Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/k8gege/k8cscan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

cobalt-strike crack exploit ftp getshell hacking ipc mssql mysql netscan oracle password pentest poc portscan scanner security smb subdomain wmi

Last synced: 06 Jan 2025

https://github.com/protectai/vulnhuntr

Zero shot vulnerability discovery using LLMs

ai llm security static-analysis vulnerability-detection

Last synced: 04 Jan 2025

https://github.com/alphasoc/flightsim

A utility to safely generate malicious network traffic patterns and evaluate controls.

intrusion-detection monitoring security testing-tools

Last synced: 05 Jan 2025

https://github.com/miguelgrinberg/Flask-HTTPAuth

Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes

authentication flask flask-httpauth python security tokens

Last synced: 26 Oct 2024

https://github.com/ion28/bluespawn

An Active Defense and EDR software to empower Blue Teams

active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows

Last synced: 05 Jan 2025

https://github.com/dhavalkapil/heap-exploitation

This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.

book heap security

Last synced: 06 Jan 2025

https://github.com/square/sudo_pair

Plugin for sudo that requires another human to approve and monitor privileged sudo sessions

authentication compliance linux pairing pam rust security sudo

Last synced: 10 Jan 2025

https://github.com/hwdsl2/wireguard-install

WireGuard VPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE and Raspberry Pi OS

bash centos debian encryption linux network raspberry-pi security shell ubuntu vpn vpn-client vpn-server wireguard

Last synced: 10 Jan 2025

https://github.com/DhavalKapil/heap-exploitation

This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.

book heap security

Last synced: 25 Oct 2024

https://github.com/hwdsl2/openvpn-install

OpenVPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE, Amazon Linux 2 and Raspberry Pi OS

bash centos debian encryption linux network openvpn raspberry-pi security shell ubuntu vpn vpn-client vpn-server

Last synced: 10 Jan 2025

https://github.com/fkie-cad/FACT_core

Firmware Analysis and Comparison Tool

firmware-analysis firmware-tools security security-automation

Last synced: 13 Nov 2024

https://github.com/ION28/BLUESPAWN

An Active Defense and EDR software to empower Blue Teams

active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows

Last synced: 01 Nov 2024

https://github.com/jon-becker/heimdall-rs

Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts.

cfg decoder decompiler disassembler eth ethereum evm rust security solidity toolkit yul

Last synced: 09 Jan 2025

https://fkie-cad.github.io/FACT_core/

Firmware Analysis and Comparison Tool

firmware-analysis firmware-tools security security-automation

Last synced: 02 Nov 2024

https://github.com/coreinfrastructure/best-practices-badge

🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)

badge best-practices floss foss open-source openssf ossf rails security supply-chain

Last synced: 10 Jan 2025

https://github.com/k8gege/K8CScan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

cobalt-strike crack exploit ftp getshell hacking ipc mssql mysql netscan oracle password pentest poc portscan scanner security smb subdomain wmi

Last synced: 25 Oct 2024

https://github.com/php-casbin/php-casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in PHP .

abac access-control acl auth authorization framework middlewares permission php rbac roles security

Last synced: 07 Jan 2025

https://github.com/tillson/git-hound

Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.

bugbounty git githound github osint secrets security security-tools

Last synced: 09 Jan 2025

https://github.com/honeytrap/honeytrap

Advanced Honeypot framework.

framework honeypot security

Last synced: 05 Jan 2025

https://github.com/guyoung/captfencoder

Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.

cipher crypto ctf cybersecurity decode decoder electron encode encoder fltk hacking-tool hash misc network-security opensource rust security security-tools toolkit

Last synced: 05 Jan 2025

https://github.com/caido/caido

🚀 Caido releases, wiki and roadmap

bugbounty pentesting proxy security tool

Last synced: 10 Jan 2025

https://github.com/codingo/interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

bugbounty cidr-notation enumeration hacking hacking-tool linux multithreading oscp oscp-tools penetration-testing security security-tools service-enumeration thread

Last synced: 05 Jan 2025

https://github.com/Cyfrin/security-and-auditing-full-course-s23

The ultimate, most advanced, security, DeFi, assembly, web3 auditor course ever created.

