An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/mxschmitt/react-have-i-been-pwned

React component for: Have I Been Pwned?

hibp javascript passwords react security

Last synced: 19 Apr 2025

https://github.com/dxc-0/respect-my-internet

Opensnitch / LittleSnitch - No-Gafam (blocklist for facebook, google, microsoft, amazon, huawei, tencent, apple, xiaomi ...) - aggressive privacy and protection (trackers, spywares, malwares, cti feeds, malicious ips, phishing...) - 99% in adsblockers tests !

anonymity blocklist firewall firewall-configuration firewall-rules netfilter nftables-rules no-amazon no-apple no-batx no-facebook no-gafam no-microsoft open-source opensnitch privacy-protection privacy-tools respect-privacy script security

Last synced: 16 May 2025

https://github.com/lambdacasserole/hack-this

A collection of common web programming security mistakes.

education hacking php security sql-injection vulnerabilities

Last synced: 09 Feb 2026

https://github.com/s4u/pgp-keys-map

PGP keys map to maven artifacts

hacktoberfest java maven-plugin pgp pgp-key security

Last synced: 11 Oct 2025

https://github.com/skosachiov/remediations-gendbuntu

The main goal of this project is the configuration and control of various types of devices operating in a corporate environment. Information security is the main direction of development. Roles have default settings that can be dynamically overridden using "inventories" folder rules based on subnet, host group (organizational unit or branch), OS.

ansible automation centos compliance debian group-policy laps linux redhat remote-assistance sccm security security-audit security-automation ubuntu

Last synced: 15 May 2025

https://github.com/jpetrucciani/bandit-check

github action to run the bandit security linter

action bandit github-action hacktoberfest lint python security

Last synced: 09 Oct 2025

https://github.com/varunon9/fakelock

An android app for extra privacy. It will protect selected apps by adding a lock screen above them until correct password is entered. (Not complete, In active development process. PRs are welcomed)

android android-custom-lockscreen android-protect-apps privacy security

Last synced: 14 Mar 2026

https://github.com/zb3/tiandy-research

This repository contains the results of my August 2020 research of Tiandy's IPC/NVR firmware. I found two vulnerabilities that could be used to remotely recover the administrator password and gain root access to the device.

full-disclosure security

Last synced: 17 Jan 2026

https://github.com/ibasebcast/ha-alarmdotcom

Modernized Alarm.com integration for Home Assistant with ongoing maintenance and fixes.

alarm-com alarmdotcom hacs hacs-integration home-assistant home-assistant-integration home-security homeassistant security

Last synced: 21 Apr 2026

https://github.com/tink-crypto/tink-go-gcpkms

Extension to Tink Go that provides Google Cloud KMS integration

crypto cryptography gcp-kms go golang golang-library google-cloud-kms security tink

Last synced: 12 Jan 2026

https://github.com/madhuakula/hacked-emails

Command line hacked-emails

go golang hacked-emails infosec security

Last synced: 11 Aug 2025

https://github.com/X0RBYT3/OSINT-Tools

An Online Collection of Open Source Intelligence Tools

css html osint repository security security-audit security-scan security-tools

Last synced: 12 Jul 2025

https://github.com/krisnova/.net

Compiled Works: Computer Science, Engineering, Analysis, Research

analysis computer-science kernel linux research security

Last synced: 14 Apr 2025

https://github.com/sigstore/sigstore-a2a

Sigstore A2A Agent Signing

agent cryptography security sigstore

Last synced: 22 Feb 2026

https://github.com/arch3rpro/securityrss

A Collection of Security RSS Feeds OMPL 网络安全资讯RSS订阅源

cybersecurity opml rss-feed security

Last synced: 26 Jan 2026

https://github.com/psenger/jersey2-security-jwt

Jersey 2 with JWT Token Security

jersey2 jwt jwt-token security

Last synced: 14 Apr 2025

https://github.com/jnaulty/multi-yubikey-helper

Same Subkeys, Many Yubikeys...

