Store (HACS)

comnav hacs homeassistant homeassistant-custom-component homeassistant-integration interlogix nx-595e security ultrasync

Last synced: 17 Mar 2025

https://github.com/anlominus/anlominus

GitHub Is the HOME ! 🔱 We believe in God, everyone else is suspicious 🔱

computer-science config development github github-config hacking management profile readme security toolset

Last synced: 28 Jul 2025

https://github.com/akunzai/windows-secure-auditor

PowerShell script to generate daily audit report, like Logwatch for Windows

audit iso27001 logwatch powershell security windows

Last synced: 16 Jan 2026

https://github.com/ravi-teja-konda/network_traffic_analyzer

A Python-based network traffic analyzer for PCAP files, providing insights into protocol distribution, IP communications, and potential port scanning activities.

network-monitoring network-traffic-analysis pcap-analyzer python scapy security traffic-analysis

Last synced: 23 Sep 2025

https://github.com/briandfoy/cpan-security-advisory

CPAN Security Advisory Database

cve data-pack perl security

Last synced: 02 Apr 2026

https://github.com/0llirocks/cvss-suite

CvssSuite - This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System.

cvss ruby-gem security

Last synced: 04 Oct 2025

https://github.com/turbot/steampipe-mod-microsoft365-compliance

Run individual controls or full compliance benchmarks for CIS across all of your Microsoft 365 and Office 365 tenants using Powerpipe and Steampipe.

azuread cis cis-benchmark compliance hacktoberfest microsoft365 office365 powerpipe powerpipe-mod security steampipe steampipe-mod

Last synced: 22 Apr 2025

https://github.com/dajiaji/python-cwt

A Python implementation of CWT/COSE.

cbor cose cryptography cwt hcert hpke jose jwk jwt python security

Last synced: 09 Apr 2025

https://github.com/drtychai/research101

General tips and advice for becoming interested in research, finding a suitable topic, and setting goals.

howto research security thesis

Last synced: 10 Apr 2026

https://github.com/m3ssap0/gitlab_rce_cve-2022-2884

Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.

cve-2022-2884 exploit gitlab security security-tools vulnerability vulnerability-scanners

Last synced: 25 Jun 2025

https://github.com/cretezy/masterpassx

A deterministic stateless password generator.

password password-generator security

Last synced: 15 Apr 2025

https://github.com/javaee/security-api

Java EE Security (JSR-375) API

java javaee jsr-375 security

Last synced: 14 Jan 2026

https://github.com/matro7sh/yelaa

Obtain a clean-cut architecture at the launch of a mission and run some tests ( subdomain search, fuzzing, make screenshots on a given perimeter )

go golang nuclei pentest-scripts pentest-tool security

Last synced: 12 Jan 2026

https://github.com/Baroshem/next-security

🛡 Security plugin for Next.js based on OWASP and Helmet

basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss

Last synced: 30 Aug 2025

https://github.com/letstri/permix

🔒 Permix is a lightweight, framework-agnostic, type-safe permissions management library for JavaScript applications on the client and server sides.

permissions security type-safe typescript

Last synced: 15 Apr 2025

https://github.com/baroshem/next-security

🛡 Security plugin for Next.js based on OWASP and Helmet

basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss

Last synced: 29 Jun 2025

https://github.com/gremwell/qsslcaudit

test SSL/TLS clients how secure they are

certificate certificate-validation dtls openssl security ssl tls

Last synced: 30 Apr 2025

https://github.com/s8sg/docker-firecracker

Generic container for launching a firecracker microVM inside a Docker container

container docker firecracker firecracker-microvms golang security

Last synced: 14 Apr 2025

https://github.com/xentra-ai/kube-guardian

A Kubernetes tool leveraging eBPF for advanced Kubernetes security, auto-generating Network Policies, Seccomp Profiles, and more.

kubernetes security

Last synced: 16 May 2025

https://github.com/lostintangent/github-security-alerts

VS Code extension to view and resolve the security alerts for your GitHub repositories 🔒

github security vscode-extension

Last synced: 14 Apr 2025

https://github.com/shuffle/singul

Singul: Connect to your favorite services with a Singul line of code.

ai api api-client automation data llm normalization open security source standardization standards

Last synced: 07 May 2026

https://github.com/frankzickert/jupyterlab-credentialstore

A secure way of storing credentials within JupyterLab

jupyterlab jupyterlab-configuration jupyterlab-extension security

Last synced: 30 Apr 2026

https://github.com/vialab/semantic-guesser

Training and testing of linguistic passwords models.

cracking nlp passwords pcfg security

Last synced: 22 Jan 2026

https://github.com/cbrnrd/netsploit

📡 A security research tool with shodan integration

network security shodan

Last synced: 15 Oct 2025

https://github.com/nanlabs/terraform-aws-starter

Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating secure state management, VPC configuration, security groups, RDS provisioning, secrets management, SSM parameter store, and GitHub Actions integration!

aws boilerplate documentdb eks github-actions hacktoberfest infrastructure-as-code mongodb-atlas rds-aurora rds-database secrets-manager security terraform terraform-module terraform-modules vpc

Last synced: 10 Apr 2025

https://github.com/RavSS/HAVK

An attempt at a minimalistic and secure operating system.

ada kernel operating-system osdev security spark-ada

Last synced: 14 Mar 2025

https://github.com/adamyordan/offbyslash-django-dumper

A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.

django dumper exploit nginx poc security source-code vulnerability web-security

Last synced: 29 Jun 2025

https://github.com/ca-risken/doc

RISKEN is a monitoring tool for visualizing security risks.

cspm risken security

Last synced: 03 Feb 2026

https://github.com/jvoisin/fortify-headers

Standalone portable header-based implementation of FORTIFY_SOURCE=3

c fortify-source libc security

Last synced: 13 Apr 2025

https://github.com/nextcloud/limit_login_to_ip

Nextcloud app that lets you Limit login to IP ranges

allowlist nextcloud open-source security

Last synced: 11 Mar 2026

https://github.com/FreshSupaSulley/Auto-2FA

Login through Duo Mobile in your browser

browser-extension duo duo-mobile security

Last synced: 23 Aug 2025

https://github.com/0x4d31/honeybits-win

Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!

deception go golang honeybits honeypot honeytoken honeytrap security

Last synced: 12 May 2025

https://github.com/elastic/camera-hacks

PoC exploits and tools for conducting vulnerability research against AJCloud Wi-Fi security camera products

ajcloud camera exploit hacking iot security wansview

Last synced: 13 Jun 2025

https://github.com/michenriksen/wikiranger

Gather information on Wiki contributions from IP ranges

osint ruby-cli security wikipedia

Last synced: 11 Apr 2025

https://github.com/JonasKruckenberg/rollup-plugin-sri

Add subresource integrity tags to all your html files 🔒

integrity rollup-plugin rollup-plugin-rsi security subresource-integrity

Last synced: 11 May 2025