An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/lambdacasserole/hack-this

A collection of common web programming security mistakes.

education hacking php security sql-injection vulnerabilities

Last synced: 09 Feb 2026

https://github.com/rek7/patchy

Automated Persistence and Lateral Movement using GCP Patch Management

cloud-native-se cloud-security gcp penetration-testing red-team security

Last synced: 26 Feb 2026

https://github.com/alejandroesquivel/node-pastebin-scraper

Minimalistic Pastebin Scraper for Node.js. A way to scrape pastebin's recent paste feed without requiring a LIFETIME PRO account and using their API. A good tool for those that want to ensure that their accounts have not been compromised during a recent hack.

client leaks node-pastebin-scraper pastebin scraper security

Last synced: 13 Feb 2026

https://github.com/ibasebcast/ha-alarmdotcom

Modernized Alarm.com integration for Home Assistant with ongoing maintenance and fixes.

alarm-com alarmdotcom hacs hacs-integration home-assistant home-assistant-integration home-security homeassistant security

Last synced: 21 Apr 2026

https://github.com/chamodanethra/biometric_signature

Hardware-backed biometric authentication for Flutter. Create cryptographic signatures using device biometrics with keys stored in Secure Enclave/StrongBox/Windows Hello.

android biometric-authentication cryptography flutter ios macos secure-enclave security strongbox windows windows-hello

Last synced: 01 Apr 2026

https://github.com/mrtc0/cxray

Tracing security events in container with BPF

bcc bpf container devsecops ebpf security trace

Last synced: 08 Mar 2026

https://github.com/tylerchr/pwnedpass

Package pwnedpass is a Go package for querying a local instance of Troy Hunt's Pwned Passwords database.

golang haveibeenpwned hibp offline pwnedpasswords security selfhosted

Last synced: 14 Jan 2026

https://github.com/mythkiven/mkappleopensourcedownload

Apple opensource source image,download source code from Apple's website.

apple corefoundation developer dyld foundation gcc ios kit lldb llvm open security

Last synced: 18 Mar 2025

https://github.com/jnaulty/multi-yubikey-helper

Same Subkeys, Many Yubikeys...

gpg hsm security yubikey

Last synced: 13 Aug 2025

https://github.com/psenger/jersey2-security-jwt

Jersey 2 with JWT Token Security

jersey2 jwt jwt-token security

Last synced: 14 Apr 2025

https://github.com/jasondrawdy/amaterasu

Lightweight licensing library for .NET applications which allows the managing of licenses via web based scripts and on-the-fly code compilation.

amaterasu antebyte code-generation compiler cryptography csharp dotnet dynamic encryption hacking library license license-management memory-management networking on-the-fly scripting security web windows

Last synced: 22 Apr 2025

https://github.com/tink-crypto/tink-go-gcpkms

Extension to Tink Go that provides Google Cloud KMS integration

crypto cryptography gcp-kms go golang golang-library google-cloud-kms security tink

Last synced: 12 Jan 2026

https://github.com/gchan/password_blocklist

Ruby gem to check a password against a blocklist of commonly used passwords

password-blocklist pasword ruby ruby-gem ruby-on-rails rubygem security

Last synced: 11 Nov 2025

https://github.com/costela/wile

Stripped down letsencrypt (ACME) client

acme certificate cli client python security ssl

Last synced: 09 Apr 2025

https://github.com/dahall/securityeditor

Standard Windows security editor dialog for .NET derived from CommonDialog and implementing the Windows EditSecurity API.

csharp dotnet permissions security windows winforms

Last synced: 01 Sep 2025

https://github.com/0xricksanchez/sploitget

A wrapper script for https://sploitus.com to scrape query results for tools and exploits

ctf exploit exploitation pentest-tool security wrapper-api

Last synced: 13 Apr 2025

https://github.com/y-miyazaki/terraform-aws-base

Initially set base configuration created by Terraform.

aws metrics monitoring security terraform terraform-aws

Last synced: 17 Jan 2026

https://github.com/bitsofinfo/testssl.sh-alerts

Alerting engine (slack etc) for testssl.sh JSON result output files

alerting alerts certificates continuous-integration security slack ssl testssl

Last synced: 13 Apr 2025

https://github.com/gcmurphy/osv

Rust implementation of ossf osv specification

rust security vulnerability-scanners

Last synced: 11 Mar 2026

https://github.com/gredler/aegis4j

A Java agent that disables platform features you don't use, before an attacker uses them against you.

devsecops java java-agent security

Last synced: 14 Jan 2026

https://github.com/dotnet-labs/client-ip-safelist

Client IP safelist for ASP.NET Core | .NET 5 | CIDR | Network | allowed list | IP restriction

allowedlist api cidr client-ip dotnet dotnet-core dotnet5 dotnetcore integration-tests ip-restrictions ngrok remote-ip remoteip safe-list security

