An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/dopplerhq/secrets-fetch-action

Securely inject Doppler secrets into your GitHub Actions.

secret-management secrets secrets-management secrets-manager security

Last synced: 15 Jul 2025

https://github.com/nmoncho/sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).

appsec cve devops infosec nvd owasp owasp-dependencycheck sbt sbt-plugin scala security security-audit security-automation software-composition-analysis software-security static-analysis vulnerabilities vulnerability-scanners

Last synced: 11 Jul 2025

https://github.com/robertdebock/ansible-role-certbot

Install and configure certbot on your system.

acme ansible certbot letsencrypt molecule playbook security tox

Last synced: 14 Jul 2025

https://github.com/quarkslab/starlink-tools

A collection of tools for security research on Starlink's User Terminal

fuzzing reverse-engineering security starlink

Last synced: 03 Feb 2026

https://github.com/netflix-skunkworks/swag-api

REST API and UI for SWAG data

security

Last synced: 05 Oct 2025

https://github.com/umutcamliyurt/anon-file-upload

A tool for uploading/downloading files anonymously with client-side encryption

aes-256-gcm anonymity client-side-encryption encryption-decryption file-upload opsec php privacy security

Last synced: 14 May 2025

https://github.com/timakin/respmask

Go middleware for dynamically masking specific fields in JSON responses

go golang golang-library http masking security security-tools

Last synced: 03 Aug 2025

https://github.com/leonjza/golert

🚨an osquery powered, almost cross platform HIDS

hids monitoring osquery security

Last synced: 26 Jul 2025

https://github.com/novusvetus/action-phpinsights

GitHub phpinsights action. This workflow check the PHP files for the wanted coding standards and security issues.

codechecker codequality codereview github github-action github-actions hacktoberfest insights marketplace marketplace-released php php7 php8 phpinsights security workflow workflows

Last synced: 25 Jul 2025

https://github.com/XiaomingX/ddos_attack_script_demo

仅用于授权情况下验证安全产品的抗DDoS能力,请不要在未经网站所有者同意的情况下进行攻击。

attack ddos red-team security vulnerability

Last synced: 04 Nov 2025

https://github.com/dvershinin/nginx-honeypot

NGINX honeypot with lots of honey

bots firewall honeypot ipset nginx rhel security

Last synced: 02 Aug 2025

https://github.com/issif/falco-rules-explorer

A dashboard to explore Falco Rules

falco security

Last synced: 07 Mar 2026

https://github.com/zeyu-li/tryhackme

Hacker Man 👨‍💻

hacking security tryhackme vulnversity writeups

Last synced: 19 Mar 2026

https://github.com/kuntoaji/enkrip

encrypt & decrypt Active Record attributes with Message Encryptor

activemodel activerecord activesupport decryption encryption gem message-encryptor ruby ruby-gem ruby-on-rails security

Last synced: 21 Jun 2025

https://github.com/timoa/secure-go-backend-clean-architecture

Project that provides DevSecOps best practices on the Go Backend Clean Architecture

devsecops go golang security security-automation

Last synced: 08 May 2025

https://github.com/0xn0ne/sensitive-helper

基于正则表达式的本地文件敏感信息数据挖掘助手。Regular Expression Based Data Mining Assistant for Local File Sensitive Information.

aksk infomation jwt scanner security sensitive

Last synced: 11 Apr 2025

https://github.com/codestates-seb/seb39_main_013

고오급 남성 쇼핑몰 STATE MALL 입니다 https://statemall.click/

jpa mysql react reactquery security spring-boot styled-components

Last synced: 13 Apr 2025

https://github.com/jonathan-vella/architecting-for-success

This repository enables partners to help customers move with confidence with the right mix of skilling and resources to facilitate migration, modernization, and innovation with Azure OpenAI.

ai analytics azure cloudadoption migration networking openai openai-chatgpt security wellarc

Last synced: 07 Apr 2026

https://github.com/samiahmedsiddiqui/prevent-xss-vulnerability

This WordPress plugin enhances website security by preventing Cross-Site Scripting (XSS) vulnerabilities. It blocks and encodes malicious characters in URLs, escapes HTML in `$_GET` variables, and provides customizable settings for website owners.

encoding escape-html reflected-xss-vulnerabilities reflective reflective-injection security security-vulnerability self-xss wordpress xss xss-detection xss-vulnerability

Last synced: 12 Apr 2025

https://github.com/connectFree/ZigZag

Noise Framework implementation in Zig Language for use in EVER/IP and WireGuard

crypto cryptography ever ever-ip everip noise noise-protocol noise-protocol-framework security wireguard zig

