Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

GitHub: https://github.com/topics/security
Wikipedia: https://en.wikipedia.org/wiki/Computer_security
Aliases: security-tools, security-vulnerability, security-audit,
Last updated: 2025-01-08 00:23:07 UTC
JSON Representation

https://github.com/vksrc/github-monitor

Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)

github leakage monitor restful security

Last synced: 05 Jan 2025

https://github.com/Srinivas11789/PcapXray

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

computer-forensics cybersecurity forensic-analysis forensics network network-diagram packets pcap python security tor tor-traffic traffic

Last synced: 06 Nov 2024

https://github.com/gitguardian/ggshield

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

apikey code credentials devsecops iac iac-security infrastructure-as-code key leak precommit scanning secrets-detection secrets-management security

Last synced: 07 Jan 2025

https://github.com/google/sandboxed-api

Generate sandboxes for C/C++ libraries automatically

apache-license-2 cplusplus cplusplus-17 sandbox sandboxing sapi security security-hardening

Last synced: 09 Jan 2025

https://github.com/lazaronixon/authentication-zero

An authentication system generator for Rails applications.

api auth authentication generator rails rails-authentication ruby security token

Last synced: 07 Jan 2025

https://github.com/murphysecurity/murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

codescan dependency sca scanner security software-composition-analysis software-supply-chain vulnerability-detection

Last synced: 08 Jan 2025

https://github.com/VKSRC/Github-Monitor

Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)

github leakage monitor restful security

Last synced: 29 Oct 2024

https://github.com/srinivas11789/pcapxray

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

computer-forensics cybersecurity forensic-analysis forensics network network-diagram packets pcap python security tor tor-traffic traffic

Last synced: 24 Oct 2024

https://github.com/bitbrute/evillimiter

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

hacking hacking-tool linux networking penetration-testing pentest-tool pentesting python security security-tools

Last synced: 10 Jan 2025

https://github.com/antrea-io/antrea

Kubernetes networking based on Open vSwitch

cncf cni kubernetes networking security

Last synced: 08 Jan 2025

https://github.com/rezach/secure-electron-template

The best way to build Electron apps with security in mind.

boilerplate electron i18next react redux security template webpack

Last synced: 04 Jan 2025

https://github.com/DigitalRuby/IPBan

Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓

botnets desktop fail2ban firewall free hackers intruder intrusion-detection intrusion-prevention ipban linux rdp remote remote-desktop secure security server service ssh windows

Last synced: 01 Nov 2024

https://github.com/Sh1Yo/x8

Hidden parameters discovery suite

bugbounty content-discovery recon rust security web

Last synced: 31 Oct 2024

https://github.com/taviso/ctftool

Interactive CTF Exploration Tool

reverse-engineering security windows windows-internals

Last synced: 05 Jan 2025

https://github.com/404notf0und/ai-for-security-learning

安全场景、基于AI的安全算法和安全数据分析业界实践

data-analysis data-mining machine-learning security

Last synced: 03 Dec 2024

https://github.com/AabyssZG/SpringBoot-Scan

针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

cve-2018-1273 cve-2021-21234 cve-2022-22947 cve-2022-22963 cve-2022-22965 exploit exploits security security-tools spring spring-boot spring-vulnerability springboot vul

Last synced: 21 Nov 2024

https://github.com/cisagov/ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

assessment-tool cisa contributions-welcome cybersecurity m365 open-policy-agent open-source powershell rego scuba security security-automation

Last synced: 08 Nov 2024

https://github.com/404notf0und/AI-for-Security-Learning

安全场景、基于AI的安全算法和安全数据分析业界实践

data-analysis data-mining machine-learning security

Last synced: 11 Nov 2024

https://github.com/theupdateframework/python-tuf

Python reference implementation of The Update Framework (TUF)

cncf compromise key python repository revocation security software update

Last synced: 07 Jan 2025

https://github.com/abrahamjuliot/creepjs

Creepy device and browser fingerprinting

browser-fingerprinting device device-fingerprint fingerprinting privacy-protection security

Last synced: 09 Jan 2025

https://github.com/yokoffing/filterlists

Collection of blocklists to fill in the gaps

ad-block adblock adblock-list adblocker adblocker-lists adguard annoyances anti-tracking brave brave-ad privacy security tracking ublock-filter ublock-filters-rules ublock-origin ublock-origin-filters ubo-filters ubo-resources ubo-ublock-origin-fast-adblocking

