An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/passmarked/ssl

Rules that relate to checking the SSL configuration of each individual resolved server from the domain to ensure locked down config with the broadest compatibility

attack certificate chain cipher compatibility passmarked root-certificate security ssl ssl2 ssl3 standards tls tlsv1 vulnerability

Last synced: 09 Jul 2025

https://github.com/anthonyharrison/sbom-manager

Manage collection of SBOMs (Software Bill of Materials)

cyclonedx devsecops sbom sbom-repository sbom-tool security spdx vulnerabilities

Last synced: 11 Apr 2025

https://github.com/bitsofinfo/vault-token-issuer

Simple REST API proxy and SPA for Hashicorp's Vault token auth method API(s), specifically create-orphan

ci-cd hashicorp-vault proxy security token-based-authentication vault

Last synced: 01 Nov 2025

https://github.com/bocaletto-luca/super-info

Super Info is a comprehensive, text-based utility for system administrators on Ubuntu and other Debian-based distributions. It provides essential security, monitoring and system checks via a custom ASCII interface with colors (when supported). By Bocaletto Luca

bash cli debian linux security shell-script sysadmin system-info system-monitoring ubuntu

Last synced: 18 Jun 2025

https://github.com/demimarie/sliprock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 18 Jun 2025

https://github.com/brittonhayes/citadel

A family of Security Operations micro services built with go-kit

golang microservice secops security

Last synced: 27 Mar 2025

https://github.com/alexkander/loopback-socket

Loopback module for create Socket.io connections and allow call methods and make subscriptions

auth events express expressjs io loopback realtime security socket strongloop subscription websocket

Last synced: 14 Oct 2025

https://github.com/xtonousou/cis-bench-centos8

CIS Benchmark v1.0.0 - Level 1 Server - CentOS 8 automation

assessment bash benchmark centos centos8 cis cis-benchmark hardening linux security

Last synced: 30 Oct 2025

https://github.com/elementsinteractive/sheriff

Sheriff is a tool to scan repositories and generate security reports.

dependency-scanning security security-audit security-tools vulnerability-scanner

Last synced: 12 Jan 2026

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/badr-1/steganography-cryptography

Console App That Uses Cryptography And Steganography To Embed/Extract Secret Message In/From an Image

encryption kotlin lsb-steganography security xor-encryption

Last synced: 13 Apr 2025

https://github.com/volkansah/modsecurity-rule-to-block-sql-injection-attacks-in-php

Example: ModSecurity rule to block SQL injection attacks in PHP

php security waf

Last synced: 11 Apr 2025

https://github.com/sheepreaper/yk-csr-generator

YubiKey CSR Generator: A robust CLI tool that enables users to produce Certificate Signing Requests (CSRs) leveraging YubiKey devices. Comes with enhanced attributes configuration, broad hash algorithm support, and versatile output options. Aimed at providing a seamless, secure, and efficient experience for CSR creation.

authentication certificate cli-tool csharp csr digital-signature dotnet encryption hardware-token open-source piv pki security yubikey

Last synced: 20 Mar 2025

https://github.com/cnmenghan/quietdirtozipfile

Silently save a directory as a zip file using the Console.

audit backup compress convenient file-management network-security package-files security

Last synced: 07 May 2025

https://github.com/3ndg4me/gortscanner

Simple port scanner rewritten in go

golang hacking hacktoberfest portscanner security

Last synced: 16 Dec 2025

https://github.com/fortio/safecast

Go, safe from accidental overflow, number type conversions

conversions golang golang-library security

Last synced: 17 Jun 2025

https://github.com/jwilk/getenvy

LD_PRELOAD library to snoop on getenv() calls

security

Last synced: 12 Apr 2025

https://github.com/haikelfazzani/otp

🔐 Zero dependencies Deno/Bun/Node/Browser module for TOTP and HOTP generator based on RFC 6238 and RFC 4226 🗝️

2fa browser bun cryptography deno hotp nodejs one-time-password otp rfc-6238 rfc4226 security totp web-crypto web-cryptography-api

Last synced: 13 May 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/ahliweb/awcms

AWCMS (AhliWeb Content Management System) — an enterprise-grade, multi-tenant, ABAC-secured CMS built with React, Supabase, and modern web architecture.

abac audit-log cloudflare cms cms-framework enterprise-cms headless-cms multi-tenant postgresql react rls saas security supabase vite workflow-engine

Last synced: 08 Mar 2026

https://github.com/404notf0und/python-guide

Practice makes perfect

bugs coding python security tricks

Last synced: 12 Apr 2025

https://github.com/ufukty/ovpn-auth

Simple to use, easy to deploy 2FA login for OpenVPN servers

authentication golang openvpn password security totp two-factor-authentication

Last synced: 17 Jan 2026

https://github.com/vdlp/oc-csrf-plugin

Adds CSRF protection to October CMS frontend.

