An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/statcan/aaw-security-proposal

Proposal for the implementation of Protected B workloads in the Advanced Analytics Workspace

aaw daaas kubernetes security

Last synced: 01 Aug 2025

https://github.com/bombinisecurity/bombini

WIP: eBPF security monitoring agent based on Aya

aya bpf ebpf security

Last synced: 21 Sep 2025

https://github.com/thezakman/thegoonies-assets

All the assets done for TheGoonies CTF Team.

assets ctf hacking security

Last synced: 07 Feb 2026

https://github.com/docker/portcullis

A tiny Go library to detect and redact API tokens, cloud credentials, and other secret material in arbitrary text.

ai secrets-detection security

Last synced: 23 May 2026

https://github.com/phptuts/starterbundleforsymfony

Startkit Bundle For Symfony Projects

guard security symfony

Last synced: 27 Apr 2026

https://github.com/fadhilthomas/nuclei-reporter

run summary report of nuclei findings

dast golang security

Last synced: 10 Mar 2026

https://github.com/ollionorg/automated-azure-sandbox-setup

🚀 Automate your Azure sandbox environments effortlessly! This repo provides tools for setting up and tearing down Azure sandboxes using GitHub Actions, ensuring efficient resource utilization and cost management. Perfect for PoCs, interviews, workshops, and more! 🛠️⏲️💡

azure cloud-playground cloud-security playground sandbox security

Last synced: 14 Apr 2025

https://github.com/lazorfuzz/eye-of-providence

A web app made with react, redux, redux-saga, and bundled with webpack. Served on Express and stores data with neDB. Displays a grid list of cams found with the Shodan API.

api express iot nedb react redux redux-saga security shodan

Last synced: 08 Apr 2026

https://github.com/thedoggybrad/vt_web_check

(A REVERSE ENGINEERING) It allows you to check the security of a website. NO API keys are used in this project.

antivirus av-vendors google reverse-engineering safety security virustotal vt vtapi website

Last synced: 05 Jan 2026

https://github.com/mitre/apache-tomcat-7-cis-baseline

(WIP) (ALPHA) InSpec Profile for the CIS Apache Tomcat v7 Benchmark

inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat tomcat7

Last synced: 21 Apr 2025

https://github.com/jankapunkt/js-class-privacy

Create a given ES6 class with private members using Proxy and closures. Keeps class code clean, encourages SRP and DRY.

abstract-factory es6-class es6-classes es6-javascript es6-proxy factory-method-pattern javascript private-members security

Last synced: 20 Jan 2026

https://github.com/le0pard/mpw.js

MPW.js is a JavaScript implementation of the Master Password App algorithm

algorithm javascript mpw security

Last synced: 20 Jun 2025

https://github.com/achedeuzot/temporar.io

A client-side encrypted pastebin backed by Phoenix & Elixir

elixir pastebin phoenix security sjcl

Last synced: 04 Feb 2026

https://github.com/isabellaalstrom/nd-motionsnapshot

Takes snapshots of your cameras and sends to discord

automation camera cameras discord hacs home-assistant netdaemon security snapshot

Last synced: 15 Apr 2026

https://github.com/x13a/fschk

List persistence items on macOS.

macos osx security swift

Last synced: 27 Feb 2025

https://github.com/glowyphp/csrf

Csrf Package provides Cross Site Request Forgery protection by comparing provided token with session token to ensure request validity.

csrf glowy glowyphp package php php-package security

Last synced: 02 May 2025

https://github.com/brave-experiments/defi-privacy-measurements

Code and data supporting our research projects on security and privacy issues in DeFi sites.

blockchain defi erc20 ethereum privacy security

Last synced: 07 Apr 2025

https://github.com/saltstack-formulas/suricata-formula

A saltstack formula to install suricata on RHEL or Ubuntu based systems

automation ids monitoring network nsm salt-formula saltstack security suricata

Last synced: 02 May 2025

https://github.com/nishkarshraj-legacy/Encrypted_Backup_Actions

Using GitHub Actions to create a compressed backup file using Tar on Ubuntu, encrypting it using GPG and storing it on Cloud.

backup devops docker git github github-actions linux open-source security shell ubuntu

Last synced: 05 Jul 2026

https://github.com/jedisct1/soundcheck

Use an Arduino to send text messages when an attached mic detects a sustained, abnormal sound level.

arduino security

Last synced: 20 May 2026

https://github.com/serverfarmer/sf-detect-suspicious

Lightweight suspicious/unwanted activity detector, that alerts about cryptocurrency mining software, P2P file sharing software and ngrok tunnels.

bittorrent btc cryptocurrency-mining detection devops devops-tools mining network-tunnel ngrok p2p security security-audit security-automation security-hardening security-scanner security-tools torrent xmrig