Last synced: 08 Aug 2025

https://github.com/org-metaeffekt/metaeffekt-universal-cvss-calculator

A TypeScript implementation of CVSS 2.0, 3.0, 3.1 and 4.0, alongside a web application for calculating scores for multiple CVSS vectors simultaneously.

calculator cve cvss cvssv2 cvssv3 cvssv4 javascript library security typescript webapplications

Last synced: 12 Jan 2026

https://github.com/0xkoda/defi-dns-whitelist

Minimize your attack surface by allowing only essential traffic for signing Safe transactions.

dns ethereum security

Last synced: 19 Jul 2025

https://github.com/feross/security

Security Policies and Procedures for @feross projects

disclosure javascript nodejs policy report security

Last synced: 13 Sep 2025

https://github.com/anomaly/gallagher

The missing toolkit for extending Gallagher Command Centre, featuring a CLI, SQL interface, TUI and a Python idiomatic SDK

cli foss gallagher python sdk security sql tui

Last synced: 14 Jan 2026

https://github.com/bincyber/vigilant

a security controller for Kubernetes

controllers kubernetes security

Last synced: 25 Aug 2025

https://github.com/cybrota/scharf

Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks

ci-cd cybersecurity devsecops github github-actions go golang security security-tools supply-chain-security

Last synced: 17 Jan 2026

https://github.com/padok-team/yatas-aws

Plugin for YATAS that audits AWS accounts for misconfiguration and security issues

audit aws hardening misconfiguration security yatas

Last synced: 12 Jul 2025

https://github.com/willfindlay/suidsnoop

suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.

aya ebpf linux linux-kernel lsm rust security suid-binaries

Last synced: 07 May 2025

https://github.com/pepelux/stuncheck

Set of tools to audit and exploit STUN/TURN servers

hacking penetration-testing pentesting security security-audit security-tools stun turn

Last synced: 26 Oct 2025

https://github.com/marcopaga/plain-spring-on-kubernetes

A demo Spring Boot application using the Kubernetes infrastructure

helm kubernetes pulumi security spring-boot

Last synced: 27 Oct 2025

https://github.com/agent-receipts/ar

Agent Receipts — cryptographically signed audit trails for AI agent actions. Protocol spec, SDKs (Go, TypeScript, Python), and MCP proxy.

agent-receipts ai ai-agents audit cryptography ed25519 golang mcp model-context-protocol python receipts security typescript verifiable-credentials w3c-vc

Last synced: 01 Jun 2026

https://github.com/constructorfabric/gears-rust

All-in-one open-source framework & middleware for enterprise-grade multi-tenant and multi-tier XaaS Services development

account-management agentic-ai ai benchmarks cloud genai llm microservices middleware modkit multi-tenancy multi-tier rust saas security serverless xaas

Last synced: 28 Jun 2026

https://github.com/azure/azurekeyvault

R interface to Azure Key Vault

azure azure-key-vault azure-sdk-r r security

Last synced: 20 Oct 2025

https://github.com/mbrg/talks

BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits

appsec blueteam bsides hacking infosec lowcode nocode owasp owasp-top-10 pentesting redteam rsac sans security

Last synced: 01 Feb 2026

https://github.com/zeroxjf/cve-2026-20687-applejpegdriver-uaf

CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)

apple arm64 cve-2026-20687 ios kernel poc security use-after-free vulnerability

Last synced: 03 Jun 2026

https://github.com/ait-testbed/attackbed

The AttackBed is a simulated enterprise network with numerous vulnerabilities. Attacks in this testbed are executed automatically and cover a variety of tactics and techniques of the MITRE ATT&CK enterprise framework.

aecid ai ait ansible atb attackmate dataset environment machine-learning openstack research security simulation terraform terragrunt testbed vulnerability

Last synced: 02 Mar 2026

https://github.com/kamil-kielbasa/libedhoc

EDHOC (RFC 9528): Lightweight authenticated key exchange in C for IoT and constrained devices

authentication c coap constrained-devices cryptography edhoc embedded ietf iot key-exchange oscore rfc9528 rfc9529 security zephyr

Last synced: 02 Apr 2026

https://github.com/hegdepavankumar/cisco-asa-firewall-training

Welcome to our comprehensive Free Cisco ASA Firewall Training – the ultimate guide to mastering the art of network security. Whether you're a beginner looking to understand the basics or an experienced professional seeking advanced configurations, our hands-on course is tailored just for you.

asa asa-firewall cisco-asa cisco-firewall-training firewall firewall-configuration firewall-management security statefull training