Last synced: 04 Dec 2024

https://github.com/0xradi/owasp-web-checklist

OWASP Web Application Security Testing Checklist

bugbounty checklist owasp security security-tools security-vulnerability testing

Last synced: 03 Nov 2024

https://github.com/0xRadi/OWASP-Web-Checklist

OWASP Web Application Security Testing Checklist

bugbounty checklist owasp security security-tools security-vulnerability testing

Last synced: 26 Oct 2024

https://github.com/mikeroyal/Digital-Forensics-Guide

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence

Last synced: 25 Oct 2024

https://github.com/someengineering/fixinventory

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

aws cnapp cspm cybersecurity digitalocean gcp infrastructure-as-code policy-as-code security security-audit security-automation

Last synced: 07 Jan 2025

https://github.com/metlo-labs/metlo

Metlo is an open-source API security platform.

api-gateway api-pentest api-security application-security aws bugbounty bugbounty-tools cybersecurity infosec infosectools metlo monitoring pentest security vulnerabilities vulnerability-detection

Last synced: 09 Jan 2025

https://github.com/rustsec/rustsec

RustSec API & Tooling

cargo rust security

Last synced: 07 Jan 2025

https://github.com/justinas/nosurf

CSRF protection middleware for Go.

csrf go middleware security

Last synced: 09 Jan 2025

https://github.com/gosecure/pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

hacktoberfest honeypot mitm pentest pyrdp rdp security

Last synced: 08 Jan 2025

https://github.com/reZach/secure-electron-template

The best way to build Electron apps with security in mind.

boilerplate electron i18next react redux security template webpack

Last synced: 25 Oct 2024

https://github.com/hectorm/hblock

Improve your security and privacy by blocking ads, tracking and malware domains.

ad-blocker adblock adblocker ads advertisements blocker dns dnsmasq hosts hostsfile malware privacy protection ransomware security shell trackers tracking trojans unified-hosts

Last synced: 07 Jan 2025

https://github.com/byt3bl33d3r/deathstar

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

active-directory pentesting python security

Last synced: 10 Jan 2025

https://github.com/hacl-star/hacl-star

HACL*, a formally verified cryptographic library written in F*

cryptography everest formal-methods formal-verification hacl high-performance inria security verification verified-primitives

Last synced: 01 Dec 2024

https://github.com/edoardottt/cariddi

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

bugbounty crawler crawling endpoint-discovery endpoints go golang hacktoberfest infosec osint penetration-testing pentesting recon reconnaissance redteam scraper secret-keys secrets-detection security security-tools

Last synced: 09 Jan 2025

https://github.com/keensecuritylab/binabsinspector

BinAbsInspector: Vulnerability Scanner for Binaries

abstract-interpretation binary-analysis ghidra reverse-engineering security static-analyzer vulnerability-scanner

Last synced: 09 Jan 2025

https://github.com/six2dez/pentest-book

attacks hacking oscp pentesting pentests security wiki

Last synced: 02 Dec 2024

https://github.com/anchore/anchore-engine

A service that analyzes docker images and scans for vulnerabilities

anchore-engine containers docker docker-image dockerhub python security static-analysis vulnerabilities whitelist

Last synced: 28 Sep 2024

https://github.com/woodruffw/zizmor

A static analysis tool for GitHub Actions

github-actions security security-tools static-analysis

Last synced: 05 Jan 2025

https://github.com/krisnova/boopkit

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

ebpf linux-kernel-hacking security tcp

Last synced: 04 Jan 2025

https://github.com/KeenSecurityLab/BinAbsInspector

BinAbsInspector: Vulnerability Scanner for Binaries

abstract-interpretation binary-analysis ghidra reverse-engineering security static-analyzer vulnerability-scanner

Last synced: 21 Nov 2024

https://github.com/jaksi/sshesame

An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity

go golang honeypot security ssh

Last synced: 09 Jan 2025

https://github.com/sleventyeleven/linuxprivchecker

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

ctf-tools hackthebox htb linux-privilege-escalation linux-security oscp oscp-tools pentest-tools pentesting security