Last synced: 12 Jul 2025

https://github.com/xiosec/leakguard

LeakGuard is a project to prevent the use of leaked passwords.

active-directory hardening ldap leak leakguard lsa lsass security windows windows-internals

Last synced: 03 May 2026

https://github.com/skyf0l/sveltekit-helmet

Important security headers for SvelteKit

csp headers helmet hsts http-headers security sveltekit

Last synced: 11 Apr 2025

https://github.com/seisvelas/SAN-Scanner

Burp Suite extension for passively discovering Subject Alt Names in SSL/TLS certificates

burp burp-extensions burpsuite security security-tools ssl-certificates

Last synced: 13 May 2025

https://github.com/moltenbit/ufw-automatic-ip-blacklisting

Automatic import of UFW rules for daily generated IP-blacklists.

blacklists security threats ufw

Last synced: 14 Apr 2025

https://github.com/malikmaky/keemanager

KeeManager is a secure password and data management desktop application designed to help users securely store, manage, and access sensitive information.

encryption-decryption hash javascript key-der rust security svelte tailwindcss tauri tauri-app

Last synced: 11 Apr 2026

https://github.com/kicksecure/apparmor-profile-hexchat

AppArmor profile for HexChat IRC - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor hexchat irc profile security

Last synced: 10 Mar 2025

https://github.com/jonaslejon/apt10

APT / Cloud Hopper Yara rules

malware malware-analysis security security-incidents

Last synced: 25 Jan 2026

https://github.com/telefonicaid/fiware-keystone-spassword

Keystone SPASSWORD is an OpenStack Keystone extension that enables some extra security checks over user passwords, as force the usage of strong passwords, expiration time for a password, number of bad login attempts before user account became temporarily blocked, a recover procedure password, second factor authentication (2FA), etc.

keystone ldap openstack-keystone-extension security

Last synced: 19 Apr 2025

https://github.com/deratheone/motion_detection_system

An Arduino-based security system that detects motion using an ultrasonic sensor and triggers a buzzer and RGB LED alarm. Supports day, night, and always-on modes with auto arming/disarming using an LDR, and mode selection via touch sensor. Ideal for home security and demos.

arduino motion motion-sensor security sensors

Last synced: 13 Jul 2025

https://github.com/Zeerg/modsecurity-layer

A ModSecurity Lambda Layer for AWS

aws lambda modsecurity security serverless-framework

Last synced: 31 Mar 2025

https://github.com/BansheeTech/AgnosticWipe

AgnosticWipe is a utility function that safely removes all child nodes of a given DOM element, avoiding the use of innerHTML to clear content. It includes configurable debugging capabilities (log and warn), similar to other Agnostic modules, to assist with troubleshooting during development.

agnostic-wipe agnosticwipe clean dom dom-manipulation firstchild innerhtml javascript removechild security targetselector vanilla-javascript vanilla-js wipe xss

Last synced: 11 May 2025

https://github.com/turbot/powerpipe-action-check

Run Powerpipe benchmarks and controls against your Infrastructure as Code, deployed infrastructure, and more.

compliance github-actions powerpipe security

Last synced: 22 Apr 2025

https://github.com/usox/ipintel

PHP Client for getipintel.net

api client getipintel php security vpn-detection

Last synced: 20 Mar 2025

https://github.com/tynik/ethereum-smart-contracts-analyzer

Aggregated statistic by verified Ethereum smart contracts from mainnet

blockchain ethereum security smart-contracts solidity statistics swc

Last synced: 17 Feb 2026

https://github.com/xorgxx/doctrine-encryptor-bundle

This bundle provides Encrypt/Decrypt data sensible in a Db system in your application. Its main goal is to make it simple for you to manage encrypt & decrypt sensible data into Db! This bundle is to refresh the old bundle [DoctrineEncryptBundle]

doctrine doctrine-orm encryption halite openssl security

Last synced: 24 Dec 2025

https://github.com/joaomilho/vault-mobile

🔑 [really] safe password management mobile UI

android ios password react-native security stateless vault

Last synced: 06 May 2026

https://github.com/ibrahmsql/discoursemap-plugin

A comprehensive professional security auditing plugin for Discourse. This plugin provides automated security assessment capabilities to identify vulnerabilities, misconfigurations, and security issues in your Discourse installation

discourse discourse-plugin discourse-secuirty discoursemap forum-security red-team ruby ruby-on-rails security security-testing security-tools vulnerability-scanner

Last synced: 18 May 2026

https://github.com/obfusk/gradle-wrapper-verify

gradle-wrapper-verify - verify gradle-wrapper.jar sha256sum against published releases

android gradle security verify wrapper

Last synced: 13 Apr 2025

https://github.com/kimbeobwoo/nestjs-security

A package that provides a variety of security features applicable at the application level. It is basically designed to be compatible with the nestjs framework and can be applied to traditional business logic without any impact.