cryptocurrency ethereum security smart-contract-audit solidity

Last synced: 05 Nov 2024

https://github.com/globaleaks/whistleblowing-software

GlobaLeaks is free, open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.

accessibility angular anonymity anticorruption boostrap debian digital-human-rights digital-public-goods free-software libsodium linux open-source privacy python security sqlalchemy tor twisted typescript whistleblowing

Last synced: 11 Oct 2024

https://github.com/cddmp/enum4linux-ng

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

ctf-tools enum4linux enumeration hackthebox htb pentest pentest-tools security security-audit

Last synced: 10 Jan 2025

https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

azure blueteam cybersecurity defender-for-endpoint dfir infosec kql mde mdi misp security sentinel threat-hunting vulnerability-management zero-day

Last synced: 02 Nov 2024

https://github.com/intel/cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

cve cvss devsecops hacktoberfest python sbom sbom-tool security security-automation security-tools swrepo system-tools vulnerabilities vulnerability

Last synced: 07 Jan 2025

https://github.com/vincentcox/bypass-firewalls-by-dns-history

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

bugbounty bypassing dns-record network-security security security-tools

Last synced: 05 Jan 2025

https://github.com/codingo/vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 04 Jan 2025

https://github.com/3ndg4me/autoblue-ms17-010

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

eternal-blue-exploits hacking hacktoberfest python security

Last synced: 05 Jan 2025

https://github.com/codingo/Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

bugbounty cidr-notation enumeration hacking hacking-tool linux multithreading oscp oscp-tools penetration-testing security security-tools service-enumeration thread

Last synced: 06 Nov 2024

https://github.com/simeononsecurity/windows-optimize-harden-debloat

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.

automation cyber debloat debotnet harden hardening hardware-requirements microsoft mitigations privacy privacy-script security stig-compliant stigs telemetry windows windows-10 windows-defender windows-desktop windows10

Last synced: 10 Jan 2025

https://github.com/nsacyber/WALKOFF

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

administration analytics automation automation-framework cybersecurity devops framework integration orchestration orchestration-framework orchestrator python security sysadmin walkoff walkoff-apps walkoff-workflows workflow

Last synced: 06 Nov 2024

https://nsacyber.github.io/WALKOFF

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

administration analytics automation automation-framework cybersecurity devops framework integration orchestration orchestration-framework orchestrator python security sysadmin walkoff walkoff-apps walkoff-workflows workflow

Last synced: 14 Oct 2024

https://github.com/nsacyber/walkoff

A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber

administration analytics automation automation-framework cybersecurity devops framework integration orchestration orchestration-framework orchestrator python security sysadmin walkoff walkoff-apps walkoff-workflows workflow

Last synced: 26 Sep 2024

https://github.com/codingo/VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 01 Nov 2024

https://github.com/guyoung/CaptfEncoder

Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.

cipher crypto ctf cybersecurity decode decoder electron encode encoder fltk hacking-tool hash misc network-security opensource rust security security-tools toolkit

Last synced: 25 Oct 2024

https://github.com/viralmaniar/passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

cybersecurity default-credentials default-password password penetration-testing pentest-tool security security-testing

Last synced: 08 Jan 2025

https://github.com/vincentcox/bypass-firewalls-by-DNS-history

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

bugbounty bypassing dns-record network-security security security-tools

Last synced: 06 Nov 2024

https://github.com/Viralmaniar/Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

cybersecurity default-credentials default-password password penetration-testing pentest-tool security security-testing

Last synced: 27 Nov 2024

https://github.com/php-casbin/php-casbin?utm_source=gold_browser_extension

An authorization library that supports access control models like ACL, RBAC, ABAC in PHP .

abac access-control acl auth authorization framework middlewares permission php rbac roles security