csrf october-cms october-plugin octobercms php security

Last synced: 12 Apr 2025

https://github.com/authzforce/fiware

FIWARE Generic Enabler for PDP/PAP support functions using an access control schema based on the XACML standard

authzforce fiware pdp security xacml

Last synced: 02 Jan 2026

https://github.com/googlechromelabs/web-identity-demos

Demos for identity on the web. Built by the Chrome Developer Relations team and friends.

authentication autofill demo passkeys security

Last synced: 09 Jul 2025

https://github.com/jenkinsci/defensics-plugin

Defensics plugin for Jenkins

security test

Last synced: 19 Jun 2025

https://github.com/darwintantuco/eslint-plugin-require-form-method

Disallow form tags without explicit method attribute

eslint eslint-plugin eslintplugin security

Last synced: 24 Apr 2025

https://github.com/fodinabor/esposecsignauth

Module for EspoCRM that uses SecSign for Two-Factor Authentication.

2fa espocrm security

Last synced: 01 Aug 2025

https://github.com/andiveloper/ts-rbac

Use ts-rbac if you need role-based access control in your TypeScript application, independent from your architecture.

jwt security ts typescript

Last synced: 06 May 2025

https://github.com/bocaletto-luca/bug-github-farms-points

Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially

bocaletto-luca bug farms github github-bug hack hacking points security yaml

Last synced: 27 Apr 2026

https://github.com/jwilk/fuzzing

Jakub's fuzzing goodies

fuzzing security

Last synced: 12 Apr 2025

https://github.com/habilelabs/cvss-v3.1-react

React CVSS v3.1 Base Score Calculator

cvss cvssv3 reactjs security security-vulnerability

Last synced: 20 Jun 2025

https://github.com/jbruchon/php_secure_auth

Secure user login/authentication template for PHP web applications

authentication pdo pdo-mysql php security

Last synced: 13 May 2025

https://github.com/adrianmoisey/sitescanners

A few services that scan websites and return useful information.

hacktoberfest http2 ipv6 readme security ssl webdev

Last synced: 16 Jan 2026

https://github.com/mchmarny/sds-demo

Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain

demo devops gcp sds security supply-chain

Last synced: 05 Aug 2025

https://github.com/dimon222/py-gitsshgen

Automatic generation of SSH keys for VCS

automation git hacktoberfest python security ssh vcs

Last synced: 29 Oct 2025

https://github.com/t94j0/polymorphic_compression_malware

Warning, this is malware. Don't do something stupid with it

hacking malware security

Last synced: 07 Mar 2026

https://github.com/tankerhq/sdk-python

Tanker Python SDK - mirror of https://gitlab.com/TankerHQ/sdk-python

cryptography encryption end-to-end privacy python sdk security tanker

Last synced: 09 Sep 2025

https://github.com/jonzeolla/lab-wifisecurity

A lab illustrating how some basic wifi hacking tools work.

information-security infosec lab security wifi-security

Last synced: 13 May 2025

https://github.com/globaleaks/globaleaks-eph-fs

An ephemeral ChaCha20-encrypted filesystem implementation using fusepy and cryptography suitable for privacy-sensitive applications, such as whistleblowing platforms.

chacha20 cryptography fuse-filesystem privacy security whistleblowing-software

Last synced: 14 Dec 2025

https://github.com/jsign/timing-attack

Timing attack proof-of-concept in Go

go security statistics timing-attack

Last synced: 18 Mar 2025

https://github.com/ebauman/simpleca

Simple PKI for developers.

certificates cli golang pki security tls

Last synced: 17 Jan 2026

https://github.com/exabrial/javax-security-cdi-extension

A CDI Portable Extension for Java EE 7 (and maybe 8) that allows you to use @RolesAllowed on CDI Beans and their Methods

cdi cdi-extension interceptors java java-ee-7 role-based-access-control security

Last synced: 11 Jan 2026

https://github.com/olliecheng/passwordbreachchecker

A small unofficial extension to check passwords you type in against the database at HaveIBeenPwned (Chrome only for now)

browser-extension chrome-extension extension password-security security

Last synced: 26 Jun 2025

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/hahwul/zaproxy-ruby

A Ruby Implementation and Library for Easy Utilization of ZAP API

ruby ruby-gem security zap zaproxy

Last synced: 12 May 2025

https://github.com/aran112000/nope-php

Nope! A lightweight tool for monitoring your log files and dynamically blocking nuisance or malicious IPs based on easy to define, dynamic rules which you control

anti-bot attack-prevention ban-hosts ban-management ips linux log-analyzer monitoring php php-cli rate-limiting security

Last synced: 22 Apr 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/ntdls/sqlpwaudit

An easy to use and scalable SQL password recovery/audit tool.