gpg hsm security yubikey

Last synced: 13 Aug 2025

https://github.com/chamodanethra/biometric_signature

Hardware-backed biometric authentication for Flutter. Create cryptographic signatures using device biometrics with keys stored in Secure Enclave/StrongBox/Windows Hello.

android biometric-authentication cryptography flutter ios macos secure-enclave security strongbox windows windows-hello

Last synced: 01 Apr 2026

https://github.com/costela/wile

Stripped down letsencrypt (ACME) client

acme certificate cli client python security ssl

Last synced: 09 Apr 2025

https://github.com/securestackco/actions-log4j

A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

devsecops github-actions java java-vulnerability java8 jre log4j log4j-rce log4j2 log4js log4shell scanning security security-automation security-tools software-composition-analysis static-analysis vulnerabilities vulnerability-assessment vulnerability-scanner

Last synced: 30 Jul 2025

https://github.com/jasondrawdy/amaterasu

Lightweight licensing library for .NET applications which allows the managing of licenses via web based scripts and on-the-fly code compilation.

amaterasu antebyte code-generation compiler cryptography csharp dotnet dynamic encryption hacking library license license-management memory-management networking on-the-fly scripting security web windows

Last synced: 22 Apr 2025

https://github.com/cybrota/scharf

Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks

ci-cd cybersecurity devsecops github github-actions go golang security security-tools supply-chain-security

Last synced: 17 Jan 2026

https://github.com/hktalent/blackips

black Ip lists, dorks-collection

black-ips block-ip dorks security

Last synced: 14 May 2025

https://github.com/willfindlay/suidsnoop

suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.

aya ebpf linux linux-kernel lsm rust security suid-binaries

Last synced: 07 May 2025

https://github.com/stratum-mining/stratumprotocol.org

Website for the Stratum V2 bitcoin mining protocol

bitcoin decentralization efficiency flexibility mining security

Last synced: 04 Sep 2025

https://github.com/mitre/aws-s3-baseline

A micro InSpec baseline to check for insecure or public s3 buckets in your VPC

aws aws-s3-security aws-security inspec microprofile mitre-corporation mitre-inspec mitre-saf s3 s3-bucket s3-bucket-leak s3-security security

Last synced: 29 Jul 2025

https://github.com/dropbox/bhakti

Bundle of security analysis scripts for keras tensorflow models

cdk python security yara-rules

Last synced: 04 Jul 2025

https://github.com/ihexon/revm

revm helps you quickly launch Linux VMs / Containers

container docker libkrun orbstack podman sandbox security vfkit virtualization vm

Last synced: 09 Mar 2026

https://github.com/enquo/enquo-core

Core cryptographic code to allow encrypted query operations

cryptography encryption enquo hacktoberfest ruby rust security

Last synced: 13 Apr 2025

https://github.com/sharenowtech/virity

Automated Vulnerability Analysis and Disclosure of Docker Containers

anchore-engine cve docker etcd k8s security sensu

Last synced: 05 Sep 2025

https://github.com/camandel/check-password-strength

check-password-strength is an open-source tool that could help you to check how your passwords are good

password password-strength security tool zxcvbn

Last synced: 12 Jan 2026

https://github.com/cosad3s/njsdump

Dump paths & pages from Next.js Manifest

bugbounty nextjs recon security

Last synced: 14 Oct 2025

https://github.com/austincabler13/acsecurity

AcSecurity is a Python module designed to scan applications for common security vulnerabilities. It checks for hardcoded secrets, dependency vulnerabilities, and code quality issues.

acsecurity ai chatgpt copilot india-dev made-in-usa security security-tools

Last synced: 26 Mar 2025

https://github.com/netflix-skunkworks/bucketsnake

An AWS lambda function that grantsss S3 permissionsss at ssscale.

