An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/sparkpost/auditmated

Automated npm auditing

bash npm security sp-utils

Last synced: 24 Apr 2025

https://github.com/metemaddar/django_hide

Django package to hide from wappalyzer

django security

Last synced: 14 Jan 2026

https://github.com/lapwat/secure-open

A Docker environment to securely open images, videos, sounds and more.

docker security video

Last synced: 08 Jul 2025

https://github.com/axafrance/auth-worker

Make Oidc authentication easy with a cross-framework / service worker solution

axa oidc security service-worker typescript

Last synced: 12 Oct 2025

https://github.com/robertdebock/ansible-role-selinux

Install and configure selinux and its required libraries on your system.

ansible molecule playbook security selinux system tox

Last synced: 24 Apr 2025

https://github.com/indeedsecurity/carbonbeat

event shipper for Carbon Black Defense notifications

beats carbonblack libbeat security

Last synced: 14 Jan 2026

https://github.com/shsingh/blackhat-tools

This repository contains tools made by completing exercises from various books on blackhat programming. The intent is to learn writing software in Typescript, Go, Rust and Python

blackhat go hacking pentesting redteam rust security typescript

Last synced: 11 Apr 2025

https://github.com/Markdown-Bug-Bounty-Recon/Markdown-Bug-Bounty-Recon

A recon Framework for Bug Bounty Hunters that would convert the output of a script into Markdown syntax document, which would help them to make better notes, have everything in one document, or concentrating on one domain.md document.

bug-bounty bugbounty security security-tools

Last synced: 12 Jul 2025

https://github.com/chriskalix/emergency-check

A simple tool to do linux emergency check

emergency-alert emergency-check linux python3 security security-tools

Last synced: 26 Mar 2025

https://github.com/Egida-Kassandra/egida

Automatically deploying highly secure infraestructures with early error detection

ansible ansible-playbook ansible-role automation cis cis-benchmark dsl egida harden hardening network-security security

Last synced: 10 Sep 2025

https://github.com/oven-sh/security-scanner-template

Template for authoring Bun install security scanners

bun install security

Last synced: 26 Feb 2026

https://github.com/alifanov/scopegate

AI Access Proxy Layer — granular permission gateway for AI agents. Connect services, define scopes, get an MCP endpoint.

ai-agents llm llm-ops scope security

Last synced: 04 Apr 2026

https://github.com/egida-kassandra/egida

Automatically deploying highly secure infraestructures with early error detection

ansible ansible-playbook ansible-role automation cis cis-benchmark dsl egida harden hardening network-security security

Last synced: 04 Apr 2026

https://github.com/apache/security-site

Website sources for the Apache Security website

apache hugo security website

Last synced: 01 Mar 2026

https://github.com/synchro/wordhash

A PHP package for generating human-readable hashes

cryptography hacktoberfest hash php privacy security

Last synced: 27 Feb 2026

https://github.com/chukwuemekaaham/google-it-support-portfolio

This is a professional training designed by Google with 5 courses. This program also prepares one for the CompTIA A+ exams, the industry standard certification for IT

active-directory backup consultation customer-support disaster-recovery hardware infrastructure-services ldap networking openldap operating-systems security system-administration ticketing troubleshooting

Last synced: 02 Apr 2026

https://github.com/rifuki/dokuru

Agent-based Docker security audit platform with CIS Benchmark v1.8.0 compliance. Real-time WebSocket monitoring, automated vulnerability scanning, and interactive remediation

audit cis-benchmark compliance container container-security docker security

Last synced: 28 Jun 2026

https://github.com/fenix-hub/godot-engine.otp

Godot Engine plugin to generate RFC4226 and RFC6238 compliant One Time Passwords in GDScript.

