Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2025-01-08 00:23:07 UTC
- JSON Representation
https://github.com/alisamtechnology/atscan
Advanced dork Search & Mass Exploit Scanner
data dork engine exploitation lfi linux mass-exploitation-scanner ports portscan rfi scanner security server shell sqli system tools vulnerability-scanners web-application xss
Last synced: 09 Jan 2025
https://github.com/lunasec-io/lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
compliance continuous-delivery cve-scanning cybersecurity dependency-analysis devsecops gdpr log4shell pci-dss sbom sbom-generator scanning scanning-tool security security-tools soc2 software-composition-analysis tokenization web-security zero-trust
Last synced: 03 Jan 2025
https://github.com/IBM/fhe-toolkit-linux
IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.
crypto cryptography encryption encryption-algorithms encryption-decryption ibm research research-tool security security-tools
Last synced: 07 Nov 2024
https://github.com/ibm/fhe-toolkit-linux
IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.
crypto cryptography encryption encryption-algorithms encryption-decryption ibm research research-tool security security-tools
Last synced: 25 Sep 2024
https://github.com/jweny/pocassist
傻瓜式漏洞PoC测试框架
cve penetration-testing-poc poc pocassist security security-tools vulnerability vulnerability-scanners
Last synced: 30 Sep 2024
https://github.com/das-labor/panopticon
A libre cross-platform disassembler.
disassembler qml reverse-engineering rust security static-analysis
Last synced: 03 Jan 2025
https://github.com/capitalone/DataProfiler
What's in your data? Extract schema, statistics and entities from datasets
avro csv data-analysis data-labels data-science dataprofiling dataset gdpr graph-data machine-learning network-data nlp npi pandas pii privacy python security sensitive-data tabular-data
Last synced: 03 Nov 2024
https://github.com/elementor/wp2static
WordPress static site generator for security, performance and cost benefits
github-page netlify security static-site-generator wordpress wordpress-plugin
Last synced: 09 Jan 2025
https://github.com/ztgrace/changeme
A default credential scanner.
default-creds infosec penetration-testing python security security-scanner security-tools
Last synced: 03 Nov 2024
https://github.com/airbnb/binaryalert
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
aws lambda malware-detection security serverless terraform yara
Last synced: 04 Jan 2025
https://github.com/AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
data dork engine exploitation lfi linux mass-exploitation-scanner ports portscan rfi scanner security server shell sqli system tools vulnerability-scanners web-application xss
Last synced: 30 Oct 2024
https://google.github.io/osv.dev/
Open source vulnerability DB and triage service.
security security-tools vulnerability vulnerability-databases vulnerability-management vulnerability-scanners
Last synced: 01 Oct 2024
https://github.com/BishopFox/jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Last synced: 16 Nov 2024
https://github.com/0xhjk/dumpall
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
bug-bounty dumpall githack hacking pentesting python3 scanner security spider svn tools
Last synced: 03 Jan 2025
https://github.com/syss-research/seth
Perform a MitM attack and extract clear text credentials from RDP connections
arp-spoofing mitm proof-of-concept rdp security
Last synced: 05 Jan 2025
https://github.com/gobysec/Goby
Attack surface mapping
cve cve-2023-22527 cve-2024-0204 cve-2024-20931 cve-2024-21887 cve-2024-21893 cve-2024-23897 cve-2024-25600 exp exploit hacking networking pentesting portscanning proxyshell red-team scan-tool security security-tools vulnerability-research
Last synced: 05 Nov 2024
https://github.com/gobysec/goby
Attack surface mapping
cve cve-2023-22527 cve-2024-0204 cve-2024-20931 cve-2024-21887 cve-2024-21893 cve-2024-23897 cve-2024-25600 exp exploit hacking networking pentesting portscanning proxyshell red-team scan-tool security security-tools vulnerability-research