aws badpunsss cross-account iam lambda permissions s3 security serverless

Last synced: 28 Jul 2025

https://github.com/rocketshipapps/adblockfast-android

[Moved] Adblock Fast for Android is an Android port of the Adblock Fast app.

android data-structures frontend gradle html http java mobile security xml

Last synced: 25 Jul 2025

https://github.com/nyxnor/onioncomms

OnionComms is a repository of script to run an onion server and guides to configure client side applications to connect to any onion service that uses the same protocol, therefore, onion communications.

file-sharing hidden-service instant-messaging omemo onion-service open-source otr privacy proxy remote-administration rss security self-hosted tor tor-network voip xmpp xmpp-server

Last synced: 13 Jun 2025

https://github.com/contributte/oauth2-client

:lock: OAuth2 client for Nette Framework

client contributte http nette nette-framework oauth2 security

Last synced: 30 Oct 2025

https://github.com/pawamoy/django-meerkat

Security audit tool for Django sites

audit django monitoring security

Last synced: 24 Oct 2025

https://github.com/middlewares/csp

PSR-15 middleware to add the Content-Security-Policy header to the response

csp http middleware psr-15 security

Last synced: 06 May 2025

https://github.com/anvilsecure/symlink-secure-boot-vm

VM demonstration various symlink and hard link attacks against secure boot. See the whitepaper at: https://www.anvilventures.com/blog/defeating-secure-boot-with-symlink-attacks.html

attacks boot hacking secure secureboot security symlinks vms whitepaper

Last synced: 07 Jan 2026

https://github.com/elcritch/keyx

Elixir implementation of Shamir's Secret Sharing

crypto secret-sharing security

Last synced: 07 May 2025

https://github.com/devteds/e2-setup-private-docker-registry

Setup private docker registry using docker machine - https://devteds.com/episodes/2-setup-private-docker-registry-secure-with-ssl-password

digitalocean docker docker-compose docker-machine docker-registry free-ssl free-ssl-certificates nginx private-docker-registry security ssl-certificates

Last synced: 10 Apr 2025

https://github.com/FIWARE/academy

:mortar_board: Video tutorials, slide decks and other training materials for developers learning about the FIWARE ecosystem.

context-broker contextual-data data-publication fiware generic-enablers iot-agent monetization processing robotics security tutorial video-tutorial

Last synced: 04 May 2025

https://github.com/buanzo/webmon

A scalable, plugin-based url asset monitoring system based on zeromq, flask-restful, redis and docker-compose

asset-monitoring docker docker-compose flask-restful osint osint-framework osint-python python3 redis security url-monitor web-monitoring

Last synced: 11 Apr 2025

https://github.com/agadiffe/windowsmize

:pushpin: PowerShell script to automate and customize the configuration of Windows. General settings, telemetry, network protocols, apps removal/installation, ramdisk, services, scheduled tasks.

bloatware cleanup debloat debloater optimize powershell powershell-module powershell-script privacy security telemetry tweaks windows windows-10 windows-11 windows10 windows11

Last synced: 11 Apr 2025

https://github.com/cr0hn/wordpress-docker-sec

Anti-hacking tools deploying configuration for Wordpress

hacking hardening nmap plecost security wordpress wp-scan wp-scanner

Last synced: 11 Apr 2025

https://github.com/DoneDeal0/codefather

Codefather protects your codebase by controlling who can change what. Set authorization levels, lock down files, and enforce your rules—offline via CLI or online with GitHub Actions.

access-control cli code-review codefather codeowner-approval codeowners codeowners-files file-protection github-actions godfather mafia protection repository-management reviewer reviewer-assignment rule-based security team-management

