An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/anchore/s3c-workshops

Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

containers devsecops fedramp k8s sbom security supply-chain-security vulnerability-scanners

Last synced: 09 Oct 2025

https://github.com/restorm-labs/nuxt-restream

Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.

firebase firebase-storage nuxt nuxt-module nuxt3 security vue3

Last synced: 09 Oct 2025

https://github.com/orijtech/tickeryzer

Check missing (*time.Ticker).Stop() call, which can cause resources leak.

golang security static-analysis

Last synced: 09 Feb 2026

https://github.com/jessechale/halehound-cyd

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

bluetooth cc1101 cheap-yellow-display cyd esp32 esp32-diy hacking nrf24l01 offensive-security pentest security security-tools subghz wifi

Last synced: 12 Mar 2026

https://github.com/burakozcn01/certstream-server-rust

High-performance Certificate Transparency (CT) monitoring tool written in Rust. Real-time stream of newly issued SSL/TLS certificates from CT logs. Rust implementation of certstream-server with improved performance and memory efficiency.

certificate-transparency certstream ct-logs rust security threat-intelligence websocket x509

Last synced: 22 Feb 2026

https://github.com/smed79/easylist-hosts

Unified EasyList hosts blacklist for use with DNS and domain blocking tools as pi-hole for the purpose of blocking bad domains used for serving ads, tracking, mining, malware and other nasty content.

adblock adblock-plus adguard blacklist blocklist dns dnsforge domains easylist easyprivacy hosts hosts-file malware nextdns personaldnsfilter phishing pi-hole privacy security ublock

Last synced: 24 Oct 2025

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/amadeusitgroup/starter-kit-for-internal-hacking-event

A kit to organize internal hacking events, improving product security and spreading security knowledge.

event fun security

Last synced: 13 Feb 2026

https://github.com/alex2276564/telegramnotifier

PrestaShop module that sends customizable Telegram notifications for new orders, admin logins, and new customer registrations. Supports multiple chat recipients, message templates, and automatic update checks.

api automation ecommerce module notifications php prestashop security telegram

Last synced: 14 Oct 2025

https://github.com/seznam/jailoc

🔒 Jail your AI agents — sandboxed Docker environments with network isolation for Opencode agents

ai-agents cli devtools docker docker-compose golang network-isolation opencode sandbox security

Last synced: 04 Apr 2026

https://github.com/epappas/llmtrace

Zero-code LLM security & observability proxy. Real-time prompt injection detection, PII scanning, and cost control for OpenAI-compatible APIs. Built in Rust.

agentic ai-agents ai-infrastructure ai-security aiops chatgpt llm-inference llm-monitoring llm-security llm-security-compliance-prompt-injection llmops mlops observability openai pii-detection prompt-injection proxy rust security

Last synced: 19 Feb 2026

https://github.com/radoslaw-sz/guardio

The most flexible control plane for AI Agent systems

ai ai-agent ai-agents control-plane framework guard mcp security

Last synced: 01 Apr 2026

https://github.com/dk26/strict-path-rs

Handle paths from external or unknown sources securely. Defends against 19+ real-world CVEs including symlinks, Windows 8.3 short names, and encoding tricks and exploits.

directory-traversal file-security filesystem-security path-traversal-prevention path-validation rust rust-crate security type-safety web-security

Last synced: 22 Apr 2026

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/andreacioni/keelink

Keepass2Android QR Plug-In Utility

android encryption keepass keepass2android-qr-plug plugin security

Last synced: 21 Mar 2025

https://github.com/jochasinga/firma

Simple Merkle tree implementation based on the Bitcoin white paper.

bitcoin blockchain firma hashtree merkle ocaml security

Last synced: 17 Nov 2025

https://github.com/eftec/securityonemysql

It is a library

mysql php php7 security

Last synced: 07 Mar 2026

https://github.com/gp187/ubuntu-privacy-fix

After a fresh install don't forget to remove telemetry and harden security

privacy security telemetry ubuntu

Last synced: 11 Apr 2025

https://github.com/mitre/apache-tomcat-8-cis-baseline

(WIP) (Alpha) InSpec profile for CIS Apache Tomcat v8 Benchmark

apache inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat

Last synced: 21 Apr 2025

https://github.com/therootcompany/base62-token.js

Generate & Verify GitHub-style & npm-style Base62 Tokens

base62 base62-encoding github-tokens-generator npm-tokens-generator security

Last synced: 17 Jul 2025

https://github.com/flutterguard/flutterguard-cli

Know and see everything an attacker can extract and get from your published Flutter app

android apk cli dart exploit flutter opensource reverse-engineering security static-analysis

Last synced: 13 Jan 2026

https://github.com/rix4uni/portmap

portmap is a fast portscan tool, uses shodan public data for port scan used internetdb.shodan.io and api.shodan.io/shodan/host

bug-bounty bugbounty bugbountytips hacking infosec internetdb osint osint-resources penetration-testing pentest-tool pentesting port-enumeration portscanner recon reconnaissance scan-ports security security-tools shodan threat-intelligence

Last synced: 28 Aug 2025

https://github.com/casbin/mux-authz

gorilla/mux's RBAC & ABAC Authorization middleware based on Casbin

abac acl authz casbin gorilla-mux middleware mux plugin rbac security

Last synced: 22 Apr 2025

https://github.com/pelock/jobfuscator-python

JObfuscator is a source code obfuscator for the Java language. Protect Java source code & algorithms from hacking, cracking, reverse engineering, decompilation & technology theft.