2fa auth gdscript godot godot-engine hotp mfa otp security totp

Last synced: 05 Mar 2026

https://github.com/whiteshadow1234/picoctf_writeup

A beginner-friendly picoCTF guide—complete challenges using only the webshell, no Linux or VM needed!

ctf ctf-challenges ctf-solutions ctf-writeups picoctf picoctf-writeups picoctfsolutions security

Last synced: 09 Feb 2026

https://github.com/nzt48/exploiting-smart-contract-vulnerabilities

Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. Paper (in Serbian) with 5 examples of vulnerable smart contracts and exploitation of them.

ethereum exploitation hacking security smart-contracts solidity

Last synced: 21 Apr 2026

https://github.com/archetypum/thesuffocater

theSuffocater is an extensible module manager/collection on UNIX admin scripts that allows you to quickly harden your server and deploy services in few clicks.

bash bsd cybersecurity cybersecurity-tools foss gnu gnu-linux linux python python3 security security-automation security-tools server server-side shell unix

Last synced: 27 Feb 2026

https://github.com/m3nu/wp-audit

Audit the versions of your Wordpress sites to find old, vulnerable versions.

golang security security-audit security-tools wordpress

Last synced: 24 Oct 2025

https://github.com/fusion/crystalvault

A zero-knowledge server to store and share secrets: credentials, keys, etc.

browser crystal javascript pgp secret-management secrets security vault zero-knowledge

Last synced: 14 Apr 2025

https://github.com/jonathan-vella/architecting-for-success

This repository enables partners to help customers move with confidence with the right mix of skilling and resources to facilitate migration, modernization, and innovation with Azure OpenAI.

ai analytics azure cloudadoption migration networking openai openai-chatgpt security wellarc

Last synced: 07 Apr 2026

https://github.com/apocas/wireguarode

Wireguard with ACLs and TOTP 2FA

acls iptables javascript nodejs security vpn wireguard

Last synced: 03 Oct 2025

https://github.com/theakito/userdef

A more advanced adduser for your Alpine based Docker images.

alpine docker linux musl permissions security

Last synced: 10 Aug 2025

https://github.com/plumsydev/neptune-waf.app

Neptune is a Web Application Firewall that you can use to protect your domains against common attacks (XSS, SSRF, SQLI, Path Traversal) and many others, it also can be used to hide your web server backend IP and protect against most DDoS attacks, come visit us !

api api-security application ddos firewall http-proxy letsencrypt neptune neptunewaf owasp security tcp-proxy waap waf web web-application-firewall xss

Last synced: 13 Jan 2026

https://github.com/k4yt3x/ssh_config

K4YT3X's Hardened OpenSSH Client Configuration

hardening linux openssh security ssh

Last synced: 29 Oct 2025

https://github.com/ege-erdogan/splitguard

Supplementary code for the paper "SplitGuard: Detecting and MitigatingTraining-Hijacking Attacks in Split Learning"

machine-learning privacy security split-learning

Last synced: 13 Aug 2025

https://github.com/ventz/docker-dns-over-https

Docker Hub ventz/dns-over-https - DNS (tcp+udp 53) to CloudFlare and Google's HTTPS APIs

api dns dns-over-https https proxy security

Last synced: 16 Sep 2025

https://github.com/brucewind/cryptoppinndk

A repo for hiding encrypt algorithm working with CryptoPP.

android crypto cryptopp jni jni-android ndk security

Last synced: 15 Apr 2025

https://github.com/umutcamliyurt/Amnezichat

An encrypted and anti-forensic web chat server

anonymity anti-forensics counter-forensics forensics opsec privacy rust security

Last synced: 14 May 2025

https://github.com/dhruvpatel-7/loginregister-try

Login and register In Angular using Api , Validation , JWT token and refresh token

angular jwt-authentication refresh-token security

Last synced: 04 Oct 2025

https://github.com/josehelps/blackcert

Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also checks if any domain changes with that keyword look like a phishing domain.

certificate monitoring security

Last synced: 14 Apr 2025

https://github.com/cedricbonhomme/ip-link

Visualizing the relationships between different IP from network traffic capture.

circos network-traffic-capture pcap python security visual-analysis visualisation

Last synced: 14 Apr 2025

https://github.com/piaudonn/SecurityNotifications

Send security notifications to your users when something important happened on their accounts (such as new MFA methods, atypical travels, TAP usage...).