Last synced: 11 Sep 2025

https://github.com/alegrey91/vex8s

Generates VEX documents by parsing the Kubernetes SecurityContext configuration

security security-scanner security-tools trivy vex vulnerability

Last synced: 27 Feb 2026

https://github.com/anomaly/gallagher

The missing toolkit for extending Gallagher Command Centre, featuring a CLI, SQL interface, TUI and a Python idiomatic SDK

cli foss gallagher python sdk security sql tui

Last synced: 14 Jan 2026

https://github.com/mrdcvlsc/aes

A Lightweight Single Header file C++ AES Library that also supports AES Hardware Acceleration Technology

aes aes-128 aes-decryption aes-encryption aes192 aes256 aesni armv8 block-cipher blockcipher cipher confidentiality cplusplus cpp decryption encryption hardwareaccelerated key library security

Last synced: 15 Oct 2025

https://github.com/kamil-kielbasa/libedhoc

EDHOC (RFC 9528): Lightweight authenticated key exchange in C for IoT and constrained devices

authentication c coap constrained-devices cryptography edhoc embedded ietf iot key-exchange oscore rfc9528 rfc9529 security zephyr

Last synced: 02 Apr 2026

https://github.com/agent-receipts/ar

Agent Receipts — cryptographically signed audit trails for AI agent actions. Protocol spec, SDKs (Go, TypeScript, Python), and MCP proxy.

agent-receipts ai ai-agents audit cryptography ed25519 golang mcp model-context-protocol python receipts security typescript verifiable-credentials w3c-vc

Last synced: 01 Jun 2026

https://github.com/marcopaga/plain-spring-on-kubernetes

A demo Spring Boot application using the Kubernetes infrastructure

helm kubernetes pulumi security spring-boot

Last synced: 27 Oct 2025

https://github.com/doyensec/imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

conversion converters image-processing imagemagick scanner security security-policies security-tools

Last synced: 29 Apr 2025

https://github.com/hegdepavankumar/cisco-asa-firewall-training

Welcome to our comprehensive Free Cisco ASA Firewall Training – the ultimate guide to mastering the art of network security. Whether you're a beginner looking to understand the basics or an experienced professional seeking advanced configurations, our hands-on course is tailored just for you.

asa asa-firewall cisco-asa cisco-firewall-training firewall firewall-configuration firewall-management security statefull training

Last synced: 07 Feb 2026

https://github.com/pepelux/stuncheck

Set of tools to audit and exploit STUN/TURN servers

hacking penetration-testing pentesting security security-audit security-tools stun turn

Last synced: 26 Oct 2025

https://github.com/netflix-skunkworks/stethoscope-examples

Example Express application for collecting data from the Stethoscope app

security

Last synced: 09 Oct 2025

https://github.com/ait-testbed/attackbed

The AttackBed is a simulated enterprise network with numerous vulnerabilities. Attacks in this testbed are executed automatically and cover a variety of tactics and techniques of the MITRE ATT&CK enterprise framework.

aecid ai ait ansible atb attackmate dataset environment machine-learning openstack research security simulation terraform terragrunt testbed vulnerability

Last synced: 02 Mar 2026

https://github.com/zeroxjf/cve-2026-20687-applejpegdriver-uaf

CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)

apple arm64 cve-2026-20687 ios kernel poc security use-after-free vulnerability

Last synced: 03 Jun 2026

https://github.com/middlewares/honeypot

PSR-15 middleware to implement a honeypot spam prevention

honeypot http middleware psr-15 security spam-protection

Last synced: 01 Apr 2026

https://github.com/mbrg/talks

BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits

appsec blueteam bsides hacking infosec lowcode nocode owasp owasp-top-10 pentesting redteam rsac sans security

Last synced: 01 Feb 2026

https://github.com/moul/totp-keychain

:lock: TOTP cli backed by the OS X keychain

2fa authentication cli cryptography keychain mfa security totp

Last synced: 28 Apr 2025

https://github.com/openwall/phpass

Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5

bcrypt hash hashing password php security

Last synced: 09 Apr 2025

https://github.com/azure/azurekeyvault

R interface to Azure Key Vault

azure azure-key-vault azure-sdk-r r security

Last synced: 20 Oct 2025

https://github.com/wolfssl/wolfkeymgr

Secure key management service for middle-box decryption of TLS traffic

apache enterprise-transport-security ets key-management security ssl tls wolfcrypt wolfssl

