An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/k4yt3x/ssh_config

K4YT3X's Hardened OpenSSH Client Configuration

hardening linux openssh security ssh

Last synced: 29 Oct 2025

https://github.com/maulingmonkey/firehazard

Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.

rust sandbox sandboxing security win32 windows

Last synced: 30 Aug 2025

https://github.com/piaudonn/SecurityNotifications

Send security notifications to your users when something important happened on their accounts (such as new MFA methods, atypical travels, TAP usage...).

azure-ad azure-ad-identity-protection log-analytics-workspace security security-automation

Last synced: 15 Apr 2025

https://github.com/VolkanSah/Implementing-AI-Systems-Whitepaper

This whitepaper provides best practices and concrete examples for the secure implementation of artificial intelligence in web applications. It covers topics such as security, data protection, ethics, AI models and algorithms, development process, user training, and regulation.

ai api artificial-intelligence artificial-neural-networks chatgpt gpt gpt4 how-to security whitepaper whitepapers

Last synced: 12 May 2025

https://github.com/denis-g/firefox-user.js

🦊 Firefox user.js – based on arkenfox/user.js with additional UI fixes.

firefox firefox-css firefoxcss ghacks mozilla mozilla-firefox privacy security settings userchrome userchromecss userjs

Last synced: 12 Apr 2025

https://github.com/ongoingai/gateway

Headless, OpenAI-compatible AI gateway in Go. Multi-tenant auth, tracing, cost tracking, rate limits, and optional PII redaction. Single binary, self-hosted, audit-ready by design.

ai-gateway audit-logs cost-tracking go golang llm-gateway observability openai-compatible opentelemetry pii-redaction policy-enforcement privacy rate-limiting security tracing

Last synced: 24 Feb 2026

https://github.com/brndnmtthws/protect-yourself

A guide on how to protect your digital assets

digital-assets encryption phone privacy security yubikey

Last synced: 08 Mar 2026

https://github.com/tspascoal/dependabot-alerts-helper

A set of (simple) scripts to help manage dependabot alerts

dependabot scripts-collection security

Last synced: 07 May 2025

https://github.com/zeyu-li/tryhackme

Hacker Man 👨‍💻

hacking security tryhackme vulnversity writeups

Last synced: 19 Mar 2026

https://github.com/mablanco/docker-reconftw

Docker image for reconftw, a simple script intended to perform a full recon on an objective with multiple subdomains

docker pentesting security

Last synced: 11 Jul 2025

https://github.com/badchars/cve-mcp

23-tool MCP server for CVE & vulnerability intelligence. NVD, EPSS, CISA KEV, GitHub Advisory, OSV — unified in one server. Risk scoring, bulk triage, exploit search. 2 dependencies, runs with npx.

ai-security cisa claude cve cvss cybersecurity epss ghsa kev mcp model-context-protocol nvd osv pentesting security vulnerability vulnerability-intelligence

Last synced: 30 Jun 2026

https://github.com/chrissmartin/onvifscout

A comprehensive ONVIF device discovery and analysis tool that helps you find, authenticate, and examine ONVIF-compatible devices on your network.

hacktoberfest home-assistant home-automation onvif onvif-camera onvif-discovery pypi security security-camera

Last synced: 06 Jul 2025

https://github.com/shayanzare/admin-page-finder

This is a simple script to finding website admin page.

admin-page-finder hacking hacking-tool ruby security

Last synced: 28 Mar 2025

https://github.com/dominicbreuker/goncat

netcat-like CLI tool with advanced features for bind/reverse shells

bind-shell golang offsensive-security pentesting port-forwarding pty reverse-shell security tunneling

Last synced: 11 Apr 2025

https://github.com/connectFree/ZigZag

Noise Framework implementation in Zig Language for use in EVER/IP and WireGuard

crypto cryptography ever ever-ip everip noise noise-protocol noise-protocol-framework security wireguard zig

Last synced: 06 May 2025

https://github.com/psecio/rift

A vulnerable application for teaching the basics of web application security

application security teaching vulnerability

Last synced: 11 Apr 2025

https://github.com/alphaville/safemsg

SafeMessage - Secure web-based message exchange system

encryption javascript message-exchange secure-by-default security

Last synced: 10 Apr 2025

https://github.com/kuntoaji/enkrip

encrypt & decrypt Active Record attributes with Message Encryptor

activemodel activerecord activesupport decryption encryption gem message-encryptor ruby ruby-gem ruby-on-rails security

