An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/patrickfav/bkdf

BCrypt based key derivation function to improve BCrypt as a cryptographic primitive for password hashing and key derivation

bcrypt cryptography hkdf java kdf password security

Last synced: 09 Apr 2025

https://github.com/marcominerva/dataprotectionsample

This example shows how to use the DataProtection APIs with ASP.NET Core

aspnetcore cryptography csharp data-protection dotnet minimal-api security

Last synced: 09 Apr 2025

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026

https://github.com/dotcoocoo/hermitstash

Post-quantum encrypted, self-hosted file sharing. ML-KEM-1024 + P-384 hybrid crypto, zero plaintext on disk, one-command deploy. 🦀

argon2 cryptography docker encryption end-to-end-encryption fido2 file-sharing file-upload ml-kem nodejs passkeys post-quantum privacy security self-hosted sqlite webauthn xchacha20 zero-dependency zero-knowledge

Last synced: 26 Jun 2026

https://github.com/melardev/c_win32_bindshell_sync

BindShell written in C using Win32API and blocking sockets

bind-shell c networking pipe poc process-pipes reverse-shell security shell socket win32 win32api

Last synced: 13 Apr 2025

https://github.com/nimdy/selks-install-from-source

How to install SELKS in Azure and AWS cloud services and pretty much anywhere with a internet connection

aws azure elasticsearch how-to kibana logstash monitoring network nsm security suricata

Last synced: 11 Mar 2026

https://github.com/blank-query/lazyVPN-for-Omarchy

LazyVPN is an Omarchy VPN manager for WireGuard connections. It replaces manual systemd-networkd configuration with a fast, keyboard-driven TUI featuring killswitch, auto-recovery, and Waybar integration.

linux mullvad-vpn omarchy omarchy-linux privacy protonvpn security tui vpn vpn-manager wireguard wireguard-ui wireguard-vpn

Last synced: 07 Feb 2026

https://github.com/mondoohq/terraform-provider-mondoo

Terraform Mondoo provider

security terraform

Last synced: 02 Apr 2026

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/appsflyer/srealip

Go package for securely extracting HTTP client's real public IP

go golang http ip security

Last synced: 10 Oct 2025

https://github.com/edsoncelio/ctf-guide

Information guide about CTF: https://edsoncelio.github.io/ctf-guide/

computer-engineering criptography pentest security

Last synced: 06 Feb 2026

https://github.com/emilioforrer/go-stack

Production-ready Go scaffold template with clean architecture, lifecycle-managed dependency injection (samber/do), HTTP server (net/http + Huma/OpenAPI), CLI scaffolding, 45+ AI agent skills for Claude/Copilot/OpenCode, and built-in DevOps security tooling.

agentic-coding ai-agent ai-skills claude clean-architecture cli code-quality codex copilot dependency-injection go golang microservices openapi opencode production-ready security starter-kit template vertical-slice-architecture

Last synced: 30 May 2026

https://github.com/netlify/plugin-csp-nonce

Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.

csp netlify security

Last synced: 26 Oct 2025

https://github.com/ebrasha/abdal-security-headers

Abdal Security Headers is a powerful WordPress plugin that enhances your website's security through HTTP security headers. It provides an easy-to-use interface for managing security policies and protecting against common web vulnerabilities.

abdal abdal-security-group ebrahim-shafiei ebrasha hsts security security-headers wordpress wordpress-plugin wp

Last synced: 26 Jan 2026

https://github.com/shinesolutions/aem-test-suite

AEM infrastructure test suite covering acceptance, recovery, security guideline testing scenarios

acceptance aem aem-opencloud performance recovery security testing

Last synced: 06 Mar 2026

https://github.com/hxsecurity/dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.

applicationsecuritymonitoring devsecops django dongtai dongtai-iast security

Last synced: 26 Apr 2025

https://github.com/rsclarke/terraform-cloudflare-fastmail-email

MX, SPF, DKIM and DMARC records with MTA-STS policy for email hosted by Fastmail

cloudflare dkim dmarc email mta-sts mx security spam-protection spf terraform

Last synced: 04 Apr 2026

https://github.com/theruziev/security_interface

Simple API for authentication and authorization.