Last synced: 06 May 2025

https://github.com/mh37/Argos

A passive WiFi tracking and profiling based on probe request frames.

linux pentesting probe-requests python reconnaissance security sniffing tracking wifi wireless

Last synced: 23 Jul 2025

https://github.com/fusion/crystalvault

A zero-knowledge server to store and share secrets: credentials, keys, etc.

browser crystal javascript pgp secret-management secrets security vault zero-knowledge

Last synced: 14 Apr 2025

https://github.com/denis-g/firefox-user.js

🦊 Firefox user.js – based on arkenfox/user.js with additional UI fixes.

firefox firefox-css firefoxcss ghacks mozilla mozilla-firefox privacy security settings userchrome userchromecss userjs

Last synced: 12 Apr 2025

https://github.com/psecio/rift

A vulnerable application for teaching the basics of web application security

application security teaching vulnerability

Last synced: 11 Apr 2025

https://github.com/existenznl/permcheck

PermCheck is a little tool that checks if the files in a PHP project have the executable bit set properly.

executable executable-file php security security-tools security-vulnerability

Last synced: 14 Apr 2025

https://github.com/brndnmtthws/protect-yourself

A guide on how to protect your digital assets

digital-assets encryption phone privacy security yubikey

Last synced: 08 Mar 2026

https://github.com/ventz/docker-dns-over-https

Docker Hub ventz/dns-over-https - DNS (tcp+udp 53) to CloudFlare and Google's HTTPS APIs

api dns dns-over-https https proxy security

Last synced: 16 Sep 2025

https://github.com/echo-devim/pyjacktrick

Python module hijacking POC

code-execution hijacking python security

Last synced: 27 Mar 2025

https://github.com/rodnt/portswiggerlabs

Solutions from @PortSwigger labs

infosec portswigger portswigger-labs security websecurity

Last synced: 25 Jul 2025

https://github.com/turbot/steampipe-export

Steampipe Export is a zero-ETL CLI to fetch data from cloud services and APIs. Hundreds of plugins with thousands of documented examples.

aws azure backup data devsecops etl gcp golang kubernetes security steampipe steampipe-engine zero-etl

Last synced: 31 Jul 2025

https://github.com/sam-k/pager-sec

Hacking hospital pagers, then building an encrypted solution.

arduino encryption pagers sdr security

Last synced: 02 Aug 2025

https://github.com/vaibhavpandeyvpz/jweety

Simple JWT (RFC 7519) encoding/decoding and validation library, for PHP >= 5.3.

authentication jsonwebtoken jwt php security

Last synced: 24 Apr 2025

https://github.com/archetypum/thesuffocater

theSuffocater is an extensible module manager/collection on UNIX admin scripts that allows you to quickly harden your server and deploy services in few clicks.

bash bsd cybersecurity cybersecurity-tools foss gnu gnu-linux linux python python3 security security-automation security-tools server server-side shell unix

Last synced: 27 Feb 2026

https://github.com/lucthienphong1120/fake-link

What you see is not necessarily the truth!

danger fake links security

Last synced: 28 Feb 2026

https://github.com/yasenstar/archimate_sabsa

Learn & Practice of Modeling SABSA with the ArchiMate Specification

archimate architect architecture compliance enterprise model modeling opengroup sabsa security specification

Last synced: 11 Feb 2026

https://github.com/listendev/lstn

A CLI tool to analyze the behavior of your dependencies using listen.dev

behavioral-analysis dependencies npm o11y security software-supply-chain-security

Last synced: 05 Sep 2025

https://github.com/olivierlacan/opsec

Operational Security for everyone

educational operational opsec security

Last synced: 12 Feb 2026

https://github.com/mishal/jwt

JWT (JSON Web Tokens) for PHP

json jwt php security webtoken

Last synced: 09 Mar 2026

https://github.com/mnavarrocarter/authorize-aws-security-group-ingress-action

A Github Action that allows you to create temporary inbound rules for an AWS Security Group

aws ec2 ip security security-group-rules security-groups ssh vpc

Last synced: 05 Sep 2025

https://github.com/nowsecure/nowsecure-sbom-action

Generate a Mobile SBOM for an application and submit to the Dependency submission API

action analysis dependabot frida nowsecure security security-tools

Last synced: 09 Apr 2025

https://github.com/ryru/hackingexposed

Kurs Hacking Exposed an Juventus Technikerschule HF

education hacking security websecurity

Last synced: 28 Apr 2025

https://github.com/nzt48/exploiting-smart-contract-vulnerabilities

Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. Paper (in Serbian) with 5 examples of vulnerable smart contracts and exploitation of them.

ethereum exploitation hacking security smart-contracts solidity

Last synced: 21 Apr 2026

https://github.com/webinarium/symfony-lazysec

Symfony library with a bunch of security related features.