Last synced: 30 Nov 2024
https://github.com/ehmicky/cross-platform-node-guide
📗 How to write cross-platform Node.js code
api cli code-quality cross-platform documentation encoding es6 javascript linux macos nodejs operating-system os portability security server shell terminal unix windows
Last synced: 09 Jan 2025
https://github.com/stamusnetworks/selks
A Suricata based IDS/IPS/NSM distro
distribution gui ids ips linux management monitoring network network-intrusion-detection network-security security security-monitoring suricata threat-hunting user-interface
Last synced: 03 Nov 2024
https://github.com/SySS-Research/Seth
Perform a MitM attack and extract clear text credentials from RDP connections
arp-spoofing mitm proof-of-concept rdp security
Last synced: 06 Nov 2024
https://github.com/StamusNetworks/SELKS
A Suricata based IDS/IPS/NSM distro
distribution gui ids ips linux management monitoring network network-intrusion-detection network-security security security-monitoring suricata threat-hunting user-interface
Last synced: 02 Nov 2024
https://github.com/felixgr/secure-ios-app-dev
Collection of the most common vulnerabilities found in iOS applications
ios security security-audit vulnerability-assessment
Last synced: 30 Nov 2024
https://github.com/advboxes/advbox
Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
adversarial-attacks adversarial-example adversarial-examples deep-learning deepfool fgsm graphpipe machine-learning onnx paddlepaddle security
Last synced: 04 Jan 2025
https://github.com/trickest/wordlists
Real-world infosec wordlists, updated regularly
bugbounty content-discovery directory-bruteforce hacking infosec penetration-testing pentesting reconnaissance security wordlist wordlist-generator wordlists wordlists-dictionary-collection
Last synced: 04 Dec 2024
https://github.com/ge0rg3/requests-ip-rotator
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
apigateway aws bugbounty bypass hacktoberfest ip networking security security-tools web-security
Last synced: 10 Jan 2025
https://github.com/infrahq/infra
Infra provides authentication and access management to servers and Kubernetes clusters.
access go golang iam identity infra infrastructure kubernetes login oidc security
Last synced: 09 Jan 2025
https://github.com/0xHJK/dumpall
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
bug-bounty dumpall githack hacking pentesting python3 scanner security spider svn tools
Last synced: 03 Nov 2024
https://github.com/konstruktoid/hardening
Hardening Ubuntu. Systemd edition.
hacktoberfest hardening information-security security security-automation security-compliance security-hardening security-tools shell systemd ubuntu ubuntu-server
Last synced: 09 Jan 2025
https://github.com/pcaversaccio/reentrancy-attacks
A chronological and (hopefully) complete list of reentrancy attacks to date.
ethereum exploit reentrancy security smart-contracts solidity
Last synced: 10 Jan 2025
https://github.com/euphrat1ca/security-list
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
Last synced: 04 Dec 2024
https://github.com/euphrat1ca/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
Last synced: 03 Nov 2024
https://github.com/cossacklabs/acra
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
crypto cryptography database-proxy databases django encryption encryption-server golang honeypot intrusion-detection php python3 security
Last synced: 07 Jan 2025
https://github.com/advboxes/AdvBox
Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
adversarial-attacks adversarial-example adversarial-examples deep-learning deepfool fgsm graphpipe machine-learning onnx paddlepaddle security
Last synced: 27 Oct 2024
https://github.com/attify/firmware-analysis-toolkit
Toolkit to emulate firmware and analyse it for security vulnerabilities
binary-analysis firmware firmware-analysis firmware-security firmware-tools iot iot-security iot-security-tools reverse-engineering security vulnerability-scanner
Last synced: 09 Jan 2025
https://github.com/intrigueio/intrigue-core
Discover Your Attack Surface!