Last synced: 29 Oct 2024

https://github.com/c0nw0nk/nginx-lua-anti-ddos

A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging & Monitoring Drupal WordPress Joomla Flash Magento PHP Plone WHMCS Atlassian Products malicious traffic Adult video script avs KVS Kernel Video Sharing Clip Bucket Tube sites Content Management Systems Social networks scripts backends proxy proxies PHP Python Porn sites xxx adult gaming networks servers sites forums vbulletin phpbb mybb smf simple machines forum xenforo web hosting video streaming buffering ldap upstream downstream download upload rtmp vod video over dl hls dash hds mss livestream drm mp4 mp3 swf css js html php python sex m3u zip rar archive compressed mitigation code source sourcecode chan 4chan 4chan.org 8chan.net 8ch 8ch.net infinite chan 8kun 8kun.net anonymous anon tor services .onion torproject.org nginx.org nginx.com openresty.org darknet dark net deepweb deep web darkweb dark web mirror vpn reddit reddit.com adobe flash hackthissite.org dreamhack hack hacked hacking hacker hackers hackerz hackz hacks code coding script scripting scripter source leaks leaked leaking cve vulnerability great firewall china america japan russia .gov government http1 http2 http3 quic q3 litespeedtech litespeed apache torrents torrent torrenting webtorrent bittorrent bitorrent bit-torrent cyberlocker cyberlockers cyber locker cyberbunker warez keygen key generator free irc internet relay chat peer-to-peer p2p cryptocurrency crypto bitcoin miner browser xmr monero coinhive coin hive coin-hive litecoin ethereum cpu cycles popads pop-ads advert advertisement networks banner ads protect ovh blazingfast.io amazon steampowered valve store.steampowered.com steamcommunity thepiratebay lulzsec antisec xhamster pornhub porn.com pornhub.com xhamster.com xvideos xvdideos.com xnxx xnxx.com popads popcash cpm ppc

anti-ddos anti-ddos-script attack-mode bitmitigate cloudflare ddos ddos-attack ddos-mitigation denial-of-service distributed-denial-of-service dos exploit html javascript lua nginx-lua protection security sucuri traffic

Last synced: 05 Jan 2025

https://github.com/sorah/envchain

Environment variables meet macOS Keychain and gnome-keyring <3

credentials gnome-keyring keychain secret security

Last synced: 04 Jan 2025

https://github.com/genuinetools/bane

Custom & better AppArmor profile generator for Docker containers.

apparmor apparmor-profile cli containers docker linux opencontainers security

Last synced: 04 Jan 2025

https://github.com/tongsuo-project/tongsuo

铜锁/Tongsuo is a Modern Cryptographic Primitives and Protocols Library

chinese-ciphers cryptography pki security tls

Last synced: 10 Jan 2025

https://github.com/andrewjkerr/security-cheatsheets

🔒 A collection of cheatsheets for various infosec tools and topics.

bash cheatsheets security

Last synced: 29 Oct 2024

https://github.com/markets/invisible_captcha

🍯 Unobtrusive and flexible spam protection for Rails apps

anti-spam captcha honeypot honeypot-field rails security spam-detection

Last synced: 08 Jan 2025

https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.

automation cyber debloat debotnet harden hardening hardware-requirements microsoft mitigations privacy privacy-script security stig-compliant stigs telemetry windows windows-10 windows-defender windows-desktop windows10

Last synced: 06 Nov 2024

https://github.com/fabpot/local-php-security-checker

PHP security vulnerabilities checker

composer packagist php security

Last synced: 29 Sep 2024

https://github.com/nixawk/labs

Vulnerability Labs for security analysis

cve exploit security vulnerability

Last synced: 06 Jan 2025

https://github.com/blst-security/cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

api api-security best-practices blst business-logic cli cyber cybersecurity firecracker http open-source openapi openapi3 security security-tools web-sec-scanner web-security websecurity

Last synced: 07 Jan 2025

https://github.com/damienbod/angular-auth-oidc-client

npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow

angular auth authentication authn identity implicit-flow npm oauth2 oidc openid openidconnect security