Last synced: 21 Jun 2025

https://github.com/pforret/bumpkeys

Upgrade your SSH keys for better security

bash bashew crypto ecdsa ed25519 rsa security security-audit ssh ssh-key

Last synced: 10 Apr 2025

https://github.com/sk3pp3r/devsecops-arsenal

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

cybersecurity devops devsecops devsecops-pipeline infrastructure sdlc security ssdlc

Last synced: 12 Jan 2026

https://github.com/echo-devim/pyjacktrick

Python module hijacking POC

code-execution hijacking python security

Last synced: 27 Mar 2025

https://github.com/codestates-seb/seb39_main_013

고오급 남성 쇼핑몰 STATE MALL 입니다 https://statemall.click/

jpa mysql react reactquery security spring-boot styled-components

Last synced: 13 Apr 2025

https://github.com/advanced-security/demo-java

GitHub Advanced Security scanning tutorial repository for Java

advanced-security demo devsecops example security static-analysis

Last synced: 12 Apr 2025

https://github.com/connorjburton/senvf

A secure & sensible replacement for process.env

javascript nodejs process-env security supply-chain

Last synced: 10 Jul 2025

https://github.com/jonhadfield/sts

Simplify working with AWS STS credentials and MFA

2fa aws aws-cli aws-sdk cli golang iam mfa security sts

Last synced: 15 Jul 2025

https://github.com/samiahmedsiddiqui/prevent-xss-vulnerability

This WordPress plugin enhances website security by preventing Cross-Site Scripting (XSS) vulnerabilities. It blocks and encodes malicious characters in URLs, escapes HTML in `$_GET` variables, and provides customizable settings for website owners.

encoding escape-html reflected-xss-vulnerabilities reflective reflective-injection security security-vulnerability self-xss wordpress xss xss-detection xss-vulnerability

Last synced: 12 Apr 2025

https://github.com/badisi/auth-js

🛡️ Authentication and authorization support for web based desktop and mobile applications

angular auth authentication authn authorization capacitor cordova hybrid identity ionic mobile oauth oauth2 oidc openid openidconnect security web

Last synced: 12 Apr 2025

https://github.com/actions-rust-lang/audit

Audit Rust Dependencies using the RustSec Advisory DB

cargo-audit ci github-actions hacktoberfest rust rust-lang rustsec security

Last synced: 10 Apr 2025

https://github.com/tomiok/vaultik

Vaultik is a cloud agnostic secret manager that helps developers to create, read, update and delete variables and easily export to a remote location or any cloud. Avoid using environment variables and these are fully encrypted.

cloud cloud-computing cobra encryption environment-variables go golang secret secret-management secrets secrets-management secure secure-storage security security-tools

Last synced: 28 Oct 2025

https://github.com/djadmin/fort

macOS CLI: endpoint security audit + SOC 2 readiness reports

cli compliance devops endpoint-security golang hardening iso27001 macos security soc2

Last synced: 11 Jun 2026

https://github.com/evervault/evervault-js

Evervault JavaScript SDK.

encryption javascript security

Last synced: 13 Feb 2026

https://github.com/yasenstar/archimate_sabsa

Learn & Practice of Modeling SABSA with the ArchiMate Specification

archimate architect architecture compliance enterprise model modeling opengroup sabsa security specification

Last synced: 11 Feb 2026

https://github.com/lucthienphong1120/fake-link

What you see is not necessarily the truth!

danger fake links security

Last synced: 28 Feb 2026

https://github.com/fenix-hub/godot-engine.otp

Godot Engine plugin to generate RFC4226 and RFC6238 compliant One Time Passwords in GDScript.

2fa auth gdscript godot godot-engine hotp mfa otp security totp

Last synced: 05 Mar 2026

https://github.com/houarizegai/aes

AES algorithm implementation in Java

aes aes-encryption cryptography information-security security

Last synced: 16 Mar 2026

https://github.com/mxrcode/taskguard

Simple and Secure To-Do List App with Full Encryption (ChaCha20-Poly1305 & AES-256-CBC)

cpp notebook notes open-source opensource secure security taskguard todo todo-list todolist

Last synced: 24 Oct 2025

https://github.com/olivierlacan/opsec

Operational Security for everyone

educational operational opsec security

Last synced: 12 Feb 2026

https://github.com/nzt48/exploiting-smart-contract-vulnerabilities

Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. Paper (in Serbian) with 5 examples of vulnerable smart contracts and exploitation of them.

