An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/attumm/maat

Validation and transformation library powered by recursive descent validation algorithm. Made to be extended for any kind of project.

dictionary fast json-schema nested-structures parser security serialization types validation validator

Last synced: 09 Apr 2025

https://github.com/kickstarter/ruby-homograph-detector

🕵️‍♀️🕵️‍♂️ Ruby gem for determining whether a given URL is considered an IDN homograph attack

homograph-attack idn-homograph-attack security unicode

Last synced: 20 Oct 2025

https://github.com/oisf/suricata-intel-index

Suricata rule and intel index

ids intel ips nsm rules security signatures suricata

Last synced: 31 Jan 2026

https://github.com/gamemann/packet-flooder

A packet flooding/generating program I made that supports TCP, UDP, and ICMP packets. Includes functionality to change characteristics per packet and is also multithreaded.

c denial-of-service dos dos-attack fast flood flooding multithreading network packet packet-flood packet-flooder packet-generator packetflood pcktflood pcktgen pentest pentest-tool pentesting security

Last synced: 18 Mar 2025

https://github.com/leondz/lm_risk_cards

Risks and targets for assessing LLMs & LLM vulnerabilities

llm llm-security red-teaming security vulnerability

Last synced: 01 Jul 2025

https://github.com/permify/targe

Open-source CLI for managing IAM (Identity and Access Management) operations with AI assistance.

authorization aws awscli azure cloud gcp iam security

Last synced: 14 Jun 2025

https://github.com/snapt/traefik-nova-plugin

Traefik plugin to proxy requests to Snapt Nova for evaluation against the WAF.

security snapt traefik-plugin

Last synced: 15 Jan 2026

https://github.com/nextcloud/end_to_end_encryption_rfc

🔒 Specification for end-to-end encryption used by Nextcloud sync & mobile apps

encryption encryption-rfc end-to-end-encryption nextcloud nextcloud-sync security

Last synced: 15 Jun 2025

https://github.com/SalehLardhi/google-dorks-toolkit

GoogleDorks Toolkit is a powerful automated tool for google dorks, designed for pentration tester, ethical hackers and bug hunters to detect harmful security vulnerabilities using Google Dorks techniques. It has methods to bypass google captcha and search in a list of any possible program in wild.

bypass-google cybersecurity dorking-tool ghdb google google-captcha google-dork google-dorks google-hacking-database google-scraping googledork googledorks googlehacking googlesearch hackgoogle hacking python scraper security

Last synced: 01 Apr 2025

https://github.com/hakdogan/apacheshiro

:key: Using Apache Shiro JDBC Realm with MySQL Database

security shiro

Last synced: 05 Oct 2025

https://github.com/ayesh/statelesscsrf

Secret-key based state-less CSRF token generator and validator for PHP 7. State-less means you do not have to store the CSRF token in session or database.

csrf netsec php php7 security stateless token token-authetication

Last synced: 06 Nov 2025

https://github.com/flydev-fr/blackhole

Block excessive crawlers, bots and spiders traffic on your web site 👾

antibot anticrawler antispiders blackhole processwire security

Last synced: 15 Apr 2025

https://github.com/padosoft/laravel-composer-security

Laravel command to test security vulnerabilities in your composer files.

composer laravel laravel-command laravel-package security

Last synced: 23 Apr 2025

https://github.com/NodeSecure/vulnera

Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).

audit nodesecure npm security vuln vulnerabilities

Last synced: 30 Aug 2025

https://github.com/initz3r0/ibex

An iOS backup extraction tool written in Golang

exploitation forensics forensics-tools incident-response ios mobile security

Last synced: 12 Jan 2026

https://github.com/olssonm/laravel-backup-shield

🔒Password protection (and encryption) for your laravel backups.

backup laravel-5-package laravel-backup security zip

Last synced: 11 Jan 2026

https://github.com/jassics/cybersecurity-slides

Collection of mine and others presentations on various topics like application security, python, cloud security, DevSecOps and so on... These are free to use and publicly available slides. But, don't forget to give the credit to the owners!

application-security aws cybersecurity-awareness cybersecurity-training devsecops learning-materials learning-resources presentations security security-presentations security-slides slides threat-modeling web-security

Last synced: 27 Apr 2025

https://github.com/YinHangCode/homebridge-mi-gateway-security

XiaoMi Gateway Security plugin for HomeBridge.