python-3-6 python-asyncio security

Last synced: 17 Mar 2026

https://github.com/patricktulskie/concuss

Throw a bunch of headers at a web app and see what sticks

malformed-headers pentest ruby security security-auto security-tools testing webapp-security

Last synced: 28 Apr 2025

https://github.com/born05/craft-enforcepassword

Craft plugin for incrementally enforced new and secure passwords.

craftcms craftcms-plugin security

Last synced: 10 Apr 2025

https://github.com/0xbitx/dedsec_shred

DEDSEC_SHRED is a Linux-based tool for securely erasing files and directories

delete encryption-decryption file-shredder files linux-tool remove security

Last synced: 08 Feb 2026

https://github.com/alexfrancow/gomitm

:construction: An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers written in go.

go golang http https martian mitm proxy security tcp

Last synced: 14 Oct 2025

https://github.com/kevinrabun/judges

MCP server with specialized judges to evaluate AI-generated code for security, cost, scalability, cloud readiness, and best practices.

ai-agent ai-code-review ai-generated-code code-quality code-review judge mcp mcp-server security software-architecture static-analysis typescript

Last synced: 05 Apr 2026

https://github.com/getarcis/arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss

Last synced: 06 Jun 2026

https://github.com/elliotwutingfeng/passwordsim

passwordsim lets you search for passwords similar to your specified password in any passwords dataset. The similarity metric used is the Damerau-Levenshtein distance.

cybersecurity damerau-levenshtein data-breaches hacktoberfest haveibeenpwned osint password password-manager security

Last synced: 29 Apr 2025

https://github.com/ketsapiwiq/siem-infra

Vulnerability detection, OSquery, fully-fledged Wazuh ELK stack with Linux and Windows Wazuh + osquery enrollment via Ansible.

ansible elasticsearch kibana osquery security siem vulnerability-detection wazuh

Last synced: 23 Apr 2025

https://github.com/richbl/motion-surveillance

Ruby-based video security surveillance system using Motion (a software motion detector)

email image iot motion motion-detection motion-detector motion-surveillance ruby security surveillance video video-surveillance

Last synced: 10 Oct 2025

https://github.com/kos0ng/cves

Repository regarding my security research

cve exploit security

Last synced: 28 Jul 2025

https://github.com/cs-joy/blockchain_exploration

All about of Blockchain Technology - Especially about Data Privacy and Security

blockchain-technology cia data-privacy security

Last synced: 06 Feb 2026

https://github.com/kolteq/validating-admission-policies-pss

Kubernetes Pod Security Standards implemented using Kubernetes Validating Admission Policies. Support of Enforce Baseline and Restricted profiles natively with configurable policy exclusions.

compliance kubeapt kubernetes pod-security pod-security-admission security validating-admission-policy

Last synced: 04 Feb 2026

https://github.com/fivexl/terraform-aws-ssl-checker

Simple SSL check and expiring certificates reminder with additional DNS check and host availability check.

heartbleed lambda security ssl terraform terraform-module tls tls-certificate-checker tls-scan tls13

Last synced: 09 Apr 2025

https://github.com/suuhm/log4shell4shell

Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell

checker hacking linux log4j log4j2 log4shell macos patch penetration-testing pentesting proof-of-concept scanner security tomcat vulnerability-scanners windows

Last synced: 03 May 2026

https://github.com/darxisr/cryline-v3.0

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.

aes-encryption assembly cplusplus dotnet encryption malware programming ransomware security source-code windows

Last synced: 16 Aug 2025

https://github.com/solomonkassa/nginx-automation

🚀 NGINX Automation Framework A comprehensive, enterprise-grade NGINX automation framework designed for high-availability, security-focused, and scalable web infrastructure deployment.

ansible ci-cd doker kubernetes nginx nginx-docker prometheus script security shell-script

Last synced: 03 Apr 2026

https://github.com/openwall/owl

Openwall GNU/*/Linux (Owl) is a small security-enhanced Linux distribution for servers. Owl has effectively reached its end-of-life, but its legacy lives on in a few other distributions (most notably, ALT Linux) and upstream projects. This is a tentative export of the Owl CVS repository into Git, which will possibly be redone later.

hardening linux security userland

Last synced: 09 Apr 2025

https://github.com/dragonbe/poc-webapp-vault

A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault

database mysql php proof-of-concept security vault webapp

Last synced: 16 Mar 2026

https://github.com/kumuluz/kumuluzee-security

KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.