Last synced: 07 Feb 2026

https://github.com/devteds/e2-setup-private-docker-registry

Setup private docker registry using docker machine - https://devteds.com/episodes/2-setup-private-docker-registry-secure-with-ssl-password

digitalocean docker docker-compose docker-machine docker-registry free-ssl free-ssl-certificates nginx private-docker-registry security ssl-certificates

Last synced: 10 Apr 2025

https://github.com/cr0hn/wordpress-docker-sec

Anti-hacking tools deploying configuration for Wordpress

hacking hardening nmap plecost security wordpress wp-scan wp-scanner

Last synced: 11 Apr 2025

https://github.com/nayakpenguin/easy-api-encryptor

"easy-api-encryptor" 🚀 is a lightweight NPM package facilitating seamless encryption and decryption of data between Node.js and React.js. Ensure secure communication in your applications with minimal setup, making it easy to protect sensitive information during transit.

api-encryption encryption-decryption npm npm-package security

Last synced: 18 Jun 2025

https://github.com/nyxnor/onioncomms

OnionComms is a repository of script to run an onion server and guides to configure client side applications to connect to any onion service that uses the same protocol, therefore, onion communications.

file-sharing hidden-service instant-messaging omemo onion-service open-source otr privacy proxy remote-administration rss security self-hosted tor tor-network voip xmpp xmpp-server

Last synced: 13 Jun 2025

https://github.com/agadiffe/windowsmize

:pushpin: PowerShell script to automate and customize the configuration of Windows. General settings, telemetry, network protocols, apps removal/installation, ramdisk, services, scheduled tasks.

bloatware cleanup debloat debloater optimize powershell powershell-module powershell-script privacy security telemetry tweaks windows windows-10 windows-11 windows10 windows11

Last synced: 11 Apr 2025

https://github.com/somajitdey/ipfs-link

Publish dynamic multiaddresses of private or isolated nodes using IPNS. Benefit - 1. Bandwidth savings, 2. Avoiding DDNS 3. Securely exposing localhost behind NAT.

bandwidth-saver bootstrap dynamic-ip expose-localhost ipfs ipfs-node ipns nat-traversal port-forwarding private-network remote-shell reverse-proxy security

Last synced: 07 May 2025

https://github.com/pawamoy/django-meerkat

Security audit tool for Django sites

audit django monitoring security

Last synced: 24 Oct 2025

https://github.com/middlewares/csp

PSR-15 middleware to add the Content-Security-Policy header to the response

csp http middleware psr-15 security

Last synced: 06 May 2025

https://github.com/contributte/oauth2-client

:lock: OAuth2 client for Nette Framework

client contributte http nette nette-framework oauth2 security

Last synced: 30 Oct 2025

https://github.com/neuralegion/cvss

The Common Vulnerability Scoring System (CVSS) base score calculator and validator library written in TypeScript.

cvss cvss3 cvssv3 score security typescript

Last synced: 07 May 2025

https://github.com/buanzo/webmon

A scalable, plugin-based url asset monitoring system based on zeromq, flask-restful, redis and docker-compose

asset-monitoring docker docker-compose flask-restful osint osint-framework osint-python python3 redis security url-monitor web-monitoring

Last synced: 11 Apr 2025

https://github.com/FIWARE/academy

:mortar_board: Video tutorials, slide decks and other training materials for developers learning about the FIWARE ecosystem.

context-broker contextual-data data-publication fiware generic-enablers iot-agent monetization processing robotics security tutorial video-tutorial

Last synced: 04 May 2025

https://github.com/anvilsecure/symlink-secure-boot-vm

VM demonstration various symlink and hard link attacks against secure boot. See the whitepaper at: https://www.anvilventures.com/blog/defeating-secure-boot-with-symlink-attacks.html

attacks boot hacking secure secureboot security symlinks vms whitepaper

Last synced: 07 Jan 2026

https://github.com/gamemann/notes-and-guides

Notes and guides I've made mostly exported from GFLClan.com.

anycast debian dpdk guides hardening linux network networking notes security ubuntu xdp

Last synced: 18 Mar 2025

https://github.com/elcritch/keyx

Elixir implementation of Shamir's Secret Sharing

crypto secret-sharing security

Last synced: 07 May 2025

https://github.com/bit4mind/anon-service

Transparent proxy through Tor with optionally DNSCrypt and Anonymized-DNS feature enabled.

anonymity anonymized anonymized-dns dns dnscrypt dnscrypt-proxy iptables privacy proxy security shell tor transparent-proxy unbound

Last synced: 18 Apr 2025

https://github.com/ms-luf/manage-adshadowgroup

A simple Powershell Module to help people managing Active Directory Shadow Group

active-directory groups ldap ldap-library powershell powershell-gallery powershell-module security