csrf ip nestjs nestjs-security rate-limiting security

Last synced: 23 Apr 2025

https://github.com/ludo-technologies/codescan

Scan any GitHub repo for security issues — risky code, exposed keys, outdated packages

dependency-scanning devsecops gitleaks golang nextjs sast secrets-detection security security-tools semgrep static-analysis trivy

Last synced: 03 Jul 2026

https://github.com/jfagoagas/kms-helper

Tool to encrypt/decrypt using AWS KMS with ease

aws hacktoberfest kms security

Last synced: 17 May 2026

https://github.com/seroperson/zio-http-pac4j

zio-http wrapper for pac4j, security framework to protect your web applications

jwt oauth2 pac4j security zio zio-http

Last synced: 04 Sep 2025

https://github.com/menezess42/grandmaai

A security System Powered by AI.

ai computer-vision lstm machine-learning security yolov8

Last synced: 04 Feb 2026

https://github.com/artem-smotrakov/ql-fun

Examples of vulnerable code that can be detected by CodeQL queries.

codeql security semmle-ql

Last synced: 22 Apr 2025

https://github.com/grantbirki/auditor-action

The Auditor - A GitHub Action that audits changes made in a pull request, using a customizable configuration

actions auditor automation ci compliance-as-code git-diff review security

Last synced: 07 May 2025

https://github.com/raisiqueira/secure-nextjs-app

Demo of a secure Next.js application

frontend-security nextjs nextjs14 security

Last synced: 14 Feb 2026

https://github.com/landlock-lsm/tuto-lighttpd

Landlock tutorial to patch lighttpd

landlock linux sandboxing security

Last synced: 09 Aug 2025

https://github.com/thefrosty/wp-login-locker

Disable direct access to your sites /wp-login.php script, plus user notifications based on actions.

login-auth packagist php php81 security wordpress wordpress-plugin wp-login

Last synced: 30 Oct 2025

https://github.com/ladjs/store-ip-address

Stores a user's IP address in the background for Lad

address ip ipv4 ipv6 koa lad mongoose passport security store

Last synced: 15 Apr 2025

https://github.com/bnomei/kirby3-htmlpurifier

Static class method, Uniform-Guard and Field-Method to filter your "dirty" HTML inputs to "clean" HTML.

filter form headless html htmlawed input kirby3 kirby3-cms kirby3-plugin kql kses safe sanitize security striptags submit uniform xss

Last synced: 13 Mar 2025

https://github.com/mbrn/dbmixer

A project that mask database columns by several algorithms

data database mask security

Last synced: 19 Jul 2025

https://github.com/lirantal/goof-container-breaking-in

A Snyk-based goof application to demonstrate breaking into containers

container docker security security-vulnerability snyk

Last synced: 16 Jul 2025

https://github.com/0xirison/PrintNightmare-Patcher

A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]

cve-2021-34527 printnightmare python3 security security-tools vulnerability windows

Last synced: 12 Jul 2025

https://github.com/manuelberrueta/hashfinder

Go script that finds a matching hash or a diff of a target hash in a directory.

blueteam blueteam-tools dfir dfir-automation hashing security security-tools

Last synced: 06 Jul 2025

https://github.com/birddevelper/gomologin

Gomologin is Golang (Go) login manager working with RDBMS Databases

authentication authorization go golang gomologin login login-manager login-system role security session sql

Last synced: 28 Apr 2025

https://github.com/geeknik/scada-scanner

A high-performance, asynchronous SCADA/ICS scanner

bug-bounty bugbounty ics infosec scada scanner security

Last synced: 28 Apr 2025

https://github.com/tigera-solutions/cc-aks-strengthen-security-workshop

In this AKS-focused workshop, you will work with Calico Cloud to learn how to strengthen your Microsoft AKS cluster security posture.

aks azure cc regismartins security workshop

Last synced: 13 Apr 2025

https://github.com/geolffreym/jwtauth

Django JWT auth middleware

api django jwt jwt-authentication python python-3 security

Last synced: 17 May 2026

https://github.com/kaiiyer/emailrep

This is a go library for interacting with the EmailRep service

api email emailrep golang json-api security

Last synced: 16 Jan 2026

https://github.com/r3li4nt/aescrypter

Encrypt and Decrypt files with Advanced Encryption Standard.

aes aes-128 aes-192 aes-256 aes-encryption cryptography decrypt encrypt linux python security

Last synced: 09 Mar 2026

https://github.com/logicalhacking/securebpmn

SecureBPMN is a domain-specific modeling language that allows to model security aspects (e.g., access control, separation of duty, confidentiality).

