Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-07-02 00:27:53 UTC
- JSON Representation
https://github.com/ivan-sincek/pre-master-secret-key
Set up all you need to capture pre-master secret keys to decrypt SSL in Wireshark.
batch decrypt-ssl decrypt-tls defensive-security environment-variables ethical-hacking incident-response offensive-security secret-keys security threat-hunting wireshark
Last synced: 16 Oct 2025
https://github.com/picobaz/pybruteforge
PyBruteForge: A powerful Python brute-force login tester for ethical security audits. Forge attacks with smart password patterns and CSV logging via a modular API-driven design. Strengthen your defenses—test ethically!
bruteforce cybersecurity ethical-hacking login-tester password-audit penetration-testing python security web-security
Last synced: 23 Oct 2025
https://github.com/mondoohq/terraform-provider-mondoo
Terraform Mondoo provider
Last synced: 02 Apr 2026
https://github.com/onzack/kube-defcon
A tool to visualize network policy information from the Kubernetes Master API
docker kubernetes network-policy security visualization
Last synced: 26 Oct 2025
https://github.com/tse-wei-chen/hs-sql-agent
A high-performance C# SQL Agent MCP that eliminates LLM hallucinations and security risks. Instead of letting the AI write raw SQL, it extracts parameters to generate deterministic, injection-free queries across 6 major databases—complete with a visual Admin UI and enterprise guardrails.
accuracy admin-panel ai-safety ai-safety-design anti-hallucination firebird mcp mcp-server mcp-servers mysql nl2sql oracle postgres postgresql security sql-agent sql-server sqlite
Last synced: 30 May 2026
https://github.com/venura9/manage-nsg
GitHub Action to Manage NSG Rules allowing public running deployment to resources secured by Azure NSGs
Last synced: 06 Feb 2026
https://github.com/jamiesonio/defectdojo-mcp
An experimental ModelContextProtocol server connecting LLMs to DefectDojo for AI-powered security workflows. Enables natural language interaction with vulnerability data, simplifies security analysis, and automates reporting through a lightweight middleware integration.
appsec defectdojo devsecops fastmcp mcp security security-automation
Last synced: 01 May 2026
https://github.com/getarcis/arcis
Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.
bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss
Last synced: 06 Jun 2026
https://github.com/soulteary/stargate
A minimal ForwardAuth gateway for Traefik and Nginx that handles login sessions and request access control. / 面向 Traefik 和 Nginx 的极简 ForwardAuth 鉴权网关,负责会话与访问控制。
auth authentication authorization enjoy-with-stargate forwardauth gateway nginx reverse-proxy security sso traefik
Last synced: 11 Feb 2026
https://github.com/kevinrabun/judges
MCP server with specialized judges to evaluate AI-generated code for security, cost, scalability, cloud readiness, and best practices.
ai-agent ai-code-review ai-generated-code code-quality code-review judge mcp mcp-server security software-architecture static-analysis typescript
Last synced: 05 Apr 2026
https://github.com/rad-security/clawkeeper
Open-source security scanner for AI agent hosts. Audits macOS and Linux machines for misconfigurations, credential exposure, and network hardening — 42 checks across 5 phases with auto-fix.
ai-agents bash devsecops hardening linux macos openclaw scanner security
Last synced: 12 Jun 2026
https://github.com/katosh/agent_sandbox
Sandbox AI agents on HPC systems with slurm.
ai-agents bubblewrap firejail hpc landlock sandbox security slurm
Last synced: 05 May 2026
https://github.com/protokol/guardian
Transaction Based Permission Management (Users and Group) OnChain
ark blockchain configurable permissions security user-management
Last synced: 19 Oct 2025
https://github.com/kumuluz/kumuluzee-security
KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.
cloud-native java javaee kumuluzee microservices oauth2 openid-connect security
Last synced: 17 Oct 2025
https://github.com/edsoncelio/ctf-guide
Information guide about CTF: https://edsoncelio.github.io/ctf-guide/
computer-engineering criptography pentest security
Last synced: 06 Feb 2026
https://github.com/piecioshka/is-responding
🛠 A tool to find active endpoint use an enumeration strategy
Last synced: 17 Jun 2026
https://github.com/0xbitx/dedsec_shred
DEDSEC_SHRED is a Linux-based tool for securely erasing files and directories
delete encryption-decryption file-shredder files linux-tool remove security
Last synced: 08 Feb 2026
https://github.com/kostasereksonas/tp-link-tl-wr841n-security-analysis
Security analysis of a TP Link tl-wr841n router.
cybersecurity nmap router security security-analysis security-vulnerability tp-link tp-link-wr841n vulnerability wr841n
Last synced: 28 Feb 2026
https://github.com/theruziev/security_interface
Simple API for authentication and authorization.
python-3-6 python-asyncio security
Last synced: 17 Mar 2026
https://github.com/mablanco/docker-rapidscan
Docker image for Rapidscan, a multi-tool web vulnerability scanner
Last synced: 02 Jun 2026
https://github.com/5GSEC/security-intents
Repository to hold security intents in standard template format.