attack-surface discovery information-gathering intelligence-gathering intrigue osint penetration-testing reconnaissance security security-scanner vulnerability-scanners
Last synced: 05 Jan 2025
https://github.com/theresafewconors/sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
analysis analysts automation cybersecurity dns hash phishing proofpoint-decoder python reputation-check security security-automation soc soc-analysts urlscan workflow
Last synced: 09 Jan 2025
https://github.com/libressl/portable
LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome.
c cryptography libressl openbsd openssl security ssl tls
Last synced: 09 Jan 2025
https://github.com/eliotsykes/rails-security-checklist
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
checklist rails rails-security rails-security-checklist ruby-on-rails security security-audit security-hardening
Last synced: 05 Jan 2025
https://github.com/cr0hn/dockerscan
Docker security analysis & hacking tools
docker docker-registry hacking registry scan security
Last synced: 04 Jan 2025
https://github.com/mufeedvh/moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
cve exploit exploitation infosec infosectools linux privilege-escalation red-teaming redteam redteam-tools security security-tools
Last synced: 05 Jan 2025
https://github.com/ssh-mitm/ssh-mitm
SSH-MITM - ssh audits made simple
mitm mitm-attacks mitm-server mitmproxy proxy scp security security-audit security-tools sftp ssh ssh-client ssh-mitm ssh-server
Last synced: 08 Jan 2025
https://aquasecurity.github.io/starboard/
Moved to https://github.com/aquasecurity/trivy-operator
cloud-native custom-resource-definition kubernetes security starboard
Last synced: 14 Nov 2024
https://github.com/aquasecurity/starboard
Moved to https://github.com/aquasecurity/trivy-operator
cloud-native custom-resource-definition kubernetes security starboard
Last synced: 07 Jan 2025
https://github.com/scipag/hardeningkitty
HardeningKitty - Checks and hardens your Windows configuration
audit blueteam checklist defense hardening powershell registry security windows windows-10 windows-server
Last synced: 04 Jan 2025
https://github.com/openclarity/openclarity
OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
cloud exploits kubernetes leaked-secrets malware rootkits sbom scanner security supply-chain virtual-machine vulnerabilities
Last synced: 10 Jan 2025
https://github.com/jeffzh3ng/fuxi
Penetration Testing Platform
penetration-testing pentest-tool security vulnerability
Last synced: 05 Jan 2025
https://github.com/TheresAFewConors/Sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
analysis analysts automation cybersecurity dns hash phishing proofpoint-decoder python reputation-check security security-automation soc soc-analysts urlscan workflow
Last synced: 26 Sep 2024
https://github.com/Ge0rg3/requests-ip-rotator
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
apigateway aws bugbounty bypass hacktoberfest ip networking security security-tools web-security
Last synced: 07 Nov 2024
https://github.com/withsecurelabs/needle
The iOS Security Testing Framework
ios mobile needle pentesting python security
Last synced: 05 Jan 2025
https://github.com/FSecureLABS/needle
The iOS Security Testing Framework
ios mobile needle pentesting python security
Last synced: 08 Dec 2024
https://github.com/grapheneos/hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
grapheneos hardening malloc malloc-library memory memory-allocation memory-allocator quarantine security slab-allocator
Last synced: 09 Jan 2025
https://github.com/tnballo/high-assurance-rust
A free book about developing secure and robust systems software.
book reliability rust security systems-programming
Last synced: 04 Jan 2025
https://github.com/WithSecureLabs/needle
The iOS Security Testing Framework
ios mobile needle pentesting python security
Last synced: 29 Oct 2024
https://github.com/bert-janp/hunting-queries-detection-rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
azure blueteam cybersecurity defender-for-endpoint dfir infosec kql mde mdi misp security sentinel threat-hunting vulnerability-management zero-day
Last synced: 10 Jan 2025
https://github.com/borealisai/advertorch
A Toolbox for Adversarial Robustness Research
adversarial-attacks adversarial-example adversarial-examples adversarial-learning adversarial-machine-learning adversarial-perturbations benchmarking machine-learning pytorch robustness security toolbox
Last synced: 10 Jan 2025
https://github.com/tailcallhq/tailcall
High Performance GraphQL Runtime
api-gateway backend-for-frontend battle-tested cloud-native extendable graphql graphql-api graphql-server io-efficiency microservices open-source orchestration performance protocol-agnostic proxy resiliency runtime-tuning seamless-devx security
Last synced: 07 Jan 2025
https://github.com/bit4woo/python_sec
python安全和代码审计相关资料收集 resource collection of python security and code review
code-review dangerous-python-functions django python python-django python-security security
Last synced: 06 Jan 2025
https://github.com/cyfrin/security-and-auditing-full-course-s23
The ultimate, most advanced, security, DeFi, assembly, web3 auditor course ever created.