Last synced: 07 Jan 2025

https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS

A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging & Monitoring Drupal WordPress Joomla Flash Magento PHP Plone WHMCS Atlassian Products malicious traffic Adult video script avs KVS Kernel Video Sharing Clip Bucket Tube sites Content Management Systems Social networks scripts backends proxy proxies PHP Python Porn sites xxx adult gaming networks servers sites forums vbulletin phpbb mybb smf simple machines forum xenforo web hosting video streaming buffering ldap upstream downstream download upload rtmp vod video over dl hls dash hds mss livestream drm mp4 mp3 swf css js html php python sex m3u zip rar archive compressed mitigation code source sourcecode chan 4chan 4chan.org 8chan.net 8ch 8ch.net infinite chan 8kun 8kun.net anonymous anon tor services .onion torproject.org nginx.org nginx.com openresty.org darknet dark net deepweb deep web darkweb dark web mirror vpn reddit reddit.com adobe flash hackthissite.org dreamhack hack hacked hacking hacker hackers hackerz hackz hacks code coding script scripting scripter source leaks leaked leaking cve vulnerability great firewall china america japan russia .gov government http1 http2 http3 quic q3 litespeedtech litespeed apache torrents torrent torrenting webtorrent bittorrent bitorrent bit-torrent cyberlocker cyberlockers cyber locker cyberbunker warez keygen key generator free irc internet relay chat peer-to-peer p2p cryptocurrency crypto bitcoin miner browser xmr monero coinhive coin hive coin-hive litecoin ethereum cpu cycles popads pop-ads advert advertisement networks banner ads protect ovh blazingfast.io amazon steampowered valve store.steampowered.com steamcommunity thepiratebay lulzsec antisec xhamster pornhub porn.com pornhub.com xhamster.com xvideos xvdideos.com xnxx xnxx.com popads popcash cpm ppc

anti-ddos anti-ddos-script attack-mode bitmitigate cloudflare ddos ddos-attack ddos-mitigation denial-of-service distributed-denial-of-service dos exploit html javascript lua nginx-lua protection security sucuri traffic

Last synced: 31 Oct 2024

https://github.com/4x99/code6

码小六 - GitHub 代码泄露监控系统

github gsil laravel php security

Last synced: 05 Jan 2025

https://github.com/scito/extract_otp_secrets

Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured by camera, read from images, or read from text files. The secrets can be exported to JSON or CSV, or printed as QR codes to console.

2fa csv google-authenticator json mfa otp otpauth proto3 protobuf python qr-codes qrcode recovery security security-tools standwithukraine tfa totp two-factor two-factor-authentication

Last synced: 10 Jan 2025

https://github.com/eliasgranderubio/dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

detecting-anomalous-activities docker malware-detection security static-analysis vulnerabilities

Last synced: 05 Jan 2025

https://github.com/snovvcrash/usbrip

Tracking history of USB events on GNU/Linux

forensics security usb-devices usb-events usb-history

Last synced: 26 Sep 2024

https://github.com/techjacker/repo-security-scanner

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

golang security security-audit

Last synced: 05 Jan 2025

https://github.com/janusec/janusec

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

acme application-gateway application-security cookie-banner cookie-compliance gateway golang gslb janusec janusec-application-gateway k8s-ingress-controller load-balance port-forwarding security sql-injection waf web-application-firewall web-application-security web-ssh

Last synced: 09 Jan 2025

https://github.com/nozaq/terraform-aws-secure-baseline

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

aws aws-auditing cis-benchmark devops hardening security security-hardening security-tools terraform terraform-module terraform-modules

Last synced: 09 Jan 2025

https://github.com/SecurityFTW/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

aws-audit aws-security azure azure-audit azure-security cloud-security gcp gcp-audit-report security security-audit security-tools

Last synced: 06 Nov 2024

https://github.com/securityftw/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

aws-audit aws-security azure azure-audit azure-security cloud-security gcp gcp-audit-report security security-audit security-tools

Last synced: 05 Jan 2025

https://github.com/ZupIT/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 02 Nov 2024

https://github.com/zupit/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 09 Jan 2025

https://github.com/usbguard/usbguard

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

blacklist c-plus-plus hacktoberfest linux rule-language security security-hardening usb usb-devices whitelist

Last synced: 09 Jan 2025

https://github.com/Janusec/janusec

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

acme application-gateway application-security cookie-banner cookie-compliance gateway golang gslb janusec janusec-application-gateway k8s-ingress-controller load-balance port-forwarding security sql-injection waf web-application-firewall web-application-security web-ssh

