An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/developmint/cipher-collection

Zero-dependency modular cipher collection including all well-known and often used ciphers

cipher cipher-collection crypto cryptography decode decrypt encode encrypt encryption javascript morse puzzle riddle security

Last synced: 07 May 2025

https://github.com/notashelf/ssa

Simple, streamlined and ✨ pretty ✨ aggregator for systemd-analyze security

aggregator security systemd

Last synced: 10 Apr 2025

https://github.com/mondoohq/ansible-mondoo

Ansible Role for Mondoo cnquery and cnspec

ansible policy policy-as-code security security-as-code

Last synced: 29 Jan 2026

https://github.com/execveat/flawed

Static analysis engine for Python web-applications

security security-tools static-analysis taint-analysis

Last synced: 22 Jun 2026

https://github.com/lambdapioneer/sloth

Key stretching and deniable encryption using Secure Elements on Android and iOS

android cryptography ios password-hashing security sloth

Last synced: 11 Oct 2025

https://github.com/henriquetourinho/brhttp

Um servidor estático em Go, superpoderoso. Oferece Live Reload, mas também automação de build com webhooks, proxy reverso e uma API de controle completa.

automation binario debian dev-server frontend go golang linux live-reload minimalist no-dependencies open-source performance reverse-proxy security spa static-server zero-config

Last synced: 04 May 2026

https://github.com/benavlabs/crudauth

Batteries-included, transport-agnostic authentication for FastAPI.

auth authentication backend fastapi security sqlalchemy

Last synced: 24 Jun 2026

https://github.com/infothrill/ansible-role-lynis

An Ansible role to install Lynis, an open source security auditing tool.

ansible ansible-role audit lynis security

Last synced: 11 Feb 2026

https://github.com/djx-y-z/libsignal_dart

Wrapper for libsignal, implementing the Signal Protocol for end-to-end encryption. Features Double Ratchet, X3DH, Sealed Sender, Group Messaging (SenderKey), and Kyber post-quantum key exchange. Optimized for Flutter and cross-platform applications (Android, iOS, Linux, macOS, Windows). AGPL-3.0 Licensed.

cross-platform cryptography dart double-ratchet encryption end-to-end-encryption flutter flutter-rust-bridge frb libsignal messaging privacy rust sealed-sender security signal-protocol x3dh

Last synced: 01 May 2026

https://github.com/open-sspm/open-sspm

Open-SSPM is a small “who has access to what” service. It syncs identities from Okta (IdP) and permissions from connected apps (GitHub, Datadog, AWS Identity Center). Demo: admin@admin.com / admin

security sspm

Last synced: 18 Apr 2026

https://github.com/khalidelboray/zap-api-raku

A Raku module for the OWASP ZAP API.

owasp raku raku-module security web-security zaproxy

Last synced: 01 Apr 2026

https://github.com/stratosphereips/security-datasets-for-testing

A set of security datasets for testing of tools and algorithms

cybersecurity dataset infosec infosectools netflow network-security security testing

Last synced: 22 Jan 2026

https://github.com/kardespro/nosqlmap

NoSQLMap CLI Tool is a command-line interface (CLI) tool designed to test for NoSQL injection vulnerabilities using Node.js, TypeScript, and Axios. It supports both HTTP and HTTPS requests and works with all HTTP methods.

exploit mongodb mongodb-database mongoose nosqlmap pentesting scan-tool security security-tools sqlmap

Last synced: 24 Oct 2025

https://github.com/theoomoregbee/angular4-auth

EVERYTHING YOU NEED TO KNOW ON SECURING YOUR ANGULAR 2+ SPA

angular-cli angular4 security single-page-app spa

Last synced: 09 May 2025

https://github.com/andreas-brunner/astro-mail-obfuscation

Protect email addresses, phone numbers and other sensitive data from bots scraping the source code of your Astro app.

astro astro-component astro-integration bot-protection email-obfuscation email-protection email-security encoding obfuscation security spam-protection utility utils withastro

Last synced: 14 Mar 2025

https://github.com/traycho/micronaut-security-attributes

Micronaut security attributes - secure your endpoints by validating authentication attribute using micronaut-security and a bit more. Library is not limited to any specific authentication method and is expected to work with supported authentication methods from micronaut.