5g blueprints intents k8s kubernetes o-ran security
Last synced: 16 Jun 2026
https://github.com/jef/gh-audit-org-keys
🔑 Provides list of public SSH keys of an organization
github-api john-the-ripper openssl security ssh
Last synced: 03 Apr 2026
https://github.com/marirs/unquarantine-rs
Unquarantine/extract/decrypt Quarantined files
antivirus av decrypt extract rust rust-crate rust-lang rust-library security security-tools unquarantine
Last synced: 22 Jun 2026
https://github.com/lauslim12/attendance
🔐 Secure full-stack + REST API implementation of 2FA in the form of an attendance system
api authentication authorization express full-stack multi-factor-authentication nextjs owasp production security totp typescript
Last synced: 10 May 2026
https://github.com/adhar-io/adhar
ADHAR - The Open Cloud-Native Foundation
adhar adhar-patform ai analytics architecture cloud-native data developerexperience devops enterprise gitops governance helm idp k8s kubernetes microservices rapid-development security
Last synced: 25 Feb 2026
https://github.com/aran112000/nope-php
Nope! A lightweight tool for monitoring your log files and dynamically blocking nuisance or malicious IPs based on easy to define, dynamic rules which you control
anti-bot attack-prevention ban-hosts ban-management ips linux log-analyzer monitoring php php-cli rate-limiting security
Last synced: 22 Apr 2025
https://github.com/samuel-lucas6/doublesec
A simple, double-paranoid encryption library inspired by TripleSec.
aes aes-ctr blake2b blake2b-512 cascade-encryption cascade-encryption-scheme crypto cryptography encryption hmac hmac-sha512 libsodium libsodium-core libsodium-net multiple-encryption security triplesec xchacha20
Last synced: 15 Apr 2025
https://github.com/authress/authress-local
Local running version of an Authorization API in a container
api authentication authorization authress container offline sdk security
Last synced: 13 May 2025
https://github.com/sindecker/pentest-playbook
The Penetration Testing Playbook — Beginner to Intermediate Field Guide. 359 pages, 731 code examples, 37+ compliance frameworks. Read free on GitHub.
active-directory beginner bug-bounty burp-suite ctf cybersecurity ethical-hacking hacking infosec oscp oscp-prep owasp penetration-testing pentest red-team security security-tools web-security
Last synced: 18 Apr 2026
https://github.com/kubeshop/monokle-action
Run this GitHub action to validate your Kubernetes resources with the Monokle SARIF validator.
devsecops github-actions kubernetes sarif sarif-report scanner security validation
Last synced: 07 Apr 2025
https://github.com/vaibhavpandeyvpz/phuck
Single-file shell to f__k vulnerable PHP servers, solely for educational and research purposes. Powered by Bootstrap and React.js, features a file browser and browser based, SSH like terminal.
administraction file-manager hacking security shell ssh sysadmin terminal
Last synced: 24 Apr 2025
https://github.com/akimrx/python-yc-lockbox
Python Yandex Lockbox client (secrets vault).
cloud lockbox python-lockbox-client python3 secrets security vault yandex yandex-cloud yandex-lockbox yandex-lockbox-client yandexcloud yc-lockbox yc-secrets
Last synced: 16 Jan 2026
https://github.com/rknf404/chromium-hardening-guide
Harden chromium (somewhat)
chromium chromium-browser security
Last synced: 15 Apr 2025
https://github.com/swedishmike/dmarcparser
A quick and dirty implementation to get DMARC reports into Splunk for further analysis
dmarc dmarc-reports email python security spam-prevention splunk splunk-sdk
Last synced: 08 May 2025
https://github.com/edersonbrilhante/vilicus-github-action
GitHub Action to use Vilicus in your GitHub workflow
anchore cicd clair docker-image docker-scanner github-actions oci-image scan-images security security-scanner security-tools security-vulnerability trivy vilicus
Last synced: 08 May 2025
https://github.com/mhmdiaa/acumen
A clean UI with a modular structure to enhance security researchers' ability to work with data
penetration-testing penetration-testing-tools pentesting recon security security-tools user-interface visualization web-application-security
Last synced: 19 Apr 2025
https://github.com/Nearata/flarum-ext-twofactor
A Flarum extension. Allow your users to enable two factor authentication.