Last synced: 01 Nov 2024

https://github.com/nette/latte

☕ Latte: the safest & truly intuitive templates for PHP. Engine for those who want the most secure PHP sites.

content-aware html latte nette nette-framework php safety security security-hole template-engine xss

Last synced: 07 Jan 2025

https://github.com/newaetech/chipwhisperer

ChipWhisperer - the complete open-source toolchain for side-channel power analysis and glitching attacks

chipwhisperer security side-channel

Last synced: 09 Jan 2025

https://github.com/Tongsuo-Project/Tongsuo

铜锁/Tongsuo is a Modern Cryptographic Primitives and Protocols Library

chinese-ciphers cryptography pki security tls

Last synced: 07 Nov 2024

https://github.com/hausec/powerzure

PowerShell framework to assess Azure security

azure infosec powershell security windows

Last synced: 10 Jan 2025

https://github.com/al0ne/suricata-rules

Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

ids security signatures suricata suricata-rule

Last synced: 02 Dec 2024

https://github.com/conardli/conardli.github.io

ConardLi 写 blog 的地方

blog javascript react security

Last synced: 10 Jan 2025

https://github.com/stackrox/stackrox

The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.

containers hacktoberfest k8s kubernetes security

Last synced: 09 Jan 2025

https://github.com/ConardLi/ConardLi.github.io

ConardLi 写 blog 的地方

blog javascript react security

Last synced: 31 Oct 2024

https://github.com/ivanilves/xiringuito

SSH-based "VPN for poors"

access aws bastion-host network security ssh vpn

Last synced: 08 Jan 2025

https://github.com/Netflix/Repokid

AWS Least Privilege for Distributed, High-Velocity Deployment

aws security

Last synced: 03 Nov 2024

https://github.com/netflix/repokid

AWS Least Privilege for Distributed, High-Velocity Deployment

aws security

Last synced: 10 Jan 2025

https://github.com/google/fuzzbench

FuzzBench - Fuzzer benchmarking as a service.

benchmark-framework benchmarking evaluation fuzzing security

Last synced: 09 Jan 2025

https://github.com/masatokinugawa/filterbypass

Browser's XSS Filter Bypass Cheat Sheet

cheatsheet pentest security xss

Last synced: 30 Nov 2024

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 84 personal-security-checklist 243 awesome-security 321 awesome-web-security 405 awesome-ctf 220 android-security-awesome 211 awesome-incident-response 218 awesome-hacker-search-engines 501 Awesome-WAF 172 awesome-privacy 639 awesome-security-hardening 204 DevSecOps 181 awesome-infosec 213 awesome-cybersecurity-blueteam 252 awesome-sec-talks 264 WebHackersWeapons 408 awesome-vehicle-security 220 awesome-api-security 199 awesome-nodejs-security 179 awesome-game-security 90 backend-cheats 961 awesome-cloud-security 153 awesome-iot-hacks 70 awesome-golang-security 34 alternative-frontends 119 awesome-windows-domain-hardening 70 DevSecOps 48 awesome-embedded-and-iot-security 131 awesome-iam 274 Awesome-FL 2,323 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 309 awesome-ethereum-security 81 osx-and-ios-security-awesome 57 Awesome-Cybersecurity-Datasets 54 awesome-executable-packing 666 awesome-aws-security 164 awesome-he 82 awesome-python-security 35 security-apis 112 awesome-vulnerable-apps 88 graph-adversarial-learning-literature 314 awesome-opa 224 MobileHackersWeapons 71 awesome-runners 36 SmartContracts-audit-checklist 46 awesome-russian-it 514 awesome-llm-security 94 awesome-lists 576
Security Categories
Uncategorized 2,536 fl in top-tier journal 1,487 :books: Literature 1,368 Pentesting 1,312 Tools 867 fl in top ml conference and journal 847 Attack 649 Operating Systems 626 Threat Hunting: 455 **Мероприятия** 453 Weapons 450 Blue Team 432 Papers 420 Other Lists 415 Defense 371 fl on graph data and graph neural networks 330 Programming Language 325 Resources 313 Malware Analysis 297 fl in top ai conference and journal 289