Last synced: 03 Jan 2025

https://github.com/wireghoul/graudit

grep rough audit - source code auditing tool

security security-audit security-tools shell source-code vulnerability-detection

Last synced: 09 Jan 2025

https://github.com/wallarm/gotestwaf

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

api-security bugbounty graphql-security grpc-security owasp rest-security security security-testing security-tools waf web-application-firewall web-application-security

Last synced: 08 Jan 2025

https://github.com/ballcat-projects/ballcat

😸一个快速开发脚手架，快速搭建企业级后台管理系统，并提供多种便捷starter进行功能扩展。主要功能包括前后台用户分离，菜单权限，数据权限，定时任务，访问日志，操作日志，异常日志，统一异常处理，XSS过滤，SQL防注入，国际化等多种功能

ant-design code-generator i18n ouath2 react security spring spring-boot upms vue websocket

Last synced: 09 Jan 2025

https://github.com/chainreactors/gogo

面向红队的, 高度可控可拓展的自动化引擎

recon redteam security security-tools

Last synced: 09 Jan 2025

https://github.com/slsa-framework/slsa

Supply-chain Levels for Software Artifacts

devops security supply-chain-security

Last synced: 31 Oct 2024

https://github.com/ovh/the-bastion

Authentication, authorization, traceability and auditability for SSH accesses.

bastion security ssh

Last synced: 09 Jan 2025

https://github.com/chaitin/veinmind-tools

veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集

cloud-native cloud-security container-security containerd docker image-security security

Last synced: 10 Jan 2025

https://github.com/bcgit/bc-csharp

BouncyCastle.NET Cryptography Library (Mirror)

bouncycastle cryptography dtls encryption open-source openpgp post-quantum security tls

Last synced: 30 Sep 2024

https://github.com/greenpau/caddy-security

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

access-control acl auth authentication authorization caddy-plugin caddy2 jwt ldap oauth2 openid paseto paseto-tokens saml secdevops secops security sso webauthn websecurity

Last synced: 10 Jan 2025

https://github.com/keystone-engine/keypatch

Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.

arm arm64 assembler ida ida-pro idapro keystone mips powerpc reverse-engineering security sparc x86 x86-64

Last synced: 09 Jan 2025

https://github.com/TryCatchHCF/Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

av-evasion cipher cryptography data-exfiltration dlp exfiltration hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting privacy red-team security security-tools steganography stego

Last synced: 01 Nov 2024

https://github.com/badmojr/1hosts

World's most advanced DNS filter-/blocklists!

adaway adblock adguard ads adware android blacklist blocklist dns domains hostsfile malware pi-hole privacy security spyware trackers tracking windows

Last synced: 09 Jan 2025

https://github.com/hackerschoice/gsocket

Connect like there is no firewall. Securely.

firewall hacking networking security

Last synced: 09 Jan 2025

https://github.com/cartalyst/sentinel

A framework agnostic authentication & authorization system.

agnostic auth authentication authorization cartalyst laravel permissions php roles security sentinel

Last synced: 07 Jan 2025

https://github.com/badmojr/1Hosts

World's most advanced DNS filter-/blocklists!

adaway adblock adguard ads adware android blacklist blocklist dns domains hostsfile malware pi-hole privacy security spyware trackers tracking windows

Last synced: 30 Oct 2024

https://github.com/dolevf/damn-vulnerable-graphql-application

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

damn-vulnerable damn-vulnerable-web-application exploitation graphql graphql-security penetration-testing security vulnerability

Last synced: 04 Jan 2025

https://github.com/hjdhjd/homebridge-unifi-protect

:video_camera: Complete HomeKit integration for all UniFi Protect device types with full support for most features including HomeKit Secure Video, and more. https://homebridge.io

camera cameras doorbell homebridge homebridge-plugin homekit homekit-support motion-detection motion-sensor nvr security ubiquiti udm-pro unifi unifi-nvr unifi-os unifi-protect unifi-protect-controller unifi-protect-devices

Last synced: 07 Jan 2025

https://github.com/xiphosresearch/exploits

Miscellaneous exploit code

bypass exploits hacking php poc python rce security tr-064 windows

Last synced: 03 Nov 2024

https://github.com/google/osv.dev

Open source vulnerability DB and triage service.

security security-tools vulnerability vulnerability-databases vulnerability-management vulnerability-scanners