flarum flarum-extension security two-factor
Last synced: 28 Mar 2025
https://github.com/jul10l1r4/identificador-cve-2018-11759
This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer
apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing
Last synced: 16 May 2025
https://github.com/grapheneos/platform_packages_modules_networkstack
android grapheneos privacy security
Last synced: 13 Apr 2025
https://github.com/software-engineering-and-security/confuzzion
Confuzzion is a Java Virtual Machine (JVM) fuzzer generating Java programs to find bugs and vulnerabilities in the Java VM.
bug code-generation crashes fuzzer java java-virtual-machine java-virtual-machine-fuzzer jvm jvm-fuzzer jvm-fuzzing security soot testing type-confusion vulnerabilities vulnerability
Last synced: 27 Jul 2025
https://github.com/kaanguru/lock4it
Offline hardware and software asset management tool for IT professionals.
cross-platform password-manager privacy pwa pwa-apps security skeleton svelte sveltekit tailwindcss typescript
Last synced: 01 Sep 2025
https://github.com/havendv/namedpipeserverstream.netframeworkversion
.NET Standard version of NamedPipeServerStream that contains PipeSecurity constructor.
access-control csharp dotnet ipc namedpipeserverstream netstandard netstandard20 pipes pipesecurity security serverstream system windows
Last synced: 19 Apr 2025
https://github.com/olliecheng/passwordbreachchecker
A small unofficial extension to check passwords you type in against the database at HaveIBeenPwned (Chrome only for now)
browser-extension chrome-extension extension password-security security
Last synced: 26 Jun 2025
https://github.com/tech-at-du/acs-3230-web-security
🔐 This course covers key concepts in internet data security and best practices for keeping information safe. Students will examine historical hacks, learn how to analyze websites and web architectures for classical security vulnerabilities, and learn how to defend against security attacks.
Last synced: 08 Jul 2026
https://github.com/authress/authress-sdk.py
The Python Authress SDK provides authorization as a service with fully compatible REST apis.
authorization authorization-backend authorization-framework authorization-middleware authorization-server authorizationservice authress python security
Last synced: 13 May 2025
https://github.com/volkansah/minigrex
MiniGreX will be designed with security in mind, and the code will be written to minimize the risk of SQL injection attacks and other security vulnerabilities. To ensure maximum security, we recommend keeping the CMS up-to-date with the latest security patches and using strong passwords for all user accounts.
authentication cms cms-backend cms-framework codeigniter content-management content-management-system hacker mariadb mysql php pod posgresql prepared-statements security security-audit security-tools user-interface usermanagement xss-filter
Last synced: 12 Apr 2025
https://github.com/bocaletto-luca/bug-github-farms-points
Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially
bocaletto-luca bug farms github github-bug hack hacking points security yaml
Last synced: 27 Apr 2026
https://github.com/rabbit-company/passwordgenerator-js
Password generator implemented in JavaScript (ES6).
generator password security strength
Last synced: 13 Jul 2025
https://github.com/muayyad-alsadi/oneway
a tool to drop privileges for docker entry-points
containers docker init-system jail privileges security
Last synced: 18 May 2026
https://github.com/0x4f53/PIIscout
Continuous PII classification and reporting on the internet, powered by AI!
artificial-intelligence blackhat blueteam golang ocr optical-character-recognition osint perplexity personally-identifiable-information pii python reconnaissance security security-tools transformer
Last synced: 31 Mar 2025
https://github.com/hleliofficiel/exaaiagent
ExaAiAgent — Advanced AI-powered penetration testing framework with Docker sandbox, multi-agent workflows, and 50+ integrated cybersecurity tools.
ai-agent bug-bounty cybersecurity hacking llm pentesting prompt-injection python security vulnerability-scanner
Last synced: 01 Apr 2026
https://github.com/lytexdev/seal-pi
🦭 Seal-Pi: Security Camera 🦭
camera flask raspberry-pi seal-pi security
Last synced: 13 Apr 2025
https://github.com/rarecoil/mqtt-packet-fuzzy
Radamsa-backed, hooked mqtt-packet for blind MQTT protocol fuzzing on Mac, Linux and Windows.