auditing cracking passwords security sql threading

Last synced: 14 Apr 2025

https://github.com/imagemlt/easyscanner

distributed cms fingerprint scanner using celery with redis

scanner security security-tools

Last synced: 13 Apr 2025

https://github.com/authress/authress-sdk.py

The Python Authress SDK provides authorization as a service with fully compatible REST apis.

authorization authorization-backend authorization-framework authorization-middleware authorization-server authorizationservice authress python security

Last synced: 13 May 2025

https://github.com/marcreichel/password-exposed-rule

Laravel Validation rule to check that a password hasn't been exposed

data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation

Last synced: 13 Jan 2026

https://github.com/didjacome/modules.azure

This repository aims to have modules and scripts created for Microsoft Azure administration

accounts assessment azure engineer management powershell rbac resources security snapshot

Last synced: 17 Jan 2026

https://github.com/middlewares/recaptcha

PSR-15 middleware to use Google reCAPTCHA for spam prevention

http middleware prevention psr-15 recaptcha security

Last synced: 06 May 2025

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/cihatsolak/net7-jwt-token

Main project is audience dependent on access to other api projects. I am providing information about the structure and architecture of the jwt token.

entity-framework-core jwt-token migration net7 nlayer-architecture security webapi

Last synced: 06 May 2025

https://github.com/chriszarate/know-your-deps

Picks a random dependency from your project and splains it to you.

npm security vulnerabilities

Last synced: 20 Aug 2025

https://github.com/lytexdev/seal-pi

🦭 Seal-Pi: Security Camera 🦭

camera flask raspberry-pi seal-pi security

Last synced: 13 Apr 2025

https://github.com/geniuszly/cve-2022-44149

it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.

cve cve-2022-44149 cybersecurity ethical-hacking exploit exploit-development linux payload penetration-testing poc privilege-escalation security vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/geniuszly/cve-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/aureq/cloud-maps.info

AWS Security Primer

audit aws cloud compliance map security

Last synced: 31 Oct 2025

https://github.com/turbot/steampipe-mod-snowflake-compliance

Run individual controls or full compliance benchmarks across all of your Snowflake accounts using Powerpipe and Steampipe.

compliance hacktoberfest powerpipe powerpipe-mod security snowflake snowflakedb steampipe steampipe-mod

Last synced: 11 Jul 2025

https://github.com/winnpixie/log4noshell

A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 ("Log4Shell").

apache cve log4j patch security vulnerability

Last synced: 11 Jul 2025

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/zuazo/encrypted_attributes-cookbook

Chef cookbook to install and load chef-encrypted-attributes gem.

chef cookbook credentials devops encrypted-attributes encryption gcm keys passwords pki plugin secrets security

Last synced: 13 Apr 2025

https://github.com/infineon/pkcs11-optiga-tpm

OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide

pkcs11 raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/fkie-cad/bidcos-security-doc

A documentation of the Bidcos (homematic) radio protocol with focus on practical security aspects

eq3 home-automation homematic security urh

Last synced: 06 May 2025

https://github.com/grottopress/samba

Single Sign On authentication for Lucky framework

authentication crystal lucky-framework oauth2 security sso

Last synced: 22 Apr 2025

https://github.com/derhuerst/generate-node-policy-file

Generate a Node.js policy file for your code.

json nodejs security

Last synced: 15 Apr 2025

https://github.com/bitdefender/hvmi-blog

A place where the HVMI team writes about memory introspection and other fun stuff.

hypervisor introspection reverse-engineering security virtualization virtualization-based-security

Last synced: 15 Apr 2025

https://github.com/hotaydev/enygmah

The only tool your project needs to guarantee security and quality. Open-source and free.

analysis application-security automated-testing dependency-analysis secops security security-audit security-automation security-tools

Last synced: 15 May 2025

https://github.com/jul10l1r4/identificador-cve-2018-11759

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing

Last synced: 16 May 2025

https://github.com/rarecoil/mqtt-packet-fuzzy

Radamsa-backed, hooked mqtt-packet for blind MQTT protocol fuzzing on Mac, Linux and Windows.

fuzzing mqtt mqtt-packet mqttjs radamsa security

Last synced: 01 Jul 2025

https://github.com/k3rnel-dev/katanaframework

Katana-Framework это фреймворк для энтузиастов по тестированию на проникновение на данный момент еще находится в разработке.

framework hack hacking malware metasploit pentest pentesting post-exploitation security

Last synced: 28 Jun 2025

https://github.com/righettod/code-snippets-security-utils

Provides different utilities methods to apply processing from a security perspective.

appsecurity code-snippets java security

Last synced: 31 Aug 2025

https://github.com/soufantech/arx

Arx is an access control library for Node.js apps, strongly focused on efficiency, type safety and overall composability.

access-control authorisation permissions policy security

Last synced: 12 Apr 2025