php security symfony

Last synced: 11 Jun 2025

https://github.com/1hehaq/oty

Oty is a fast, customizable, CLI tool designed to streamline your Bug Bounty and Pentesting workflows. Powered by a simple yet flexible YAML based DSL, Oty allows you to integrate your tools into it

automation bugbounty developer devops pentest security

Last synced: 26 Jan 2026

https://github.com/ancat/equation

Equation exposes a minimal environment to allow safe execution of Ruby code represented via a custom expression language.

expression-language ruby security

Last synced: 05 Oct 2025

https://github.com/lockerpm/maily

A privacy-first email solution that provides an email alias @maily.org to hide the original email address when using the internet

aliases email-alias email-privacy email-protection email-security end-to-end-encryption locker password-manager private-relay security

Last synced: 06 Oct 2025

https://github.com/mikkoparkkola/nowifi

No WiFi? Now WiFi. One command. 27 techniques. Bypass any captive portal.

bypass captive-portal cli go golang hacking linux macos network-security penetration-testing security wifi wifi-hacking

Last synced: 31 May 2026

https://github.com/pm6422/luix-passport

This project provides you a standard auth2 server and client configuration powered by Spring Boot 3 with the ability to authenticate login and using PostgreSQL DB as datastore.

java oauth2 security spring spring-boot

Last synced: 17 Jan 2026

https://github.com/dbus2/zbus_polkit

PolicyKit zbus proxy

policykit security unix zbus

Last synced: 07 Oct 2025

https://github.com/geritol/write-guard

Github Action to enforce file level write access for monorepos

access-control github-actions monorepos security

Last synced: 14 Jan 2026

https://github.com/cx330blake/zype

ZYPE: Your Payload Encryptor. MSFvenom shellcode got detected? ZYPE encrypt and obfuscate the shellcode for you!

cybersecurity encryption hacking hacking-tools malware malware-analysis malware-research obfuscation red-team security shellcode zig

Last synced: 14 May 2026

https://github.com/fenix-hub/godot-engine.otp

Godot Engine plugin to generate RFC4226 and RFC6238 compliant One Time Passwords in GDScript.

2fa auth gdscript godot godot-engine hotp mfa otp security totp

Last synced: 05 Mar 2026

https://github.com/ypcrts/securemodelines

Secure alternative to Vim modelines. Maintained, active fork.

modeline security vim vim-modelines vim-plugin

Last synced: 09 Apr 2025

https://github.com/whiteshadow1234/picoctf_writeup

A beginner-friendly picoCTF guide—complete challenges using only the webshell, no Linux or VM needed!

ctf ctf-challenges ctf-solutions ctf-writeups picoctf picoctf-writeups picoctfsolutions security

Last synced: 09 Feb 2026

https://github.com/brucewind/cryptoppinndk

A repo for hiding encrypt algorithm working with CryptoPP.

android crypto cryptopp jni jni-android ndk security

Last synced: 15 Apr 2025

https://github.com/thecalcaholic/bash-utils

Various shell script utilities I've come to write over the years to make life easier

bash csv dyndns gcp gsutil inotify iperf3 keepass-mounter nautilus networking pulseaudio security utility

Last synced: 15 May 2025

https://github.com/turbot/steampipe-mod-terraform-azure-compliance

Run compliance and security controls to detect Terraform Azure resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

azure compliance hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 22 Apr 2025

https://github.com/imduffy15/k8s-gke-service-account-assigner

Provides different Google Service Accounts and Scopes for pods running on Kubernetes

google google-cloud-platform google-compute-engine google-kubernetes-engine iam kube2iam kubernetes security service-account

Last synced: 28 Jan 2026

https://github.com/m3nu/wp-audit

Audit the versions of your Wordpress sites to find old, vulnerable versions.

golang security security-audit security-tools wordpress

Last synced: 24 Oct 2025

https://github.com/riteshpuvvada/anonymous-board

Create a forum, chat or replay anonymously.

anonymous-chat board helmetjs javascript message mocha node-js security

Last synced: 12 Oct 2025

https://github.com/lazureykis/throttlecrab

High-performance GCRA rate limiter for Rust. Multi-protocol server (HTTP, gRPC, Redis/RESP) with advanced metrics, or embed as a minimal library. Self-tuning memory management 🦀

api-gateway api-protection cloudnative cloudnative-services ddos-protection docker gcra grpc microservices rate-limit rate-limiter rate-limiting rate-limits ratelimit ratelimiter ratelimiting redis rust security throttling