ethereum exploitation hacking security smart-contracts solidity

Last synced: 21 Apr 2026

https://github.com/edvincodes/instagramunfollowers

Instagram Unfollowers 2026: Free Script to see who isn't following you back. Safe, Open Source & No Login required. Works on Mobile & Desktop.

automation instagram instagram-follower instagram-followers instagram-following instagram-tool instagram-unfollowers javascript open-source privacy script security unfollow unfollowers

Last synced: 02 Apr 2026

https://github.com/rezmoss/network-vulnerability-scanner

Build a network vulnerability scanner from scratch in Go, port scanning, service detection, and vulnerability identification. Full walkthrough

cybersecurity go golang infosec networking penetration-testing port-scanner security tutorial vulnerability-scanner

Last synced: 12 Jun 2026

https://github.com/archetypum/thesuffocater

theSuffocater is an extensible module manager/collection on UNIX admin scripts that allows you to quickly harden your server and deploy services in few clicks.

bash bsd cybersecurity cybersecurity-tools foss gnu gnu-linux linux python python3 security security-automation security-tools server server-side shell unix

Last synced: 27 Feb 2026

https://github.com/imduffy15/k8s-gke-service-account-assigner

Provides different Google Service Accounts and Scopes for pods running on Kubernetes

google google-cloud-platform google-compute-engine google-kubernetes-engine iam kube2iam kubernetes security service-account

Last synced: 28 Jan 2026

https://github.com/mikkoparkkola/nowifi

No WiFi? Now WiFi. One command. 27 techniques. Bypass any captive portal.

bypass captive-portal cli go golang hacking linux macos network-security penetration-testing security wifi wifi-hacking

Last synced: 31 May 2026

https://github.com/firesphere/silverstripe-haveibeenpwnd

Check user passwords and emails against the HaveIBeenPwnd database

hacktoberfest haveibeenpwned password security silverstripe silverstripe-4 silverstripe-module

Last synced: 07 Oct 2025

https://github.com/hexydec/torque

A Wordpress plugin to optimise the transport of your website to the client. Reduce the load on your server and make your Wordpress website fly!

minification optimization performance security wordpress

Last synced: 18 Nov 2025

https://github.com/cx330blake/zype

ZYPE: Your Payload Encryptor. MSFvenom shellcode got detected? ZYPE encrypt and obfuscate the shellcode for you!

cybersecurity encryption hacking hacking-tools malware malware-analysis malware-research obfuscation red-team security shellcode zig

Last synced: 14 May 2026

https://github.com/nowsecure/nowsecure-sbom-action

Generate a Mobile SBOM for an application and submit to the Dependency submission API

action analysis dependabot frida nowsecure security security-tools

Last synced: 09 Apr 2025

https://github.com/agrim123/gatekeeper

Authentication and authorization oriented tool allowing users to ssh to a machine without giving them access to private keys.

bastion devops golang security ssh ssh-server

Last synced: 12 Mar 2026

https://github.com/Archetypum/theSuffocater

theSuffocater is an extensible module manager/collection on UNIX admin scripts that allows you to quickly harden your server and deploy services in few clicks.

bash bsd cybersecurity cybersecurity-tools foss gnu gnu-linux linux python python3 security security-automation security-tools server server-side shell unix

Last synced: 24 Mar 2025

https://github.com/controlplaneio/sandbox-probe

Agentic sandbox enumeration: find security issues, and seed escape automation.

agentic-ai penetration-testing security

Last synced: 27 May 2026

https://github.com/plume-org/rocket_csrf

Rocket fairing for automatic csrf protection

csrf fairing rocket rust security web

Last synced: 13 May 2025

https://github.com/pm6422/luix-passport

This project provides you a standard auth2 server and client configuration powered by Spring Boot 3 with the ability to authenticate login and using PostgreSQL DB as datastore.

java oauth2 security spring spring-boot

Last synced: 17 Jan 2026

https://github.com/dbus2/zbus_polkit

PolicyKit zbus proxy

policykit security unix zbus

Last synced: 07 Oct 2025

https://github.com/riteshpuvvada/anonymous-board

Create a forum, chat or replay anonymously.

anonymous-chat board helmetjs javascript message mocha node-js security

Last synced: 12 Oct 2025

https://github.com/tetratelabs/zta-demo-2022

Demo delivered at the 2022 ZTA and DevSecOps for Cloud Native Applications NIST conference

ngac security service-mesh wasm zero-trust

Last synced: 26 Apr 2025

https://github.com/ryru/hackingexposed

Kurs Hacking Exposed an Juventus Technikerschule HF

education hacking security websecurity

Last synced: 28 Apr 2025

https://github.com/jon-becker/research

This repository contains research papers & studies that I have worked on or am currently working on.