cloud-native java javaee kumuluzee microservices oauth2 openid-connect security

Last synced: 17 Oct 2025

https://github.com/skx/mod_blacklist

A simple Apache module to blacklist remote hosts.

apache2 blacklist c firewall security

Last synced: 16 Mar 2026

https://github.com/liberzon/claude-hooks

Smart PreToolUse hook for Claude Code — decomposes compound bash commands and checks each sub-command against allow/deny permission patterns

bash claude-code claude-hooks cli security

Last synced: 20 Apr 2026

https://github.com/situ-vault/situ-vault

Simple toolbox for working with encrypted secrets

fyne golang kustomize-plugin secret-distribution secret-management security vault

Last synced: 14 Jan 2026

https://github.com/codeconut-ltd/wordpress-plugin-default-config

WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.

composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings

Last synced: 08 Oct 2025

https://github.com/yaleman/ocsf-rs

OCSF schema for Rust

ocsf rust security

Last synced: 04 Mar 2026

https://github.com/geniuszly/cve-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/didjacome/modules.azure

This repository aims to have modules and scripts created for Microsoft Azure administration

accounts assessment azure engineer management powershell rbac resources security snapshot

Last synced: 17 Jan 2026

https://github.com/hrchlhck/kubemon

A tool for distributed container monitoring over Kubernetes.

docker kubemon kubernetes monitoring-tool security

Last synced: 01 Apr 2026

https://github.com/ahliweb/awcms

AWCMS (AhliWeb Content Management System) — an enterprise-grade, multi-tenant, ABAC-secured CMS built with React, Supabase, and modern web architecture.

abac audit-log cloudflare cms cms-framework enterprise-cms headless-cms multi-tenant postgresql react rls saas security supabase vite workflow-engine

Last synced: 08 Mar 2026

https://github.com/imagemlt/easyscanner

distributed cms fingerprint scanner using celery with redis

scanner security security-tools

Last synced: 13 Apr 2025

https://github.com/fiware/tutorials.roles-permissions

:closed_book: FIWARE 402: IDM - Application Roles and Permissions

fiware fiware-keyrock identity-management security tutorial

Last synced: 30 Apr 2025

https://github.com/aran112000/nope-php

Nope! A lightweight tool for monitoring your log files and dynamically blocking nuisance or malicious IPs based on easy to define, dynamic rules which you control

anti-bot attack-prevention ban-hosts ban-management ips linux log-analyzer monitoring php php-cli rate-limiting security

Last synced: 22 Apr 2025

https://github.com/rabbit-company/passwordgenerator-js

Password generator implemented in JavaScript (ES6).

generator password security strength

Last synced: 13 Jul 2025

https://github.com/itszeeshan/subdomainx

all-in-one subdomain enumeration and reconnaissance tool designed for modern cybersecurity professionals, penetration testers, and security researchers.

amass assetfinder bug-bounty cybersecurity dnsrecon findomain hacking httpx infosec nmap offensive-security osint penetration-testing port-scanning reconnaissance red-team security security-tools subdomain-discovery subfinder

Last synced: 09 Sep 2025

https://github.com/kerberjg/chillinode

Node.js-based captive portal system for Linux

captive-portal linux network-management nodejs openwrt security

Last synced: 11 Apr 2025

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/sakryukov/storage-free-pass

Storage-Free Pass is a generator of highly secure passwords based on cryptographic hash and master password, which should be memorized; no password storage is involved

authentication criptographic-hash cryptography css html javascript security

Last synced: 07 May 2025

https://github.com/grapheneos-archive/kernel_msm-extra-coral

Kernel audio drivers for the Pixel 4, Pixel 4 XL and Pixel 4a.

android grapheneos security

Last synced: 13 Apr 2025

https://github.com/Peco602/dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

docker dvwa ethical-hacking security ssl

Last synced: 21 Mar 2025

https://github.com/spaze/security-txt

security.txt (RFC 9116) generator, parser, validator

generator parser security security-txt securitytxt validator

Last synced: 06 Apr 2026

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/spiral/security

[READ ONLY] RBAC security layer based on NIST definition, role/rule/permission associations, bulletproof. Subtree split of the Spiral Security component (see spiral/framework)

nist rbac security spiral

Last synced: 28 Oct 2025

https://github.com/nearata/flarum-ext-twofactor

A Flarum extension. Allow your users to enable two factor authentication.