aqara gateway homebridge homebridge-plugin security xiaomi

Last synced: 01 Apr 2025

https://github.com/sysdiglabs/k8s-security-configwatch

Git action to generate security lint report for Kubernetes workload YAML files on PR

git-workflow k8s security

Last synced: 13 Jul 2025

https://github.com/didinj/node-facebook-twitter-google-github-login

Node, Express, Mongoose, Passport, Facebook, Twitter, Google and Github Authentication (Login)

authentication express facebook github google login mongodb mongoose node passport security signin twitter

Last synced: 24 Apr 2025

https://github.com/junkurihara/lecture-security_engineering

Slide decks and sample codes for a lecture of "Security Engineering", which are composed in terms of how to choose and deploy appropriate standardization security technologies in information systems.

lecture lecture-slides security university-course

Last synced: 14 Apr 2025

https://github.com/rverton/gxss

Blind XSS service alerting over slack or email

blind-xss exfiltration pentesting security xss

Last synced: 09 Mar 2026

https://github.com/pwelch/virustotal_api

Ruby Gem for VirusTotal API

malware-analysis ruby security

Last synced: 15 Apr 2025

https://github.com/gnat/csrf-starlette-fastapi

Dead simple CSRF security middleware for Starlette ⭐ and FastAPI ⚡

async csrf fastapi htmx hyperscript python security starlette web

Last synced: 15 Apr 2025

https://github.com/wolfssl/wolfssh-examples

Example applications using the wolfSSH Library.

embedded esp32 esp8266 examples getting-started iot security ssh ssh-examples wolfssh wolfssl

Last synced: 23 Aug 2025

https://github.com/asggo/spf

Parse SPF record and determine if client IP is allowed to send email.

dns go golang security sender-policy-framework spf spf-record

Last synced: 03 Feb 2026

https://github.com/arall/vulnerabilities

Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

dast sast security vulnerabilities vulnerability vulnerable vulnerable-app vulnerable-application

Last synced: 22 Jan 2026

https://github.com/Te-k/commands-for-sec

Useful commands for infosec

infosec security tips tldr

Last synced: 11 Mar 2025

https://github.com/ariary/tacos

🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)

ctf golang infosec interactive pentest pentest-tool reverse-shell security socat

Last synced: 26 Apr 2025

https://github.com/bmedicke/quantum_cryptography

demonstration of quantum cryptography 🐈 🔐 , one-time pad communication via BB84. repo for our IT Security Master project

alice bb84-protocol beam-splitter bob cryptography docker docker-compose hardware jupyter-notebooks lasers master mcs mqtt photons quantum quantum-cryptography rabbitmq security theory thorlabs

Last synced: 02 Apr 2025

https://github.com/sefinek/malicious-ip-addresses

A list of malicious IP addresses associated with botnets, cyberattacks, and the generation of artificial traffic on websites. Useful for network administrators and security companies to block threats and protect against DDoS attacks.

botnets cybersecurity ddos ddos-protection firewall google-adsense ip-list list malicious malicious-ips malicious-url malicious-url-detection network-monitoring protection security security-tools threat-detection traffic-analysis

Last synced: 25 Jul 2025

https://github.com/jenkinsci/azure-ad-plugin

Authentication and Authorization with Azure AD

azure hacktoberfest security user

Last synced: 06 Apr 2025

https://github.com/rrd108/nuxt-api-shield

Nuxt API Rate Limiter / Brute Force Protection

nuxt nuxt-module rate-limiter security

Last synced: 10 Apr 2025

https://github.com/geekmasher/securitree.nvim

SecuriTree - Security Research Tool

neovim security

Last synced: 06 Mar 2026

https://github.com/keeper-security/keeper-sdk-dotnet

.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.

commander dotnet password-manager passwords powershell security

Last synced: 05 Apr 2025

https://github.com/techgaun/plug_secex

Plug that adds various HTTP Headers to make Phoenix/Elixir app more secure

elixir hex hex-downloads http-headers phoenix plug plug-secex security

Last synced: 13 Jun 2025

https://github.com/0xInfection/PewSWITCH

A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers

Last synced: 11 Jul 2025

https://github.com/univ-of-utah-marriott-library-apple/disable_sip

This script is used in the recovery partition to automatically disable SIP.

bash mac macadmin macadmins security system-integrity-protection

Last synced: 10 Apr 2025

https://github.com/the-mcgrail-foundation/mimedefang

MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter or manipulate your mail.