azure-ad azure-ad-identity-protection log-analytics-workspace security security-automation

Last synced: 15 Apr 2025

https://github.com/lazureykis/throttlecrab

High-performance GCRA rate limiter for Rust. Multi-protocol server (HTTP, gRPC, Redis/RESP) with advanced metrics, or embed as a minimal library. Self-tuning memory management 🦀

api-gateway api-protection cloudnative cloudnative-services ddos-protection docker gcra grpc microservices rate-limit rate-limiter rate-limiting rate-limits ratelimit ratelimiter ratelimiting redis rust security throttling

Last synced: 22 Aug 2025

https://github.com/canack/bad-mcp

10 intentionally malicious MCP servers that exploit protocol features to attack AI clients. For security research and defense testing.

ai-security llm-security mcp mcp-server model-context-protocol red-team rug-pull security security-research tool-posioning

Last synced: 08 Jul 2026

https://github.com/0xn0ne/sensitive-helper

基于正则表达式的本地文件敏感信息数据挖掘助手。Regular Expression Based Data Mining Assistant for Local File Sensitive Information.

aksk infomation jwt scanner security sensitive

Last synced: 11 Apr 2025

https://github.com/ongoingai/gateway

Headless, OpenAI-compatible AI gateway in Go. Multi-tenant auth, tracing, cost tracking, rate limits, and optional PII redaction. Single binary, self-hosted, audit-ready by design.

ai-gateway audit-logs cost-tracking go golang llm-gateway observability openai-compatible opentelemetry pii-redaction policy-enforcement privacy rate-limiting security tracing

Last synced: 24 Feb 2026

https://github.com/andrew-tsegaye/password_generator

A simple password generator app is a helpful tool for anyone who wants to improve the security of their online accounts and protect their sensitive information from potential breaches.

css3 html5 javascript password-generator security

Last synced: 28 Jul 2025

https://github.com/brndnmtthws/protect-yourself

A guide on how to protect your digital assets

digital-assets encryption phone privacy security yubikey

Last synced: 08 Mar 2026

https://github.com/rodnt/portswiggerlabs

Solutions from @PortSwigger labs

infosec portswigger portswigger-labs security websecurity

Last synced: 25 Jul 2025

https://github.com/volkansah/implementing-ai-systems-whitepaper

This whitepaper provides best practices and concrete examples for the secure implementation of artificial intelligence in web applications. It covers topics such as security, data protection, ethics, AI models and algorithms, development process, user training, and regulation.

ai api artificial-intelligence artificial-neural-networks chatgpt gpt gpt4 how-to security whitepaper whitepapers

Last synced: 12 Sep 2025

https://github.com/krishpranav/sniff

A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

attack attack-defense attack-surface attack-surfaces bugbounty go golang recon reconnaissance scanner security web-security

Last synced: 14 Apr 2025

https://github.com/theAkito/userdef

A more advanced adduser for your Alpine based Docker images.

alpine docker linux musl permissions security

Last synced: 21 Mar 2025

https://github.com/krishpranav/sshpot

A simple ssh honey pot, fake ssh server that lets anyone to connect and monitor their activty

go golang honeypot security security-tools ssh

Last synced: 14 Apr 2025

https://github.com/kuntoaji/enkrip

encrypt & decrypt Active Record attributes with Message Encryptor

activemodel activerecord activesupport decryption encryption gem message-encryptor ruby ruby-gem ruby-on-rails security

Last synced: 21 Jun 2025

https://github.com/sk3pp3r/devsecops-arsenal

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

cybersecurity devops devsecops devsecops-pipeline infrastructure sdlc security ssdlc

Last synced: 12 Jan 2026

https://github.com/jonhadfield/sts

Simplify working with AWS STS credentials and MFA

2fa aws aws-cli aws-sdk cli golang iam mfa security sts

Last synced: 15 Jul 2025

https://github.com/badchars/cve-mcp

23-tool MCP server for CVE & vulnerability intelligence. NVD, EPSS, CISA KEV, GitHub Advisory, OSV — unified in one server. Risk scoring, bulk triage, exploit search. 2 dependencies, runs with npx.