blockchain erc ethereum nft research security security-audit solidity

Last synced: 25 Mar 2025

https://github.com/markwalet/laravel-hashed-route

A Laravel package that replaces the default route model binding for a safer version.

laravel php php-library security

Last synced: 11 Mar 2026

https://github.com/cipherstash/protectjs

Encrypt and protect data using industry standard algorithms, field level encryption, a unique data key per record, bulk encryption operations, and decryption level identity verification. Powered by CipherStash Encryption.

data data-security encryption javascript postgres postgresql security typescript

Last synced: 29 Oct 2025

https://github.com/ozbillwang/keycloak-compose

Run keycloak and keycloak cluster with docker compose - Up and Running in Seconds

authentication devops docker docker-compose keycloak keycloak-cluster security

Last synced: 25 Apr 2025

https://github.com/mnavarrocarter/authorize-aws-security-group-ingress-action

A Github Action that allows you to create temporary inbound rules for an AWS Security Group

aws ec2 ip security security-group-rules security-groups ssh vpc

Last synced: 05 Sep 2025

https://github.com/ancat/equation

Equation exposes a minimal environment to allow safe execution of Ruby code represented via a custom expression language.

expression-language ruby security

Last synced: 05 Oct 2025

https://github.com/antoinerondelet/uxss-vulnerabilities-research

Some research on UXSS vulnerabilities in web browsers

browser security uxss-vulnerabilities web web-security

Last synced: 09 Jul 2025

https://github.com/turbot/steampipe-mod-github-compliance

Run individual controls or full compliance benchmarks for across all of your GitHub resources using Powerpipe and Steampipe.

cis cis-benchmark compliance github hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod

Last synced: 22 Apr 2025

https://github.com/bcrowe/cakephp-encrypted-type

:lock_with_ink_pen: CakePHP plugin that provides field-level (column) encryption within the application layer before data is stored or transmitted to the database, supporting regulatory compliance, zero-trust security, end-to-end encryption, and contextual awareness.

cakephp cakephp-plugin data-encryption data-security database encryption end-to-end-encryption field-level-encryption field-level-security gdpr hipaa pci pci-compliance pci-dss php regulatory-compliance security zero-trust zero-trust-security

Last synced: 08 Mar 2026

https://github.com/dr-noob/madfut22_hack

Proof-of-concept for hacking the MADFUT 22 game on Android

android fifa game hacking security

Last synced: 03 Feb 2026

https://github.com/bocaletto-luca/ip-port-scanner

The IP Port Scanner software is a Python application based on Tkinter that allows users to scan IP addresses and ports within a local network. This application provides an intuitive user interface for performing IP scans and checking the status of open or closed ports on a specific host.

cybersecurity desktop-application gui ip-scanner ip-scanning network-scanning network-security open-source python security tkinter

Last synced: 05 Jan 2026

https://github.com/kiliczsh/nosql-injection

The Power of Secure Coding Practices: Safeguarding MongoDB Against Exploitation

mongodb nosql-injection security

Last synced: 10 Apr 2025

https://github.com/cryxnet/cve-2022-42889-rce

Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability)

cve-2022-42889 exploit exploits poc security vulnerability

Last synced: 27 Dec 2025

https://github.com/chaitin/veinmind-action

基于 veinmind-tools 实现的 Github Action

action cloud container image security

Last synced: 07 Oct 2025

https://github.com/jfrog/jfrog-ide-webview

JFrog-IDE-Webview is a React-based HTML page designed to be seamlessly embedded within JFrog VS Code Extension and the JFrog IDEA Plugin.

jfrog jfrog-idea-plugin jfrog-vscode-extension jfrog-xray security

Last synced: 10 Oct 2025

https://github.com/eliranmaman/elro-security-project

ELRO-Security is an advance & free WAF (Web Application Firewall), It is using to defend servers and especially websites around the internet. It is very easy to install and allow websites owner to add their own website via a web application interface which makes it accessible for almost everyone regardless of the level of codding.

firewalls security waf web web-application-firewall web-application-security web-application-security-scanner web-secure web-security webapplication webapplicationhacking

Last synced: 26 Apr 2025

https://github.com/jeninsutradhar/kryptos

password manager built with Go and Fyne, designed to provide a secure and intuitive way to store and manage your passwords locally

aes-encryption fyne golang password-manager security

Last synced: 13 Oct 2025