Last synced: 07 Jan 2025

https://github.com/GitGuardian/ggshield

Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

apikey code credentials devsecops iac iac-security infrastructure-as-code key leak precommit scanning secrets-detection secrets-management security

Last synced: 28 Oct 2024

https://github.com/utkusen/urlhunter

a recon tool that allows searching on URLs that are exposed via shortener services

bugbounty intelligence osint recon security

Last synced: 05 Jan 2025

https://github.com/stuxnet999/MemLabs

Educational, CTF-styled labs for individuals interested in Memory Forensics

ctf ctf-challenges cybersecurity dfir digital-forensics forensics memory-forensics security windows

Last synced: 07 Nov 2024

https://github.com/krol3/container-security-checklist

Checklist for container security - devsecops practices

containers devsecops security

Last synced: 28 Nov 2024

https://github.com/duendesoftware/products

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

aspnetcore identity oauth oidc openid-connect security

Last synced: 09 Jan 2025

https://github.com/ninoseki/mitaka

A browser extension for OSINT search

chrome-extension osint security threat-intelligence

Last synced: 09 Jan 2025

https://github.com/DuendeSoftware/products

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

aspnetcore identity oauth oidc openid-connect security

Last synced: 27 Dec 2024

https://github.com/hashpals/name-that-hash

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

ctf ctf-tools cyber hacking hackthebox hacktoberfest hash hashing infosec python security tool tryhackme

Last synced: 05 Jan 2025

https://github.com/veo/vscan

开源、轻量、快速、跨平台的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

0day brute fingerprint fuzzing portscan redteam security

Last synced: 04 Jan 2025

https://github.com/GoSecure/pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

hacktoberfest honeypot mitm pentest pyrdp rdp security

Last synced: 25 Oct 2024

https://github.com/XiphosResearch/exploits

Miscellaneous exploit code

bypass exploits hacking php poc python rce security tr-064 windows

Last synced: 25 Oct 2024

https://github.com/w5teams/w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

automation devops hack hacker hacking python-script python3 security security-audit security-automation security-tools shuffle soar tools w5 w5soar walkoff

Last synced: 05 Jan 2025

https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

damn-vulnerable damn-vulnerable-web-application exploitation graphql graphql-security penetration-testing security vulnerability

Last synced: 05 Nov 2024

https://github.com/matanolabs/matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

alerting apache-iceberg aws aws-security big-data cloud cloud-native cloud-security cybersecurity detection-engineering dfir log-analytics log-management rust secops security security-tools serverless siem threat-hunting

Last synced: 09 Jan 2025

https://github.com/kubearmor/kubearmor

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

bpf containers ebpf hacktoberfest kernel kubernetes lsm policy sandbox security system tool

Last synced: 07 Jan 2025

https://github.com/kubearmor/KubeArmor

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

bpf containers ebpf hacktoberfest kernel kubernetes lsm policy sandbox security system tool

Last synced: 05 Nov 2024

https://github.com/psecio/iniscan

A php.ini scanner for best security practices

configuration ini php scanner security

Last synced: 09 Jan 2025

https://github.com/0vercl0k/wtf

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).

bochs bochscpu code-coverage fuzz-testing fuzzer fuzzing kvm-api security snapshot-fuzzer testing winhv

Last synced: 09 Jan 2025

https://github.com/openvpn/openvpn-gui

OpenVPN GUI is a graphical frontend for OpenVPN running on Windows 7 / 8 / 10. It creates an icon in the notification area from which you can control OpenVPN to start/stop your VPN tunnels, view the log and do other useful things.

security vpn-client

Last synced: 09 Jan 2025

https://github.com/fullstackproltd/aspnetcorespa

Asp.Net 7.0 & Angular 15 SPA Fullstack application with plenty of examples. Live demo:

angular angular-cli aspnetcore aspnetcorespa best-practices compodoc efcore globalization identityserver4 security spa typescript unit-testing

Last synced: 04 Jan 2025

https://github.com/v-byte-cpu/sx

:vulcan_salute: Fast, modern, easy-to-use network scanner

arp docker go icmp infosec ipv4 lan network pentest proxy recon scan scanner security socks socks5 syn tcp udp wan

Last synced: 04 Jan 2025

https://github.com/HashPals/Name-That-Hash

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

ctf ctf-tools cyber hacking hackthebox hacktoberfest hash hashing infosec python security tool tryhackme