Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2025-01-22 00:28:11 UTC
- JSON Representation
https://github.com/google/fuzzbench
FuzzBench - Fuzzer benchmarking as a service.
benchmark-framework benchmarking evaluation fuzzing security
Last synced: 16 Jan 2025
https://github.com/beerisgood/Windows11_Hardening
a collection about Windows 11
defender-application-guard defender-credential-guard hardening microsoft security security-hardening windows windows-defender windows10 windows11
Last synced: 19 Nov 2024
https://github.com/jxy-s/herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
antivirus antivirus-evasion exploit exploit-development exploit-framework exploitation exploits process-doppelganging process-herpaderping process-hollowing process-migration security security-vulnerability vulnerability windows windows-10 windows-7 windows-defender
Last synced: 19 Jan 2025
https://github.com/masatokinugawa/filterbypass
Browser's XSS Filter Bypass Cheat Sheet
cheatsheet pentest security xss
Last synced: 30 Nov 2024
https://github.com/alichtman/stronghold
Easily configure macOS security settings from the terminal.
command-line command-line-tool hardening macos macos-setup osx security security-hardening
Last synced: 18 Jan 2025
https://github.com/uber-common/metta
An information security preparedness tool to do adversarial simulation.
adversarial celery infosec network networking python redis security simulation uber vagrant virtualbox yaml
Last synced: 22 Jan 2025
https://github.com/seashell/drago
☁️ Securely connect anything with WireGuard® and manage all your networks from a single place.
api client-server cloud configuration edge-computing golang iot linux mesh-networks networking rest-api security tunneling tuntap ui vpn wg-quick wireguard
Last synced: 20 Jan 2025
https://github.com/kolide/fleet
A flexible control server for osquery fleets
hacktoberfest host-instrumentation infosec macadmin osquery security
Last synced: 18 Jan 2025
https://github.com/hausec/PowerZure
PowerShell framework to assess Azure security
azure infosec powershell security windows
Last synced: 08 Nov 2024
https://github.com/p3gleg/whaler
Program to reverse Docker images into Dockerfiles
docker-image docker-security dockerfile passwords reverse-engineering secrets security security-tools
Last synced: 20 Jan 2025
https://github.com/cryptocat/cryptocat
Secure chat software for your computer.
chat cryptocat cryptography messaging secure security
Last synced: 20 Jan 2025
https://github.com/blacklanternsecurity/TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
365 autodiscover email exchange hacking microsoft oauth office password passwords proxy python security socks spray spraying trevor
Last synced: 18 Jan 2025
https://github.com/blacklanternsecurity/trevorspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
365 autodiscover email exchange hacking microsoft oauth office password passwords proxy python security socks spray spraying trevor
Last synced: 15 Jan 2025
https://github.com/delight-im/php-auth
Authentication for PHP. Simple, lightweight and secure.
auth authentication authorization login php registration security
Last synced: 16 Jan 2025
https://github.com/Netflix/repokid
AWS Least Privilege for Distributed, High-Velocity Deployment
Last synced: 24 Oct 2024
https://github.com/nccgroup/featherduster
An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
cryptanalysis crypto cryptography encryption exploit exploitation exploitation-framework exploits python security
Last synced: 22 Jan 2025
https://github.com/nascentxyz/simple-security-toolkit
A collection of practical security-focused guides and checklists for smart contract development
crypto security security-tools smart-contracts solidity
Last synced: 19 Jan 2025
https://github.com/XmirrorSecurity/OpenSCA-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities
Last synced: 11 Nov 2024
https://github.com/nikitastupin/clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
bug-bounty graphql penetration-testing security
Last synced: 16 Jan 2025
https://github.com/robthree/twofactorauth
PHP library for Two Factor Authentication (TFA / 2FA)
multi-factor php qrcode security totp two-factor twofactorauth
Last synced: 14 Jan 2025
https://github.com/cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent c2 command-and-control containers golang http2 kubernetes penetration-testing-framework penetration-testing-tools post-exploitation red-teams redteam-tools security security-tools
Last synced: 18 Jan 2025
https://github.com/iamcryptoki/snowden-archive
💥 A collection of all documents leaked by former NSA contractor and whistleblower Edward Snowden.