flarum flarum-extension security two-factor

Last synced: 10 Apr 2025

https://github.com/weixian-zhang/fuzzie

A VSCode GUI-based fuzzer for Rest API and GraphQL

fuzzing python3 rest-api security vscode-extension

Last synced: 30 Dec 2025

https://github.com/oktsec/oktsec

Security layer for AI agent-to-agent communication. Every message is signed, inspected, and logged. If it doesn't comply, it doesn't pass. No LLM. No cloud. Single binary. Your infra, your data.

ai-agents audit ed25519 golang identity inter-agent mcp open-source proxy security

Last synced: 02 Apr 2026

https://github.com/nilportugues/php-uuid

Use this class to encapsulate the latest and more secure Uuid versions

composer php php7 secure security uuid uuid-generator uuid4 uuid5

Last synced: 14 Jul 2025

https://github.com/mchmarny/sds-demo

Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain

demo devops gcp sds security supply-chain

Last synced: 05 Aug 2025

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/vdlp/oc-csrf-plugin

Adds CSRF protection to October CMS frontend.

csrf october-cms october-plugin octobercms php security

Last synced: 12 Apr 2025

https://github.com/hahwul/zaproxy-ruby

A Ruby Implementation and Library for Easy Utilization of ZAP API

ruby ruby-gem security zap zaproxy

Last synced: 12 May 2025

https://github.com/jwilk/fuzzing

Jakub's fuzzing goodies

fuzzing security

Last synced: 12 Apr 2025

https://github.com/rm3l/container-scan-to-sarif

Converts Azure Container Scan Action output to SARIF, for an easier integration with tools like GitHub Code Scanning

container-scanning go golang sarif sarif-report security

Last synced: 26 Mar 2025

https://github.com/janloebel/nipca

Network IP Camera Application Programming Interface (NIPCA) - Client

client ip-camera ipcamera javascript nipca node security

Last synced: 15 Jul 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/strmprivacy/data-plane-helm-chart

Care about your data leaving your VPC/environment in SaaS mode? With our self-hosted option you can run our privacy focused Data Plane in your own Kubernetes Cluster. Just (1) sign-up, (2) request a self-hosted installation, (3) use our values.yaml on your own k8s clusters and (4) run your (customer) data inside your own cloud like 🪄

charts data helm kubernetes privacy security

Last synced: 23 Jun 2025

https://github.com/tankerhq/sdk-python

Tanker Python SDK - mirror of https://gitlab.com/TankerHQ/sdk-python

cryptography encryption end-to-end privacy python sdk security tanker

Last synced: 09 Sep 2025

https://github.com/john-b-yang/course-dev

Personal repository of teaching material

databases pedagogy security software-development

Last synced: 15 Jun 2025

https://github.com/adrianmoisey/sitescanners

A few services that scan websites and return useful information.

hacktoberfest http2 ipv6 readme security ssl webdev

Last synced: 16 Jan 2026

https://github.com/petr-panteleyev/password-manager

Desktop application to keep passwords and other sensitive information

aes-256 desktop-application java java-24 javafx javafx-application password-manager security

Last synced: 29 Apr 2025

https://github.com/przemub/cysectool

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph.

optimization security

Last synced: 17 Jan 2026

https://github.com/fodinabor/esposecsignauth

Module for EspoCRM that uses SecSign for Two-Factor Authentication.

2fa espocrm security

Last synced: 01 Aug 2025

https://github.com/turbot/steampipe-mod-snowflake-compliance

Run individual controls or full compliance benchmarks across all of your Snowflake accounts using Powerpipe and Steampipe.

compliance hacktoberfest powerpipe powerpipe-mod security snowflake snowflakedb steampipe steampipe-mod

Last synced: 11 Jul 2025

https://github.com/luketainton/pwnedpw

Checks if your password has been leaked.

password pwned pwned-passwords pwnedpasswords security

Last synced: 30 Apr 2025

https://github.com/reconmap/mobile-client

React-native based mobile client for Reconmap

android infosec mobile pentesting react-native security vulnerabilities

Last synced: 10 Sep 2025