attributes aws claims jwt jwt-authentication jwt-token lambda ldap-authentication micronaut security serverless tokens validation

Last synced: 11 Jan 2026

https://github.com/imranismail/cloudcreds

Secure access to your organization's AWS accounts for both programmatic and console use-case via federated identity and short-lived credentials

aws federated-identity google oauth oidc security

Last synced: 22 Apr 2025

https://github.com/pawamoy/django-cerberus-ac

Django Cerberus Access Control, extended permission system.

access control django ontology permissions role-based-access-control security

Last synced: 05 Jul 2025

https://github.com/outbit/pivportal

Secure Linux access using a PIV (HSPD-12), CAC, SmartCard, or x509 Client Certificate remotely without a physical card reader.

cac hspd-12 hspd12 linux-client pam-module piv pkcs11 security smartcard

Last synced: 24 Apr 2025

https://github.com/programarivm/easy-acl-bundle

Easy-to-use access control list (ACL) bundle in Symfony 5.

access acl bundle control list security symfony

Last synced: 13 Apr 2025

https://github.com/billyJoePiano/TenaPull

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk

java nessus security splunk

Last synced: 11 Jul 2025

https://github.com/itemic/rotacsufbo

did u know the name of the repo is obfuscator backwards?

android android-security javaparser mobile-security obfuscate obfuscation obufscator proguard security

Last synced: 26 Jun 2025

https://github.com/robertdebock/ansible-role-auto_update

Install and configure automatic package updates on your system.

ansible autoupdate molecule playbook security system tox

Last synced: 24 Apr 2025

https://github.com/emmaconnor/moria

Python library for interacting with in-memory C structures using data mined from binary DWARF debug info.

binary-exploitation c exploit exploit-development exploitation exploits offensive-security python security

Last synced: 11 Mar 2026

https://github.com/sebastienrousseau/password-generator-pro

A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords 🦀

cross-platform cross-platform-app passphrase-generator password-generator password-generator-pro rust security tauri tauri-app

Last synced: 21 Aug 2025

https://github.com/osirislab/fork-sentry

GitHub Action for detecting and alerting on suspicious forks of your repository

github-actions security

Last synced: 18 Jul 2025

https://github.com/jin5354/backstab

Bury latent information to your web page for confidentiality and track.

confidentiality screenshot security security-audit

Last synced: 13 Apr 2025

https://github.com/leopechnicki/im_robot

Reverse-CAPTCHA for AI agents — verify bots, not humans. Multi-framework (React, Vue, Svelte, Web Components). Zero dependencies. TypeScript.

ai-agent authentication bot-verification captcha react reverse-captcha security svelte typescript vue web-components zero-dependencies

Last synced: 22 May 2026

https://github.com/grapheneos-archive/device_google_coral-kernel

Pixel 4 and 4 XL kernel prebuilts.

android grapheneos privacy security

Last synced: 13 Aug 2025

https://github.com/cdpxe/hardenedlinux

Scripts of the Hardened Linux (HL) distribution: hardening scripts (HLHS) and package system (cpfos)

harden hardened-linux-scripts hardening linux linux-distribution linux-shell package-manager package-managers packet-system port-management security slackware system

Last synced: 23 Mar 2025

https://github.com/ivision-research/inzure

Azure security configuration automation tool and library

automation azure security vulnerability-detection

Last synced: 23 Jul 2025

https://github.com/rix4uni/techfinder

A high-performance technology detection tool built with Go, leveraging the projectdiscovery wappalyzergo library to identify web technologies and frameworks.

bug-bounty bugbounty bugbountytips hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools technology threat-intelligence

Last synced: 19 Jun 2026

https://github.com/toshke/aws-waf-demo-workshop

Workshop for demonstrating AWS WAF usage

api apigateway aws aws-waf cloud loadtesting security serverless workshop

Last synced: 07 Apr 2025

https://github.com/reverseapple/analysissuite

Utilities for reverse engineering Apple binaries

apple binary-analysis research reverse-engineering security tools

Last synced: 09 Apr 2025

https://github.com/mwiater/golangsignedbins

Learn binary signing and verification in Go for enhanced security. A concise guide for Golang developers on ensuring binary integrity.