Last synced: 22 Aug 2025

https://github.com/mawg0ud/invismalware

A Malware Evasion Technique, shellcode generation, syntax modification, anti-dynamic analysis & PE header modification.

antivirus cybersecurity dynamic-analysis exploit infosec malware payload research security shellcode static-analysis threat

Last synced: 16 Oct 2025

https://github.com/built-fast/phpstan-sensitive-parameter

PHPStan extension for detecting parameters that should use SensitiveParameter

code-quality php phpstan phpstan-extension security sensitive-parameter static-analysis

Last synced: 13 Jan 2026

https://github.com/controlplaneio/sandbox-probe

Agentic sandbox enumeration: find security issues, and seed escape automation.

agentic-ai penetration-testing security

Last synced: 27 May 2026

https://github.com/houarizegai/aes

AES algorithm implementation in Java

aes aes-encryption cryptography information-security security

Last synced: 16 Mar 2026

https://github.com/ricco386/cyber501x-cybersecurity-fundamentals

RITx: CYBER501x Cybersecurity Fundamentals - Personal study notes

mooc security study-notes

Last synced: 12 Apr 2025

https://github.com/plumsydev/neptune-waf.app

Neptune is a Web Application Firewall that you can use to protect your domains against common attacks (XSS, SSRF, SQLI, Path Traversal) and many others, it also can be used to hide your web server backend IP and protect against most DDoS attacks, come visit us !

api api-security application ddos firewall http-proxy letsencrypt neptune neptunewaf owasp security tcp-proxy waap waf web web-application-firewall xss

Last synced: 13 Jan 2026

https://github.com/schooloffreelancing/ubuntu-server-hardening

Ubuntu server hardening standards for defending ubuntu Linux systems and data against Cyberattacks. The best security measures GitHub repository based on CIS Benchmark.

cis-benchmarks firewall hackproof-ubuntu linux security ubuntu-hardening ubuntu-server-hardening

Last synced: 22 Apr 2025

https://github.com/unlock-security/wshell

A handy interactive shell through {code,command,template} injection

ctf-tools penetration-testing penetration-testing-tools rce security security-tools shell webshell

Last synced: 18 Jan 2026

https://github.com/rifuki/dokuru

Agent-based Docker security audit platform with CIS Benchmark v1.8.0 compliance. Real-time WebSocket monitoring, automated vulnerability scanning, and interactive remediation

audit cis-benchmark compliance container container-security docker security

Last synced: 28 Jun 2026

https://github.com/contextforge-org/cpex

A composable enforcement framework for AI agents and toolchains

a2a agents ai extensibility framework hooks library llm mcp plugins safety security tools

Last synced: 27 Jun 2026

https://github.com/josehelps/blackcert

Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also checks if any domain changes with that keyword look like a phishing domain.

certificate monitoring security

Last synced: 14 Apr 2025

https://github.com/theAkito/userdef

A more advanced adduser for your Alpine based Docker images.

alpine docker linux musl permissions security

Last synced: 21 Mar 2025

https://github.com/pforret/bumpkeys

Upgrade your SSH keys for better security

bash bashew crypto ecdsa ed25519 rsa security security-audit ssh ssh-key

Last synced: 10 Apr 2025

https://github.com/actions-rust-lang/audit

Audit Rust Dependencies using the RustSec Advisory DB

cargo-audit ci github-actions hacktoberfest rust rust-lang rustsec security

Last synced: 10 Apr 2025

https://github.com/connorjburton/senvf

A secure & sensible replacement for process.env

javascript nodejs process-env security supply-chain

Last synced: 10 Jul 2025

https://github.com/chrissmartin/onvifscout

A comprehensive ONVIF device discovery and analysis tool that helps you find, authenticate, and examine ONVIF-compatible devices on your network.

hacktoberfest home-assistant home-automation onvif onvif-camera onvif-discovery pypi security security-camera

Last synced: 06 Jul 2025

https://github.com/sk3pp3r/devsecops-arsenal

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

cybersecurity devops devsecops devsecops-pipeline infrastructure sdlc security ssdlc

Last synced: 12 Jan 2026

https://github.com/alphaville/safemsg

SafeMessage - Secure web-based message exchange system

encryption javascript message-exchange secure-by-default security

Last synced: 10 Apr 2025

https://github.com/mablanco/docker-reconftw

Docker image for reconftw, a simple script intended to perform a full recon on an objective with multiple subdomains

docker pentesting security

Last synced: 11 Jul 2025

https://github.com/badisi/auth-js

🛡️ Authentication and authorization support for web based desktop and mobile applications

angular auth authentication authn authorization capacitor cordova hybrid identity ionic mobile oauth oauth2 oidc openid openidconnect security web

Last synced: 12 Apr 2025