cryptocurrency ethereum security smart-contract-audit solidity
Last synced: 10 Jan 2025
https://github.com/guacsec/guac
GUAC aggregates software security metadata into a high fidelity graph database.
security software-supply-chain software-supply-chain-security supply-chain supply-chain-analytics supply-chain-security supply-chain-visibility
Last synced: 09 Jan 2025
https://github.com/wellyshen/react-cool-starter
😎 🐣 A starter boilerplate for a universal web app with the best development experience and a focus on performance and best practices.
boilerplate code-splitting css-modules es6 express jest performance react react-hooks react-router redux redux-toolkit security server-side-rendering starter testing-library-react typescript unit-testing universal webpack
Last synced: 03 Jan 2025
https://github.com/circl/ail-framework
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
ail-framework analysis data-mining information-leak information-security leak privacy security security-incidents
Last synced: 09 Jan 2025
https://github.com/susam/mintotp
Minimal TOTP generator in 20 lines of Python
2fa cryptography hotp minimalist python3 security totp
Last synced: 30 Oct 2024
https://github.com/BorealisAI/advertorch
A Toolbox for Adversarial Robustness Research
adversarial-attacks adversarial-example adversarial-examples adversarial-learning adversarial-machine-learning adversarial-perturbations benchmarking machine-learning pytorch robustness security toolbox
Last synced: 30 Oct 2024
https://github.com/CIRCL/AIL-framework
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
ail-framework analysis data-mining information-leak information-security leak privacy security security-incidents
Last synced: 08 Nov 2024
https://github.com/scipag/HardeningKitty
HardeningKitty - Checks and hardens your Windows configuration
audit blueteam checklist defense hardening powershell registry security windows windows-10 windows-server
Last synced: 06 Nov 2024
https://github.com/GrapheneOS/hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
grapheneos hardening malloc malloc-library memory memory-allocation memory-allocator quarantine security slab-allocator
Last synced: 14 Nov 2024
https://github.com/infobyte/evilgrade
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
evilgrade fake mitm payload penetration pentest security update
Last synced: 05 Jan 2025
https://github.com/Qianlitp/WatchAD
AD Security Intrusion Detection System
active-directory blue-team defcon27 event-log intrusion-detection-system kerberos ntlm python3 security watchad
Last synced: 03 Nov 2024
https://github.com/tmobile/pacbot
PacBot (Policy as Code Bot)
angularjs aws aws-security cloud cloud-auditing cloud-compliance-reporting cloud-native cloud-security continous-compliance java policy-as-code security security-automation spring-boot
Last synced: 04 Jan 2025
https://github.com/open-source-labs/Spearmint
Testing, simplified. || An inclusive, accessibility-first GUI for generating clean, semantic Javascript tests in only a few clicks of a button.