golang rsa security

Last synced: 10 Apr 2025

https://github.com/blessedrebus/riscv-rop-testbed

A testbed for RISCV vulnerable binaries that aims to produce meaningful fingerprints recognizable by a Control Flow integrity Machine Learning Algorithm.

buffer-overflow riscv rop security

Last synced: 24 Jul 2025

https://github.com/riimu/kit-securerandom

Library for leveraging secure random generators

php php-library random-generation security uuid

Last synced: 25 Jul 2025

https://github.com/elijahhx/dead1ock-h4ck

"Dead1ock-h4ck" is an open-source project dedicated to exploring cybersecurity and ethical hacking techniques. The project aims to provide resources and tools for learning about network security, cryptography, and penetration testing.

cyber-defense cybersecurity cybersecurity-research dead1ock-h4ck exploit github hacking hacktivism infosec malware pentesting programming ransomware security technology vulnerability

Last synced: 23 Apr 2025

https://github.com/samerfarida/secure-bash-macos-ebook

A hands-on Bash scripting guide for macOS administrators and security engineers. Learn to automate, secure, and master macOS with real-world examples.

bash macos security

Last synced: 13 Jan 2026

https://github.com/capnspacehook/basp

A better way to manage software restriction policies, on Windows XP through 10

c-plus-plus security whitelisting windows

Last synced: 12 May 2025

https://github.com/ph-7/notallowed

🚫 NotAllowed 🚫 =>A lightweight library that helps you to censor words, profane words, banned IPs, banned bank accounts, etc.

ban ban-words banned blacklist censor censored-words check-words filter-words php72 profane profane-words security spam

Last synced: 09 Apr 2025

https://github.com/cipherstash/cipherstash-proxy-playground

A playground to experiment with CipherStash and our data security capabilities.

aws-dynamodb data-security dynamodb encryption postgres postgresql searchable-encryption security security-tools

Last synced: 07 May 2025

https://github.com/liangjfblue/go-keyserver

动态密钥服务器。带client端,server端使用demo

gin golang redis security

Last synced: 06 May 2025

https://github.com/robertdebock/ansible-role-sysstat

Install, start and enable sysstat on your system.

ansible molecule monitoring playbook security sysstat system tox

Last synced: 24 Apr 2025

https://github.com/sethvargo/go-malice

A malicious package to demonstrate the importance of software supply chain security.

dont-use-this-no-really security software-supply-chain

Last synced: 08 May 2025

https://github.com/littlenewton/ucas_exploit_practice

中国科学院大学,《漏洞利用与攻防实践》,霍玮

security ucas

Last synced: 27 Jul 2025

https://github.com/authress/authress-sdk.cs

The Authress SDK for C# provides authorization as a service with fully compatible REST apis.

authentication authorization authorization-backend authorization-framework authorization-middleware authorization-server authress nuget security

Last synced: 13 May 2025

https://github.com/m3ssap0/data-grabber

This is a simple PHP script that can be used as a cookie grabber / session stealer. It uses MySQL to store data in a structured way.

cookie-grabber cookie-stealer security security-tools session-grabber session-stealer

Last synced: 28 Jun 2025

https://github.com/jpmcb/pwnkit-go

Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go

cybersecurity infosec security

Last synced: 09 Aug 2025

https://github.com/ninoseki/simplewhatweb

Simplified ver. of WhatWeb

pentesting security

Last synced: 19 Jul 2025

https://github.com/bitsofinfo/vault-token-issuer

Simple REST API proxy and SPA for Hashicorp's Vault token auth method API(s), specifically create-orphan

ci-cd hashicorp-vault proxy security token-based-authentication vault

Last synced: 01 Nov 2025

https://github.com/dolmen-go/mylogin

Utilities for reading and writing MySQL' ~/.mylogin.cnf (encrypted MySQL client credentials storage)

credentials encryption golang-library mylogin mysql mysql-client security

Last synced: 12 Jun 2025

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/fvinas/tf_aws_lambda_ip_whitelist

An AWS Lambda-based mechanism to allow temporary IP whitelisting via security groups

aws-ec2 aws-lambda aws-security-group infrastructure lambda-functions security terraform-module whitelist