ai-security cisa claude cve cvss cybersecurity epss ghsa kev mcp model-context-protocol nvd osv pentesting security vulnerability vulnerability-intelligence

Last synced: 30 Jun 2026

https://github.com/samiahmedsiddiqui/prevent-xss-vulnerability

This WordPress plugin enhances website security by preventing Cross-Site Scripting (XSS) vulnerabilities. It blocks and encodes malicious characters in URLs, escapes HTML in `$_GET` variables, and provides customizable settings for website owners.

encoding escape-html reflected-xss-vulnerabilities reflective reflective-injection security security-vulnerability self-xss wordpress xss xss-detection xss-vulnerability

Last synced: 12 Apr 2025

https://github.com/badisi/auth-js

🛡️ Authentication and authorization support for web based desktop and mobile applications

angular auth authentication authn authorization capacitor cordova hybrid identity ionic mobile oauth oauth2 oidc openid openidconnect security web

Last synced: 12 Apr 2025

https://github.com/connectFree/ZigZag

Noise Framework implementation in Zig Language for use in EVER/IP and WireGuard

crypto cryptography ever ever-ip everip noise noise-protocol noise-protocol-framework security wireguard zig

Last synced: 06 May 2025

https://github.com/echo-devim/pyjacktrick

Python module hijacking POC

code-execution hijacking python security

Last synced: 27 Mar 2025

https://github.com/actions-rust-lang/audit

Audit Rust Dependencies using the RustSec Advisory DB

cargo-audit ci github-actions hacktoberfest rust rust-lang rustsec security

Last synced: 10 Apr 2025

https://github.com/chrissmartin/onvifscout

A comprehensive ONVIF device discovery and analysis tool that helps you find, authenticate, and examine ONVIF-compatible devices on your network.

hacktoberfest home-assistant home-automation onvif onvif-camera onvif-discovery pypi security security-camera

Last synced: 06 Jul 2025

https://github.com/codestates-seb/seb39_main_013

고오급 남성 쇼핑몰 STATE MALL 입니다 https://statemall.click/

jpa mysql react reactquery security spring-boot styled-components

Last synced: 13 Apr 2025

https://github.com/connorjburton/senvf

A secure & sensible replacement for process.env

javascript nodejs process-env security supply-chain

Last synced: 10 Jul 2025

https://github.com/pforret/bumpkeys

Upgrade your SSH keys for better security

bash bashew crypto ecdsa ed25519 rsa security security-audit ssh ssh-key

Last synced: 10 Apr 2025

https://github.com/dominicbreuker/goncat

netcat-like CLI tool with advanced features for bind/reverse shells

bind-shell golang offsensive-security pentesting port-forwarding pty reverse-shell security tunneling

Last synced: 11 Apr 2025

https://github.com/tomiok/vaultik

Vaultik is a cloud agnostic secret manager that helps developers to create, read, update and delete variables and easily export to a remote location or any cloud. Avoid using environment variables and these are fully encrypted.

cloud cloud-computing cobra encryption environment-variables go golang secret secret-management secrets secrets-management secure secure-storage security security-tools

Last synced: 28 Oct 2025

https://github.com/advanced-security/demo-java

GitHub Advanced Security scanning tutorial repository for Java

advanced-security demo devsecops example security static-analysis

Last synced: 12 Apr 2025

https://github.com/tspascoal/dependabot-alerts-helper

A set of (simple) scripts to help manage dependabot alerts

dependabot scripts-collection security

Last synced: 07 May 2025

https://github.com/alphaville/safemsg

SafeMessage - Secure web-based message exchange system

encryption javascript message-exchange secure-by-default security

Last synced: 10 Apr 2025

https://github.com/zeyu-li/tryhackme

Hacker Man 👨‍💻

hacking security tryhackme vulnversity writeups

Last synced: 19 Mar 2026

https://github.com/shayanzare/admin-page-finder

This is a simple script to finding website admin page.