Last synced: 27 Apr 2025

https://github.com/NodeSecure/report

NodeSecure HTML & PDF report generator for any public and/or private git repositories.

hacktoberfest nodejs report security security-tool

Last synced: 02 Aug 2025

https://github.com/stakater/stakaterplatform

Stakater platform provides out of the box stacks to control, monitor, log, trace and security for applications deployed on kubernetes using CI/CD pipelines.

ci-cd logging monitoring security tracing

Last synced: 10 Aug 2025

https://github.com/torden/ngx_hidden_signature_patch

Just! a Hide Server Signature of Nginx Web Server in response header and in response error

hidden-version nginx patch security

Last synced: 18 Jan 2026

https://github.com/feross/security

Security Policies and Procedures for @feross projects

disclosure javascript nodejs policy report security

Last synced: 13 Sep 2025

https://github.com/org-metaeffekt/metaeffekt-universal-cvss-calculator

A TypeScript implementation of CVSS 2.0, 3.0, 3.1 and 4.0, alongside a web application for calculating scores for multiple CVSS vectors simultaneously.

calculator cve cvss cvssv2 cvssv3 cvssv4 javascript library security typescript webapplications

Last synced: 12 Jan 2026

https://github.com/ajayrandhawa/visual-basic-scripts

Visual Basic Scripts Utilities. Fun, Automation, Fundamentals. With the help of these scripts, I develop lots of Exploits which I'm used for automation system tasks. these vb scripts I am also used for system security exploitation.

automation basic exploitation fun fundamentals hacking-tool project scripts security tutorials vb-script visual visual-basic

Last synced: 03 Jan 2026

https://github.com/mk-fg/git-nerps

Tool to encrypt and manage selected files (or parts of files) under git repository

convenience cryptography git nacl python secret-storage security tool

Last synced: 26 Oct 2025

https://github.com/opserva-io/auth-rs

Authentication and authorization service, written in Rust

audit audit-trails authentication authorization docker json mongo mongodb rust rustlang security

Last synced: 09 Apr 2025

https://github.com/robertdebock/ansible-role-auditd

Install and configure auditd on your system.

ansible auditd molecule monitoring playbook security system tox

Last synced: 17 Mar 2026

https://github.com/ms-luf/manage-adshadowgroup

A simple Powershell Module to help people managing Active Directory Shadow Group

active-directory groups ldap ldap-library powershell powershell-gallery powershell-module security

Last synced: 14 Jul 2025

https://github.com/bit4mind/anon-service

Transparent proxy through Tor with optionally DNSCrypt and Anonymized-DNS feature enabled.

anonymity anonymized anonymized-dns dns dnscrypt dnscrypt-proxy iptables privacy proxy security shell tor transparent-proxy unbound

Last synced: 18 Apr 2025

https://github.com/buskill/awesome-buskill-triggers

Antiforensic actions to secure your device if it's physically stolen from you

anti-forensics deadmanswitch infosec opsec security tripwire

Last synced: 05 Mar 2026

https://github.com/gredler/aegis4j

A Java agent that disables platform features you don't use, before an attacker uses them against you.

devsecops java java-agent security

Last synced: 14 Jan 2026

https://github.com/snej/secret-handshake-cpp

SecretHandshake secure connections in C++, with Cap'n Proto support

capnproto cplusplus cryptography networking security

Last synced: 07 May 2025

https://github.com/grapheneos-archive/kernel_google_crosshatch

Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL kernel sources.

android blueline bonito crosshatch grapheneos sargo security

Last synced: 04 Oct 2025