antispam email filter perl security smtp

Last synced: 01 Jul 2025

https://github.com/nekmo/pip-rating

Check the health of your project's requirements and get a score for each dependency.

dependencies hacktoberfest pip python rating requirements security security-audit security-tools vulnerabilities

Last synced: 13 Dec 2025

https://github.com/VerSprite/alpnpass

This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic again and send it to the target of your choice. Unlike most SSL stripping solutions this tool will negotiate ALPN and preserve the negotiated protocol all the way to the target.

alpn mitm mitmproxy security security-tools ssl tls

Last synced: 11 Jul 2025

https://github.com/en14c/erebus

Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster

c elf elf-binaries elf64 linux linux-system-programming process-injection proof-of-concept security virus x64-assembly

Last synced: 09 Jul 2025

https://github.com/vacuumlabs/cardano-ctf

A game where Cardano developers and enthusiasts can try to exploit purposely vulnerable smart contracts and learn about the most common security issues and how to prevent them.

cardano ctf decentralized-finance security smart-contracts vulnerabilities

Last synced: 12 Apr 2025

https://github.com/Keeper-Security/keeper-sdk-dotnet

.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.

commander dotnet password-manager passwords powershell security

Last synced: 05 May 2025

https://github.com/khaosdoctor/enigmajs

Full implementation of the 1944 German cryptographic machine in TypeScript with a nice UI

cipher cryptography enigma enigma-cipher enigma-js enigma-machine enigma-simulator javascript security typescript vue

Last synced: 29 Apr 2025

https://github.com/te-k/commands-for-sec

Useful commands for infosec

infosec security tips tldr

Last synced: 02 Feb 2026

https://github.com/hunters-org/hunter-kit

Hunter-Kit is a cross platform security toolkit and framework that can automate most of the pentesting engagement from the recon to reporting phase

attacks autmation frameworks pentesting-tools reconnaissance security security-tools toolkit

Last synced: 12 Mar 2026

https://github.com/javiercasares/wpvulnerability

Plugin WPVulnerability for WordPress. https://wordpress.org/plugins/wpvulnerability/

php security vulnerability wordpress wordpress-plugin

Last synced: 13 Jun 2025

https://github.com/fabaff/fsl-test-bench

FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.

ansible fedora fedora-security-lab pentesting playground security vulnerable

Last synced: 15 Apr 2025

https://github.com/apeleghq/lot

Sandbox for isolating ECMAScript code

browser csp deno ecmascript iframe isolation nodejs sandbox security vm webworker worker

Last synced: 08 May 2025

https://github.com/anthonysgro/geospoof

Browser extension to spoof your geolocation, timezone, and prevent WebRTC IP leaks.

browser firefox gecko geolocation privacy security spoof spoofing spoofing-detection timezone vpn

Last synced: 27 May 2026

https://github.com/grafana/bugbounty

Grafana Labs bug bounty

bounty bug bugbounty grafana rewards security

Last synced: 19 Oct 2025

https://github.com/theupdateframework/taps

TUF Augmentation Proposals (TAPs)

security software update

Last synced: 25 Feb 2026

https://github.com/grahamhelton/spoofpoint

Spoofpoint is a domain monitoring tool that allows you to generate a list of domains that are 1 character off of your domain (grahamhelton.com turns into -> grahamheIton.com ((The L is a capital I )), check a list of domains you already have, or check as single domain.

domain domain-monitoring security

Last synced: 22 Jan 2026

https://github.com/delight-im/htaccess

.htaccess with reasonable defaults for most sites

apache apache2 htaccess security server

Last synced: 28 Jan 2026

https://github.com/datadog/nginx-datadog

Enhance NGINX Observability and Security with Datadog's Module

apm appsec datadog nginx observability security tracing

Last synced: 06 Feb 2026

https://github.com/claude-world/claude-skill-antivirus

Security scanner for Claude Code Skills — 9 engines detect malicious patterns, data exfiltration, dangerous ops across 71K+ skills

claude-code claude-code-skills malware-detection nodejs npm scanner security

Last synced: 03 Apr 2026

https://github.com/opensc/pam_p11

Authentication with PKCS#11 modules

authentication certificate opensc pam pgp security smartcard

Last synced: 26 Feb 2026

https://github.com/luc10/zykgen

Zyxel VMG8823-B50B default WPA keygen

golang password reverse-engineering router security wifi wpa zyxel

Last synced: 04 Mar 2026

https://github.com/deepal/node-dukpt

Node JS Library for Derived Unique Key Per Transaction (DUKPT) Encryption 💳🔑🛡

aes decryption dukpt dukpt-encryption encryption javascript node-dukpt nodejs payments security