Last synced: 14 Jul 2025

https://github.com/openwall/phpass

Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5

bcrypt hash hashing password php security

Last synced: 09 Apr 2025

https://github.com/dropbox/bhakti

Bundle of security analysis scripts for keras tensorflow models

cdk python security yara-rules

Last synced: 04 Jul 2025

https://github.com/moul/totp-keychain

:lock: TOTP cli backed by the OS X keychain

2fa authentication cli cryptography keychain mfa security totp

Last synced: 28 Apr 2025

https://github.com/guardian360/infosec-agent

Open source application to gain insights into the privacy and security of windows devices.

golang privacy security windows

Last synced: 14 Jan 2026

https://github.com/wolfssl/wolfkeymgr

Secure key management service for middle-box decryption of TLS traffic

apache enterprise-transport-security ets key-management security ssl tls wolfcrypt wolfssl

Last synced: 27 Apr 2025

https://github.com/netflix-skunkworks/stethoscope-examples

Example Express application for collecting data from the Stethoscope app

security

Last synced: 09 Oct 2025

https://github.com/austincabler13/acsecurity

AcSecurity is a Python module designed to scan applications for common security vulnerabilities. It checks for hardcoded secrets, dependency vulnerabilities, and code quality issues.

acsecurity ai chatgpt copilot india-dev made-in-usa security security-tools

Last synced: 26 Mar 2025

https://github.com/doyensec/imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

conversion converters image-processing imagemagick scanner security security-policies security-tools

Last synced: 29 Apr 2025

https://github.com/hktalent/blackips

black Ip lists, dorks-collection

black-ips block-ip dorks security

Last synced: 14 May 2025

https://github.com/putyourlightson/craft-sherlock

Security scanner and monitor to keep your site and Craft CMS secure.

craft-plugin craftcms monitor monitoring scanner secure security

Last synced: 31 Jul 2025

https://github.com/ihexon/revm

revm helps you quickly launch Linux VMs / Containers

container docker libkrun orbstack podman sandbox security vfkit virtualization vm

Last synced: 09 Mar 2026

https://github.com/NodeSecure/report

NodeSecure HTML & PDF report generator for any public and/or private git repositories.

hacktoberfest nodejs report security security-tool

Last synced: 02 Aug 2025

https://github.com/v-thakkar/talks

This repository contains the slides of my talks.

coccinelle ebpf embedded-linux kernel linux security static-code-analysis virtualization xen

Last synced: 17 Mar 2025

https://github.com/leonjza/port-jump

Some security by obscurity using port-jumping.

firewall poc portjump security

Last synced: 19 Jul 2025

https://github.com/netflix-skunkworks/bucketsnake

An AWS lambda function that grantsss S3 permissionsss at ssscale.

aws badpunsss cross-account iam lambda permissions s3 security serverless

Last synced: 28 Jul 2025

https://github.com/ajayrandhawa/visual-basic-scripts

Visual Basic Scripts Utilities. Fun, Automation, Fundamentals. With the help of these scripts, I develop lots of Exploits which I'm used for automation system tasks. these vb scripts I am also used for system security exploitation.

automation basic exploitation fun fundamentals hacking-tool project scripts security tutorials vb-script visual visual-basic

Last synced: 03 Jan 2026

https://github.com/rocketshipapps/adblockfast-android

[Moved] Adblock Fast for Android is an Android port of the Adblock Fast app.

android data-structures frontend gradle html http java mobile security xml

Last synced: 25 Jul 2025

https://github.com/stakater/stakaterplatform

Stakater platform provides out of the box stacks to control, monitor, log, trace and security for applications deployed on kubernetes using CI/CD pipelines.

ci-cd logging monitoring security tracing

Last synced: 10 Aug 2025

https://github.com/middlewares/honeypot

PSR-15 middleware to implement a honeypot spam prevention

honeypot http middleware psr-15 security spam-protection

Last synced: 01 Apr 2026

https://github.com/robertdebock/ansible-role-auditd

Install and configure auditd on your system.

ansible auditd molecule monitoring playbook security system tox

Last synced: 17 Mar 2026

https://github.com/mrdcvlsc/aes

A Lightweight Single Header file C++ AES Library that also supports AES Hardware Acceleration Technology

aes aes-128 aes-decryption aes-encryption aes192 aes256 aesni armv8 block-cipher blockcipher cipher confidentiality cplusplus cpp decryption encryption hardwareaccelerated key library security

Last synced: 15 Oct 2025

https://github.com/alegrey91/vex8s

Generates VEX documents by parsing the Kubernetes SecurityContext configuration

security security-scanner security-tools trivy vex vulnerability

Last synced: 27 Feb 2026

https://github.com/cosad3s/njsdump

Dump paths & pages from Next.js Manifest

bugbounty nextjs recon security

Last synced: 14 Oct 2025