fuzzing mqtt mqtt-packet mqttjs radamsa security
Last synced: 01 Jul 2025
https://github.com/touti-sudo/touti-cracker
a hacking tool for password cracking
brute-force brute-force-attacks bruteforce hacking hacking-tool hacking-tools hacktool hacktools pantest pentest-scripts pentest-tool pentesting pentesting-tools security security-tools windows windows-11 windows10
Last synced: 04 Jan 2026
https://github.com/teh9/laravel-tg-2fa
A simple implementation of a two-factor authentication via Telegram for Laravel
2fa auth authentication laravel login php security telegram two-factor
Last synced: 22 Aug 2025
https://github.com/narrowspark/automatic-security-audit
[READ ONLY] :warning: A composer plugin that checks if your application has known security vulnerabilities.
audit automatic composer composer-plugin narrowspark-automatic security security-advisories
Last synced: 13 Jan 2026
https://github.com/bitdefender/hvmi-blog
A place where the HVMI team writes about memory introspection and other fun stuff.
hypervisor introspection reverse-engineering security virtualization virtualization-based-security
Last synced: 15 Apr 2025
https://github.com/mellow-hype/keysniffer-poc
Simple PoC Linux keysniffer showing impact of a lack of GUI-isolation in X display server.
infosec keysniffer linux proof-of-concept security
Last synced: 09 Jul 2025
https://github.com/njokuscript/blowfishjs
A Typescript/Javascript library for interacting with the Blowfish APIs
javascript security solana web3
Last synced: 19 Apr 2025
https://github.com/rix4uni/gf-patterns
grep parameters (allparam,idor,lfi,rce,redirect,sqli,ssrf,ssti,xss)
bug-bounty bugbounty bugbountytips gf gf-patterns hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools threat-intelligence
Last synced: 12 Feb 2026
https://github.com/goto-bus-stop/micro-helmet
security headers for micro
csp headers helmet hsts http http-headers micro security
Last synced: 17 Aug 2025
https://github.com/reconmap/mobile-client
React-native based mobile client for Reconmap
android infosec mobile pentesting react-native security vulnerabilities
Last synced: 10 Sep 2025
https://github.com/cpan-security/cpan-advisory-database
cpan security vulnerability vulnerability-identification
Last synced: 29 Dec 2025
https://github.com/mchmarny/sds-demo
Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain
demo devops gcp sds security supply-chain
Last synced: 05 Aug 2025
https://github.com/janloebel/nipca
Network IP Camera Application Programming Interface (NIPCA) - Client
client ip-camera ipcamera javascript nipca node security
Last synced: 15 Jul 2025
https://github.com/shgtkshruch/ssh-connection-with-session-manager
Access AWS resources with Session Manager
aws capistrano rails security session-manager terraform
Last synced: 15 Apr 2025
https://github.com/picobaz/nexusbrute
NexusBrute: A modular Node.js brute-force login tester for ethical security audits. Simulate password attacks with smart patterns, auto-CSRF handling, and CSV logging. Harden your systems—use with permission only!
bruteforce cybersecurity ethical-hacking login-tester nodejs password-audit penetration-testing security web-security
Last synced: 06 Jan 2026
https://github.com/derhuerst/generate-node-policy-file
Generate a Node.js policy file for your code.
Last synced: 15 Apr 2025
https://github.com/rideu/ndot
DNS over DoT relay. Designed for DHCP-configurable routers that supports custom DNS servers.
csharp dns dns-over-tls rfc1035 rfc7858 security security-tools
Last synced: 15 Jul 2025
https://github.com/nilportugues/php-uuid
Use this class to encapsulate the latest and more secure Uuid versions
composer php php7 secure security uuid uuid-generator uuid4 uuid5
Last synced: 14 Jul 2025
https://github.com/mercedes-benz/sechub-plugin-intellij
intellij plugin for sechub
ide intellij intellij-plugin plugin sechub security security-automation security-testing
Last synced: 22 Jun 2025
https://github.com/windblaze/aegis
MITM protection for MacOS
arp-poisoning arp-spoofing guard macos man-in-the-middle mitm protection security
Last synced: 09 Jul 2025
https://github.com/dimosr/monitorito
A browser extension for visualisation and monitoring of browser HTTP traffic
browser graph plugin security visualisation
Last synced: 21 Apr 2025
https://github.com/nolze/imagesteg
A simple image steganalysis (steganography analysis) tool in Python with web-based GUI
ctf security steganalysis steganography
Last synced: 13 Aug 2025
https://github.com/muqsit/2fa
[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.