accessibility axe-core darkmode electron endpoint-testing enzyme hooks jest open-source puppeteer react security test-driven-development testing testing-tools vue web-accessibility
Last synced: 23 Oct 2024
https://github.com/aws-cloudformation/cloudformation-guard
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0
cfn-guard cloudformation compliance governance k8s policy-as-code policy-rule-evaluation security terraform
Last synced: 07 Jan 2025
https://github.com/takescoop/swiftyrsa
RSA public/private key encryption in Swift
encryption ios mobile rsa security swift tvos watchos
Last synced: 08 Jan 2025
https://github.com/qianlitp/watchad
AD Security Intrusion Detection System
active-directory blue-team defcon27 event-log intrusion-detection-system kerberos ntlm python3 security watchad
Last synced: 25 Sep 2024
https://github.com/open-source-labs/spearmint
Testing, simplified. || An inclusive, accessibility-first GUI for generating clean, semantic Javascript tests in only a few clicks of a button.
accessibility axe-core darkmode electron endpoint-testing enzyme hooks jest open-source puppeteer react security test-driven-development testing testing-tools vue web-accessibility
Last synced: 10 Jan 2025
https://github.com/netflix/hubcommander
A Slack bot for GitHub organization management -- and other things too
bot chatops github privileges python security slack slack-bot travis-ci
Last synced: 05 Jan 2025
https://github.com/Netflix/hubcommander
A Slack bot for GitHub organization management -- and other things too
bot chatops github privileges python security slack slack-bot travis-ci
Last synced: 04 Nov 2024
https://github.com/globaleaks/globaleaks-whistleblowing-software
GlobaLeaks is a free and open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
accessibility angular anonymity anticorruption bootstrap debian digital-human-rights digital-public-goods dompurify free-software libsodium open-source privacy python security sqlalchemy tor twisted typescript whistleblowing
Last synced: 09 Jan 2025
https://github.com/j3ssie/metabigor
OSINT tools and more but without API key
asn bug-bounty bugbounty bugbounty-tools bugbountytips infosec ip-osint ip-range osint pentesting recon reconnaissance security security-tools subdomain subdomains
Last synced: 04 Jan 2025
https://github.com/TakeScoop/SwiftyRSA
RSA public/private key encryption in Swift
encryption ios mobile rsa security swift tvos watchos
Last synced: 06 Dec 2024
https://github.com/FeeiCN/SecurityInterviewGuide
网络信息安全从业者面试指南
cybersecurity cybersecurity-training interview interview-practice interview-questions security
Last synced: 18 Nov 2024
https://github.com/feeicn/securityinterviewguide
网络信息安全从业者面试指南
cybersecurity cybersecurity-training interview interview-practice interview-questions security
Last synced: 25 Sep 2024
https://github.com/yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
dfir digital-forensics forensic-analysis graph incident-response security threat-hunting
Last synced: 04 Jan 2025
https://github.com/cisagov/log4j-scanner
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
cve-2021-44228 cve-2021-45046 log4j security security-tools
Last synced: 26 Sep 2024
https://github.com/fkie-cad/fact_core
Firmware Analysis and Comparison Tool
firmware-analysis firmware-tools security security-automation
Last synced: 09 Jan 2025
https://github.com/miguelgrinberg/flask-httpauth
Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes
authentication flask flask-httpauth python security tokens
Last synced: 07 Jan 2025
https://github.com/mushorg/conpot
ICS/SCADA honeypot
hacktoberfest honeypot ics python scada security
Last synced: 09 Jan 2025
https://github.com/webpwnized/mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
10 application appsec cybersecurity owasp owasp-top-10 penetration-testing security top training web
Last synced: 09 Jan 2025
https://github.com/dockovpn/dockovpn
🔐 Out of the box stateless openvpn-server docker image which starts in less than 2 seconds
docker docker-image inmemory openvpn openvpn-server out-of-the-box security stateless vpn vpn-server
Last synced: 09 Jan 2025
https://github.com/stelligent/cfn_nag
Linting tool for CloudFormation templates
amazon aws cfn cfn-nag cloudformation cloudformation-security cloudformation-templates compliance continuous-testing devops hacktoberfest iam-rules lint linting open-source security security-automation static-analysis stelligent unit-testing
Last synced: 07 Jan 2025