admin-page-finder hacking hacking-tool ruby security

Last synced: 28 Mar 2025

https://github.com/mablanco/docker-reconftw

Docker image for reconftw, a simple script intended to perform a full recon on an objective with multiple subdomains

docker pentesting security

Last synced: 11 Jul 2025

https://github.com/psecio/rift

A vulnerable application for teaching the basics of web application security

application security teaching vulnerability

Last synced: 11 Apr 2025

https://github.com/firesphere/silverstripe-haveibeenpwnd

Check user passwords and emails against the HaveIBeenPwnd database

hacktoberfest haveibeenpwned password security silverstripe silverstripe-4 silverstripe-module

Last synced: 07 Oct 2025

https://github.com/vaibhavpandeyvpz/jweety

Simple JWT (RFC 7519) encoding/decoding and validation library, for PHP >= 5.3.

authentication jsonwebtoken jwt php security

Last synced: 24 Apr 2025

https://github.com/manavalan2517/login-and-register-system-in-python

This Python script is a comprehensive solution for managing user authentication, which includes both registration and login functionalities. It utilizes a local JSON file to store user credentials securely.

authentication interactive json py3 python realtime regex security terminal user-management

Last synced: 04 Jul 2025

https://github.com/tetratelabs/zta-demo-2022

Demo delivered at the 2022 ZTA and DevSecOps for Cloud Native Applications NIST conference

ngac security service-mesh wasm zero-trust

Last synced: 26 Apr 2025

https://github.com/schooloffreelancing/ubuntu-server-hardening

Ubuntu server hardening standards for defending ubuntu Linux systems and data against Cyberattacks. The best security measures GitHub repository based on CIS Benchmark.

cis-benchmarks firewall hackproof-ubuntu linux security ubuntu-hardening ubuntu-server-hardening

Last synced: 22 Apr 2025

https://github.com/tikajhq/passwrd.in

A secure & simple password generator, that makes life easy.

encryption hash password password-generator passwrd security security-tools sys-admin

Last synced: 27 Feb 2025

https://github.com/ypcrts/securemodelines

Secure alternative to Vim modelines. Maintained, active fork.

modeline security vim vim-modelines vim-plugin

Last synced: 09 Apr 2025

https://github.com/Archetypum/theSuffocater

theSuffocater is an extensible module manager/collection on UNIX admin scripts that allows you to quickly harden your server and deploy services in few clicks.

bash bsd cybersecurity cybersecurity-tools foss gnu gnu-linux linux python python3 security security-automation security-tools server server-side shell unix

Last synced: 24 Mar 2025

https://github.com/mishal/jwt

JWT (JSON Web Tokens) for PHP

json jwt php security webtoken

Last synced: 09 Mar 2026

https://github.com/ricco386/cyber501x-cybersecurity-fundamentals

RITx: CYBER501x Cybersecurity Fundamentals - Personal study notes

mooc security study-notes

Last synced: 12 Apr 2025

https://github.com/anatol/tang.go

Pure Golang implementation of server-side ECMR exchange functionality (Tang server)

clevis security tang

Last synced: 06 Jul 2025

https://github.com/ryru/hackingexposed

Kurs Hacking Exposed an Juventus Technikerschule HF

education hacking security websecurity

Last synced: 28 Apr 2025

https://github.com/dye-tech/gatekey

GateKey is a zero-trust VPN solution that wraps OpenVPN. Users authenticate via their company's identity provider (Okta, Azure AD, etc.) and get short-lived VPN credentials automatically. No passwords to remember, no certificates to manage.

helm identity-management kubernetes oidc openvpn security self-hosted sso vpn wireguard zero-trust

Last synced: 30 May 2026

https://github.com/built-fast/phpstan-sensitive-parameter

PHPStan extension for detecting parameters that should use SensitiveParameter

code-quality php phpstan phpstan-extension security sensitive-parameter static-analysis

Last synced: 13 Jan 2026

https://github.com/geritol/write-guard

Github Action to enforce file level write access for monorepos

access-control github-actions monorepos security

Last synced: 14 Jan 2026