Last synced: 14 Apr 2025

https://github.com/kovart/forta-spam-detector

Advanced spam detector powered by Forta Network

blockchain detector erc1155 erc20 erc721 ethereum forta phishing scam security spam token

Last synced: 15 Apr 2025

https://github.com/dajiaji/flask-paseto-extended

PASETO (Platform-Agnostic Security Token) for Flask applications.

flask flask-extension jose jwt paseto past python security token

Last synced: 23 Apr 2025

https://github.com/hcl-tech-software/appscan-sast-action

Integrate static security testing with HCL AppScan on Cloud using GitHub Actions

action appscan github github-actions sast scanning security security-automation security-scanner security-testing security-tools

Last synced: 31 Aug 2025

https://github.com/ayemunhossain/python-for-security

This is a repository is about implementing security concept with python.

devsecops python python3 security

Last synced: 25 Jul 2025

https://github.com/ayushn21/bridgetown-content-security-policy

A Bridgetown plugin to add a Content Security Policy in a meta tag

bridgetown bridgetown-plugin content-security-policy security

Last synced: 14 Apr 2025

https://github.com/divineomega/php-password-cracker

PHP package to crack passwords

password password-cracker php security

Last synced: 25 Jul 2025

https://github.com/trvswgnr/crab-snitch

Get an alert on macOS if an application accesses your microphone or webcam.

macos personal security

Last synced: 08 Sep 2025

https://github.com/mwolff44/pi-secured-setup

Secure setup and permission hardening extension for the Pi coding agent.

coding-agent hardening permissions pi pi-extension policy security skill-verification

Last synced: 06 Jul 2026

https://github.com/aw-junaid/security-and-hacking

Explore ethical hacking and security: penetration testing, vulnerability scanning, and exploit development. Includes tools, scripts, and hands-on labs.

ethical-hacking exploit hacking penetration-testing security vulnerabilities vulnerability-scanners

Last synced: 08 Jan 2026

https://github.com/riotkit-org/gpbkdf2

PBKDF2 key encoder for use in shell. Single, tiny binary. Written in Go.

aes aes-256 aes-256-cbc cbc cbc-mode crypto go openssl pbkdf2 pbkdf2-cli security

Last synced: 02 Aug 2025

https://github.com/rix4uni/portmap

portmap is a fast portscan tool, uses shodan public data for port scan used internetdb.shodan.io and api.shodan.io/shodan/host

bug-bounty bugbounty bugbountytips hacking infosec internetdb osint osint-resources penetration-testing pentest-tool pentesting port-enumeration portscanner recon reconnaissance scan-ports security security-tools shodan threat-intelligence

Last synced: 28 Aug 2025

https://github.com/louib/challenge-response

Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust.

authentication challenge-response encryption hmac hmac-sha1 nitrokey onlykey otp security yubico yubikey

Last synced: 24 Mar 2025

https://github.com/quenty/dns-drone-project

Drone simulation of adhoc networks in Roblox for Data and Network Security class at UNL

adhoc-networks drone lua roblox security

Last synced: 02 Aug 2025

https://github.com/lreimer/secure-devex22

Demo repository for my talk at the Heise Developer Experience 2022 conference.

checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api

Last synced: 02 Aug 2025

https://github.com/therootcompany/base62-token.js

Generate & Verify GitHub-style & npm-style Base62 Tokens

base62 base62-encoding github-tokens-generator npm-tokens-generator security

Last synced: 17 Jul 2025

https://github.com/haccer/xmail

Go tool that detects which email addresses have domains which are able to be registered

account-takeover bug-bounty bugbounty cyber email go golang infosec osint pentesting redteam redteam-tools security

Last synced: 14 Mar 2026

https://github.com/ezshine/carefullyopenurl

A Chrome extension that helps users browse the web more safely by adding confirmation steps before opening any links.

chrome-extension security

Last synced: 01 Sep 2025

https://github.com/csm-actions/approve-pr-action

GitHub Action to approve pull requests securely

github-actions oss security

Last synced: 13 May 2025

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/karmadeb/lockloginreborn

LockLoginReborn, is a rework of the LockLogin plugin. This plugin allows server owners to keep their server and players safe, LockLogin is an inteligent plugin which also parches some of the very known exploits to bypass login systems.

bungeecord java login plugin security spigot

Last synced: 01 Oct 2025