edward-snowden nsa security sidtoday snowden snowden-archive surveillance whistleblowing
Last synced: 03 Dec 2024
https://github.com/gorilla/csrf
Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒
csrf csrf-protection csrf-tokens go golang gorilla gorilla-web-toolkit middleware security xsrf
Last synced: 16 Jan 2025
https://github.com/USBGuard/usbguard
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
blacklist c-plus-plus hacktoberfest linux rule-language security security-hardening usb usb-devices whitelist
Last synced: 26 Oct 2024
https://github.com/athena-os/athena
Athena OS is a Arch/Nix-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!
archlinux cybersecurity hacking learning linux os payload pentesting security security-tools
Last synced: 17 Jan 2025
https://github.com/brainfucksec/kalitorify
Transparent proxy through Tor for Kali Linux OS
bash-script iptables kali-linux kalitorify security tor tor-proxy transparent-proxy
Last synced: 19 Jan 2025
https://github.com/decalage2/vipermonkey
A VBA parser and emulation engine to analyze malicious macros.
emulation macros malware-analysis parser pyparsing python security vba
Last synced: 17 Jan 2025
https://github.com/lmammino/jwt-cracker
Simple HS256, HS384 & HS512 JWT token brute force cracker.
alphabet brute-force brute-force-attacks bruteforce command command-line cracker javascript jwt jwt-cracker nodejs secrets security
Last synced: 16 Jan 2025
https://github.com/P3GLEG/Whaler
Program to reverse Docker images into Dockerfiles
docker-image docker-security dockerfile passwords reverse-engineering secrets security security-tools
Last synced: 26 Oct 2024
https://github.com/decalage2/ViperMonkey
A VBA parser and emulation engine to analyze malicious macros.
emulation macros malware-analysis parser pyparsing python security vba
Last synced: 29 Dec 2024
https://github.com/WyAtu/Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
pentest-tool pentesting redteam scanner security security-tool vulnerability-scanners
Last synced: 19 Nov 2024
https://github.com/wyatu/perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
pentest-tool pentesting redteam scanner security security-tool vulnerability-scanners
Last synced: 03 Nov 2024
https://github.com/MegaManSec/SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm
Last synced: 07 Nov 2024
https://github.com/megamansec/ssh-snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm
Last synced: 20 Jan 2025
https://google.github.io/fuzzbench/
FuzzBench - Fuzzer benchmarking as a service.
benchmark-framework benchmarking evaluation fuzzing security
Last synced: 02 Nov 2024
https://github.com/Jon-Becker/heimdall-rs
Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts.
cfg decoder decompiler disassembler eth ethereum evm rust security solidity toolkit yul
Last synced: 29 Oct 2024
https://github.com/wireghoul/htshells
Self contained htaccess shells and attacks
apache exploit htaccess penetration-testing polyglot security webshell
Last synced: 20 Jan 2025
https://github.com/utkusen/wholeaked
a file-sharing tool that allows you to find the responsible person in case of a leakage
file-sharing osint privacy privacy-tools security
Last synced: 22 Jan 2025
https://github.com/delight-im/PHP-Auth
Authentication for PHP. Simple, lightweight and secure.
auth authentication authorization login php registration security
Last synced: 26 Oct 2024
https://github.com/Gorilla/csrf
Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒
csrf csrf-protection csrf-tokens go golang gorilla gorilla-web-toolkit middleware security xsrf
Last synced: 24 Oct 2024
https://github.com/brainfuckSec/kalitorify
Transparent proxy through Tor for Kali Linux OS
bash-script iptables kali-linux kalitorify security tor tor-proxy transparent-proxy
Last synced: 16 Nov 2024
https://github.com/koutto/jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
automation automation-framework docker exploiting-vulnerabilities framework hacking hacking-tool network pentest scan-tool scanner security security-audit security-tools toolbox toolbox-management vulnerability-scanners web-hacking
Last synced: 17 Jan 2025
https://github.com/netflix-skunkworks/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
Last synced: 17 Jan 2025
https://github.com/Athena-OS/athena
Athena OS is a Arch/Nix-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!