2fa mfa pmmp pocketmine-mp security
Last synced: 05 Aug 2025
https://github.com/kaansk/go-euvd
Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.
api-client cvss enisa epss european-union euvd go golang incident-response open-source oss security threat-intelligence vulnerability vulnerabilitymanagement
Last synced: 16 Jul 2025
https://github.com/fabian-hk/secure-two-party-computation
Python implementation of the TPC protocol from the paper "Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation"
google-protocol-buffers multi-party-computation network-communication python3 secure-computation security tpc two-party-computation
Last synced: 14 Apr 2025
https://github.com/nikanique/spring-rest-framework
Spring REST Framework (SRF) is a powerful library for Spring applications that brings the simplicity and flexibility of Django's REST Framework to Spring. SRF streamlines API development with powerful serialization, flexible filters, and seamless integration.
api cqrs data-jpa dto filter generator rest-api security serialization spring spring-boot validation
Last synced: 14 Jan 2026
https://github.com/ufukty/ovpn-auth
Simple to use, easy to deploy 2FA login for OpenVPN servers
authentication golang openvpn password security totp two-factor-authentication
Last synced: 17 Jan 2026
https://github.com/sattyamjjain/agent-audit-kit
Static scanner for MCP-connected AI agent pipelines — 194 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.
ai-agent ai-agent-security ai-safety ai-security claude-code github-action mcp mcp-security owasp sarif scanner security security-scanner static-analysis supply-chain-security tool-poisoning
Last synced: 23 May 2026
https://github.com/t94j0/polymorphic_compression_malware
Warning, this is malware. Don't do something stupid with it
Last synced: 07 Mar 2026
https://github.com/mitre/microsoft-sql-server-2014-instance-stig-baseline
Inspec Profile to validate MSSQL 2014
disa inspec mitre-corporation mssql-2014 mssqlserver security stig
Last synced: 30 Oct 2025
https://github.com/marcreichel/password-exposed-rule
Laravel Validation rule to check that a password hasn't been exposed
data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation
Last synced: 13 Jan 2026
https://github.com/fodinabor/esposecsignauth
Module for EspoCRM that uses SecSign for Two-Factor Authentication.
Last synced: 01 Aug 2025
https://github.com/haikelfazzani/otp
🔐 Zero dependencies Deno/Bun/Node/Browser module for TOTP and HOTP generator based on RFC 6238 and RFC 4226 🗝️
2fa browser bun cryptography deno hotp nodejs one-time-password otp rfc-6238 rfc4226 security totp web-crypto web-cryptography-api
Last synced: 13 May 2025
https://github.com/shaialon/express-csp-generator
Content Security Policy Generator, Powered by RapidSec
Last synced: 03 Sep 2025
https://github.com/mufeedvh/okjson
A fast, simple, and pythonic JSON Schema Validator.
json jsonschema jsonschema-python-library jsonschema-validator schema security validation validation-library
Last synced: 01 Apr 2025
https://github.com/jpts/coredns-enum
Discover K8s Services & Pods through DNS Records in CoreDNS
coredns enumeration kubernetes networking security
Last synced: 12 May 2025
https://github.com/righettod/code-snippets-security-utils
Provides different utilities methods to apply processing from a security perspective.
appsecurity code-snippets java security
Last synced: 31 Aug 2025
https://github.com/situ-vault/situ-vault
Simple toolbox for working with encrypted secrets
fyne golang kustomize-plugin secret-distribution secret-management security vault
Last synced: 14 Jan 2026
https://github.com/luisschwab/smaug
smaug 🐉 guards your coins and sends you an email if they move
Last synced: 24 Jan 2026
https://github.com/exxeta/flutter-security-toolkit
Mobile Security Toolkit for Flutter
flutter security security-tools
Last synced: 23 Oct 2025
https://github.com/netlify/plugin-csp-nonce
Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.
Last synced: 26 Oct 2025
https://github.com/rulilg/litic
JS library to perform technical SEO and best practices analysis to your projects.
accessibility best-practices security seo technical-seo web-development
Last synced: 13 Oct 2025
https://github.com/sowoi/check-nextcloud-security
Check the security level of your Nextcloud instance with the Nextcloud Security API
icinga icinga2 icinga2-plugin nagios-checks nagios-plugin nextcloud nextcloud-server python3 scan security
Last synced: 11 Jun 2026
https://github.com/actalog/mongodump
🍃 GitHub Action for creating a binary export of a database's contents
actions backup database github-actions mongodb mongodump security
Last synced: 27 Feb 2026