Last synced: 15 Oct 2025

https://github.com/tink-crypto/tink-tinkey

Utility that allows generating and manipulating Tink keysets

crypto cryptography java key-management security

Last synced: 27 Jan 2026

https://github.com/endorama/2ami

Your easy 2FA companion that keep the secrets secret.

cli google-authenticator hacktoberfest keychain keyring secrets secure security totp two-factor

Last synced: 15 Mar 2026

https://github.com/alaz/legitbot

🤔 Is this Web request from a real search engine🕷 or from an impersonating agent 🕵️‍♀️?

bot detect-crawlers fake googlebot impersonation protection ruby ruby-gem search-engine security

Last synced: 25 Apr 2026

https://github.com/d2iq-archive/kubernetes-security-benchmark

A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources

cis cli cobra dcos golang ksphere kubernetes security

Last synced: 31 Mar 2025

https://github.com/alcideio/pipeline

Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration

aks argo argocd azure circleci eks github-action gitlab-ci gke google-cloud-build jenkins kubernetes security security-audit travis travis-ci vulnerability-scanner

Last synced: 16 Apr 2025

https://github.com/tigran-sargsyan-w/self-signed-cert-toolkit

A toolkit for generating self-signed digital certificates for signing PDFs, emails, software, and other content using tools like JSignPdf or any software that supports PKCS#12.

cert-generation certificate cli-tool code-signing digital-signature document-signing email-signature encryption openssl p12 pdf pdf-signature pkcs12 privacy security self-signed smime ssl tls x509

Last synced: 29 May 2026

https://github.com/WiPi-Hunter/PiUser

👨‍💻🕵🏻👩‍💻 Analyze user behavior against fake access points📡

access-point attacker blueteam corporations fake pentesting probe-requests redteam security user wifi

Last synced: 07 Apr 2025

https://github.com/thedoctor0/openvas-docker-lite

OpenVAS docker container with custom automation script.

docker nmap openvas scan security shell

Last synced: 12 Apr 2025

https://github.com/sbaresearch/amlsec

Automated Security Risk Identification Using AutomationML-based Engineering Data

automationml cyber-physical-systems industrial-automation research risk-assessment security semantic-web

Last synced: 12 Jul 2025

https://github.com/apriorit/access-app-data-android

A no-root solution to access Android app private data without root access. Browser history and instant messages example

android security

Last synced: 08 May 2025

https://github.com/ssstonebraker/log4j-scan-turbo

Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

bash kali log4j log4shell oscp oscp-tools osint pentesting security securty-tools shell

Last synced: 12 Jul 2025

https://github.com/guardianproject/opencircle

Open-source Circle of 6 with improved security and privacy features. PLEASE NOTE: For the new Circulo app please visit: https://gitlab.com/circuloapp/circulo-android

community hotline mobile safety security support

Last synced: 22 Jun 2025

https://github.com/ulisesgascon/docker-seguro

📖 Docker Seguro por Ulises Gascón

docker ebook learning security spanish

Last synced: 05 May 2025

https://github.com/0xinfection/pewswitch

A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers

Last synced: 13 Apr 2025

https://github.com/kraftjectory/secrex

Simple and secure secrets manager in Elixir projects

elixir security

Last synced: 15 Jul 2025

https://github.com/d4vinci/paste2web

A python3 script that uses cl1p website to send and receive secret messages

chat cl1p-website messages python3-script secret security

Last synced: 25 Jul 2025

https://github.com/rshipp/python-dshield

Pythonic interface to the Internet Storm Center / DShield API.

api-client dshield infosec isc library python sans security

Last synced: 15 Sep 2025

https://github.com/tethik/burn-after-reading

A service to share short term messages stored in memory.

cryptography python security

Last synced: 26 Jun 2025

https://github.com/hazcod/security-slacker

Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.

crowdstrike one security slack spotlight workspace ws1

Last synced: 19 Apr 2025

https://github.com/sporkmonger/bulwark

Automated security decision making under uncertainty

bot-mitigation bulwark detection devsecops envoy security waap waf webassembly

Last synced: 19 Feb 2026