archlinux cybersecurity hacking learning linux os payload pentesting security security-tools
Last synced: 25 Oct 2024
https://github.com/GreenmaskIO/greenmask
PostgreSQL database anonymization and synthetic data generation tool
anonymization deterministic dump golang masking obfuscation obfuscator postgresql restore s3 security security-tools staging synthetic-data transform
Last synced: 05 Nov 2024
https://github.com/Netflix-Skunkworks/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
Last synced: 28 Oct 2024
https://github.com/ansjdnakjdnajkd/iOS
Most usable tools for iOS penetration testing
apple cheatsheet frida ghidra information-security information-security-research infosec ios jailbreak keychain macos objection objective-c pentest research security security-tools slides swift tools
Last synced: 19 Nov 2024
https://github.com/duo-labs/webauthn
WebAuthn (FIDO2) server library written in Go
authentication fido2 security u2f webauthn webauthn-library
Last synced: 18 Jan 2025
https://github.com/akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
api-discovery api-security api-security-testing api-testing authentication authorization devsecops devsecops-pipeline hacktoberfest hacktoberfest2023 idor owasp-top-10 security security-testing sensitive-data-exposure threat-detection
Last synced: 02 Nov 2024
https://github.com/RobThree/TwoFactorAuth
PHP library for Two Factor Authentication (TFA / 2FA)
multi-factor php qrcode security totp two-factor twofactorauth
Last synced: 25 Oct 2024
https://github.com/rastating/wordpress-exploit-framework
A Ruby framework designed to aid in the penetration testing of WordPress systems.
exploits security security-audit wordpress wordpress-exploit-framework
Last synced: 19 Jan 2025
https://github.com/mufeedvh/binserve
A fast production-ready static web server with TLS (HTTPS), routing, hot reloading, caching, templating, and security in a single-binary you can set up with zero code.
actix handlebars http http-server rust rust-lang secure security server static static-server static-site static-site-generator static-website web web-server webserver
Last synced: 19 Jan 2025
https://github.com/xmirrorsecurity/opensca-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities
Last synced: 17 Jan 2025
https://github.com/ZoneMinder/zmninja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 01 Nov 2024
https://github.com/zoneminder/zmninja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 16 Jan 2025
https://github.com/brucewind/aesjniencrypt
🛡 Make safest code in Android. (基于libsodium实现chacha20算法,key在native中,防止被二次打包){长期维护,请star,勿fork}
aes android chacha-poly1305 chacha20 chacha20-poly1305 cmake decryption encryption libsodium ndk obfuscator security signature-verification
Last synced: 20 Jan 2025
https://github.com/rhaidiz/broxy
An HTTP/HTTPS intercept proxy written in Go.
broxy go golang hacking http-interceptor http-proxy http-security interceptor penetration-testing penetration-testing-tools proxy qt-wrapper qt5-gui security wapt websecurity
Last synced: 15 Jan 2025
https://github.com/wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
fuzzer penetration-testing perl security traversal
Last synced: 20 Jan 2025
https://github.com/BruceWind/AESJniEncrypt
🛡 Make safest code in Android. (基于libsodium实现chacha20算法,key在native中,防止被二次打包){长期维护,请star,勿fork}
aes android chacha-poly1305 chacha20 chacha20-poly1305 cmake decryption encryption libsodium ndk obfuscator security signature-verification
Last synced: 30 Oct 2024
https://github.com/OpenVPN/openvpn3
OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.
Last synced: 19 Nov 2024
https://github.com/project-copacetic/copacetic
🧵 CLI tool for directly patching container images!
cncf compliance container-image container-security containers devsecops docker hacktoberfest patching security security-tools trivy vulnerabilities vulnerability vulnerability-management
Last synced: 02 Nov 2024
https://github.com/netflix-skunkworks/sketchy
A task based API for taking screenshots and scraping text from websites.
Last synced: 20 Jan 2025
https://github.com/Netflix-Skunkworks/sketchy
A task based API for taking screenshots and scraping text from websites.
Last synced: 26 Oct 2024
https://github.com/openvpn/openvpn3
OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.
Last synced: 24 Oct 2024
https://github.com/ansjdnakjdnajkd/ios
Most usable tools for iOS penetration testing
apple cheatsheet frida ghidra information-security information-security-research infosec ios jailbreak keychain macos objection objective-c pentest research security security-tools slides swift tools
Last synced: 03 Nov 2024
https://github.com/bareos/bareos
Bareos is a cross-network Open Source backup solution (licensed under AGPLv3) which preserves, archives, and recovers data from all major operating systems.
archiving backup backup-solution backup-utility bareos ceph compression cross-platform disaster-recovery encrypt gluster mysql postgresql python recover restore s3 security vmware
Last synced: 22 Jan 2025
https://github.com/google-github-actions/auth
A GitHub Action for authenticating to Google Cloud.