analysis bpmn compliance modelling modelling-framework project securebpmn security

Last synced: 10 May 2025

https://github.com/giosil/saml-idp

Boilerplate for SAML Identity Provider implementation.

authentication java javaee saml saml-authentication saml-identity-provider saml-idp saml2 security

Last synced: 05 Nov 2025

https://github.com/trendmicro/v1-cloud-community

About Collection of Trend Micro Open Source Community Projects related to Trend Vision One

automation demo security trendmicro trendvisionone visionone

Last synced: 15 Apr 2025

https://github.com/jenkinsci/signpath-plugin

Submits a build artifact to SignPath Code Integrity Platform for build integrity check and code signing.

code-signing security supply-chain-security

Last synced: 17 Jul 2025

https://github.com/macmod/nsrip

A fast and simple batch DNS resolver for A/AAAA/CNAME records from multiple nameservers.

bug-bounty cloud dns go golang infosec security waf-bypass

Last synced: 15 Mar 2025

https://github.com/robertdebock/ansible-role-unowned_files

Install and configure unowned_files on your system.

ansible molecule playbook security tox unownedfiles

Last synced: 14 Jul 2025

https://github.com/instantwebp2p/scoap

Securing COAP with UDP without DTLS

coap iot mqtt security

Last synced: 10 Jun 2025

https://github.com/benderscript/owasp_llm_analysis

Large Language Models Security Analsysis

analysis llm owasp security top10

Last synced: 12 Feb 2026

https://github.com/timokoessler/easy-waf-data

This repository provides ip data for the Web Application Firewall EasyWAF.

javascript nodejs security typescript waf web-application-firewall

Last synced: 29 Oct 2025

https://github.com/guardrailsio/docker-phpcs-security-audit

Dockerized version of PHPCS-Security-Audit

devsecops php security security-tools

Last synced: 02 Apr 2025

https://github.com/astrid-project/lcp

In each local agent, the control plane is responsible for programmability, i.e., changing the behaviour of the data plane at run-time.

agent beats control data ebpf elasticsearch log logstash management programmability security

Last synced: 06 Apr 2025

https://github.com/sug0/git-signify

Harness the power of signify(1) to sign arbitrary git objects

cryptography git openbsd rust security signature signify

Last synced: 07 May 2025

https://github.com/dina-heidar/saml2-authentication

A dotnet tool used to authenticate and logout using SAML2. It implements SAML Web SSO (HTTPGet, HTTPPost, Artifact), Logout (HTTPGet, HTTPost) profile message flows and bindings.

aspnetcore authentication dotnet identity netcore netstandard saml2 security slo sso

Last synced: 14 Jan 2026

https://github.com/localden/mcp-auth-servers

🔒 Reference MCP servers that demo how authentication works with the current Model Context Protocol spec.

authentication authorization mcp model-context-protocol security

Last synced: 10 Apr 2025

https://github.com/dedene/claw-wrap

A secure credential proxy for CLI tools. Executes tools with secrets on behalf of sandboxed processes - credentials never enter the sandbox.

cli openclaw proxy security

Last synced: 21 Feb 2026

https://github.com/cihatsolak/netcore-security

How we take precautions against attacks from malicious users is exemplified. Net core projects have default security measures. We can use the IDataprotector interface to encrypt data. We must also be protected against xss attacks such as Reflected or Stored. For this, we must pay attention to the use of Html.Raw().

cors cross-site-scripting dataprotection hsts https-client ipcontrol secret-management security

Last synced: 20 Jul 2025

https://github.com/amirhnajafiz-university/s3et01

English as Technical language final project.

air-gap research security

Last synced: 17 Feb 2026

https://github.com/volkansah/tor-scapy-application

This project is a simple example of using Stem and Scapy together to create an anonymized network analysis tool. The application can connect to a running Tor process or start a new one, send network packets through the Tor network, and rotate identities.

admins analytics defense hack hacking offensive python scapy script security stem tor wardrive

Last synced: 17 Aug 2025

https://github.com/lycanthropy3301/syncseed

An open-source, secure authentication module built using python. Uses a challenge-response system to authenticate users.

authentication contributions-welcome module open-source pip python python3 security

Last synced: 09 Apr 2026

https://github.com/lreimer/hands-on-distroless

Demo repository to showcase the usage of Google's Distroless base images.

distroless docker example golang payara-micro security showcase spring-boot

Last synced: 23 Jul 2025

https://github.com/monke443/cve-2023-40028

Arbitrary file read in Ghost-CMS allows an attacker to upload a malicious ZIP file with a symlink.

cve cve-2023-40028 exploit ghost-cms github pentesting security vulnerability

Last synced: 07 May 2025