actions authentication gcp github-actions google-cloud google-cloud-platform iam identity security
Last synced: 21 Jan 2025
https://github.com/burghardt/easy-wg-quick
Creates Wireguard configuration for hub and peers with ease
config configuration encryption generator ipv6 privacy qrcode security self-hosted vpn vpn-server wg-quick wireguard
Last synced: 06 Nov 2024
https://github.com/vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
aks automation aws azure container-security containers devops docker docker-security eks gke informationsecurity infosec kubernetes kubernetes-security security security-audit security-tools
Last synced: 01 Nov 2024
https://github.com/yassineaboukir/sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
bug-bounty certificate-transparency certificate-transparency-logs hacking information-gathering monitoring-tool penetration-testing pentest python reconnaissance security sublert
Last synced: 03 Nov 2024
https://github.com/fuatakgun/eufy_security
Home Assistant integration to manage Eufy Security devices as cameras, home base stations, doorbells, motion and contact sensors.
camera eufy eufycam eufysecurity home-assistant homeassistant homeassistant-integration rtsp security
Last synced: 17 Jan 2025
https://github.com/virb3/magisk-frida
🔐 Run frida-server on boot with Magisk, always up-to-date
android exploitation frida magisk reverse-engineering root security
Last synced: 17 Jan 2025
https://github.com/alcideio/rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
access-control acl authorization cluster k8s-cluster krew-plugin kubectl kubectl-plugin kubernetes kubernetes-api kubernetes-rbac least-privilege permissions podsecuritypolicies rapid7 rbac security who-can whoami
Last synced: 19 Jan 2025
https://github.com/wssheldon/osintui
OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys
analysis osint rust security shodan threatintel tui virustotal
Last synced: 06 Nov 2024
https://github.com/ffffffff0x/aboutsecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
bounty bypass cheatsheet ctf dictionary ffffffff0x fuzz hacking infosec infrastructure methodology payload penetration-testing pentest pentesting redteam security
Last synced: 13 Jan 2025
https://github.com/edoardottt/scilla
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
bugbounty directories-enumeration dns-enumeration enumeration hacking hacking-tool hacktoberfest information-gathering information-retrieval network penetration-testing pentesting port-enumeration portscanner recon reconnaissance security security-tools subdomain-scanner subdomains-enumeration
Last synced: 17 Jan 2025
https://github.com/chybeta/code-audit-challenges
Code-Audit-Challenges
audit-challenges ctf nodejs php python security sql waf
Last synced: 15 Jan 2025
https://github.com/TryCatchHCF/DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools
Last synced: 30 Oct 2024
https://github.com/ajinabraham/cmsscan
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
automation devsecops drupal joomla security security-dashboard vbulletin wordpress
Last synced: 22 Jan 2025
https://github.com/nix-community/lanzaboote
Secure Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]
efi nix nix-community-buildbot nixos nixpkgs rust security uefi
Last synced: 16 Jan 2025
https://github.com/efforg/crocodilehunter
Taking one back for Steve Irwin (๑•̀ㅂ•́)و
4g bladerf imsi-catcher imsi-catchers libbladerf lte raspberry-pi security usrp wigle
Last synced: 22 Jan 2025
https://github.com/pypa/pip-audit
Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
pip python security security-audit supply-chain
Last synced: 29 Oct 2024
https://github.com/angelkitty/review_the_national_post-graduate_entrance_examination
🌟复习考研的那些事儿(清华912考研)~~
912 acm algorithm ctf kaoyan oi security tsinghua-university ucore
Last synced: 15 Jan 2025
https://github.com/CHYbeta/Code-Audit-Challenges
Code-Audit-Challenges
audit-challenges ctf nodejs php python security sql waf
Last synced: 25 Oct 2024
https://github.com/ZoneMinder/zmNinja
High performance, cross platform ionic app for Home/Commerical Security Surveillance using ZoneMinder
angularjs cctv desktop-app dvr home ionic iot javascript machine-learning mobile-app nvr security video zmninja zoneminder
Last synced: 25 Oct 2024
https://github.com/aserto-dev/topaz
Cloud-native authorization for modern applications and APIs
abac access-control api authorization cloud-native golang opa rbac rebac security zanzibar
Last synced: 16 Jan 2025
https://github.com/genuinetools/amicontained
Container introspection tool. Find out what container runtime is being used as well as features available.
apparmor capabilities container-introspection containers docker libvirt linux lxc namespaces opencontainers openvz rkt security systemd-nspawn
Last synced: 17 Jan 2025
https://github.com/jiangsir404/audit-learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
audit code-review php security
Last synced: 03 Nov 2024
https://github.com/jiangsir404/Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
audit code-review php security
Last synced: 25 Oct 2024