decompiler decompiler-java java mangle mangler obfuscate obfuscate-code obfuscate-strings obfuscated obfuscated-code obfuscation obfuscator security source-code

Last synced: 13 Jul 2025

https://github.com/authress/authress-sdk.cs

The Authress SDK for C# provides authorization as a service with fully compatible REST apis.

authentication authorization authorization-backend authorization-framework authorization-middleware authorization-server authress nuget security

Last synced: 13 May 2025

https://github.com/wode490390/sanctioner

Sanctioner plugin for Nukkit

ban crash minecraft nukkit plugin sanction security

Last synced: 14 Apr 2025

https://github.com/heartsucker/rust-secure-session

Signed, encrypted session cookies for Iron

cryptography http iron rust security session

Last synced: 13 May 2025

https://github.com/nathanjepson/wdac-framework

Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.

application-control applicationcontrol defender enterprise-security operation-system-security powershell powershell-script security sqlite sqlite-database wdac windows windows-defender windows-defender-application-control windowsdefender winrm zero-trust

Last synced: 21 Jun 2025

https://github.com/safinsingh/midnight

🔧 An extensible Linux security auditing tool

cybersecurity docker go golang linux security

Last synced: 09 Mar 2026

https://github.com/ghostofgoes/ui-prccdc

Scripts, Guides, Tools, and what-not for the University of Idaho PRCCDC team.

ccdc hardening prccdc python scripts security uidaho vyos

Last synced: 22 Apr 2025

https://github.com/badr-1/steganography-cryptography

Console App That Uses Cryptography And Steganography To Embed/Extract Secret Message In/From an Image

encryption kotlin lsb-steganography security xor-encryption

Last synced: 13 Apr 2025

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/mrtazz/certcal

provide an iCal web feed for certificate expiration

calendar certificates golang security ssl tls

Last synced: 15 Apr 2025

https://github.com/accuknox/secret-scan-action

AccuKnox Secret Scan GitHub Action

secret security sensitive-data

Last synced: 06 Mar 2026

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/padok-team/security-vault-credential-broker

Code to deploy a PoC of an implementation of Vault as a credential broker for Boundary, with a PostgreSQL database as target.

boundary security vault

Last synced: 26 Dec 2025

https://github.com/dhanushnehru/pdf-xss-checker

pdf-xss-checker is a Node.js tool designed to scan PDF files for potential Cross-Site Scripting (XSS) vulnerabilities. It analyzes embedded scripts, forms and suspicious content to help identify security risks in PDFs before they're distributed or displayed in browsers.

pdf pdf-document scanner security security-audit securitytools vulnerability xss xss-attacks xss-detection xss-filter xss-scanner xss-vulnerability

Last synced: 19 Jun 2025

https://github.com/mychewcents/e2e-encryption

An npm module to allow for easier E2E encryption and decryption. Works on 'tweetnacl' npm package.

e2e-encryption encryption encryption-decryption encryption-tool end-to-end-encryption npm npm-package privacy privacy-protection security

Last synced: 17 Jan 2026

https://github.com/xtonousou/cis-bench-centos8

CIS Benchmark v1.0.0 - Level 1 Server - CentOS 8 automation

assessment bash benchmark centos centos8 cis cis-benchmark hardening linux security

Last synced: 30 Oct 2025

https://github.com/nwtgck/aes128gcm-stream-npm

🛡128-bit AES-GCM Encryption Stream for Web Browsers

aes-gcm browser encryption javascript security stream streams-api

Last synced: 01 Apr 2025

https://github.com/trvswgnr/crab-snitch

Get an alert on macOS if an application accesses your microphone or webcam.

macos personal security

Last synced: 08 Sep 2025

https://github.com/bonedaddy/web3-super-user

deployment, and configuration guidelines for self-hosting web3 services in a secure manner.

ethereum-staking security self-hosting web3

Last synced: 08 May 2025

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/p0dalirius/securityscripts

This repository contains a set of useful scripts templates for pentesters and security researchers.

pentest python scripts security

Last synced: 03 Jul 2026

https://github.com/leklund/bauditor

run bundler-audit on a multiple repositories at once

bundler-audit ruby rubygems security

Last synced: 07 Jul 2025

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026

https://github.com/carlocorradini/graphql-auth-directive

GraphQL @auth directive that protects resources from unauthenticated and unauthorized access

auth authentication authorization graphql nodejs security typescript

Last synced: 16 Feb 2026

https://github.com/prompt-armor/prompt-armor

Open-source prompt injection detector — 5 layers, 91.7% F1, ~27ms, offline, Apache 2.0

ai-safety anomaly-detection cli faiss jailbreak llm llm-security mcp nlp offline onnx prompt-injection prompt-security python security

Last synced: 03 Jun 2026

https://github.com/sierrasoftworks/honeypot

A service designed to track malicious SSH login attempts

honeypot security ssh-server

Last synced: 09 Apr 2025

https://github.com/stijncaerts/doss

Development of Secure Software: course summary

security

Last synced: 22 Feb 2026

https://github.com/DemiMarie/SlipRock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 11 Mar 2025

https://github.com/iwpnd/fiber-key-auth

fiber api key authentication middleware

api gofiber golang security

Last synced: 20 Mar 2025

https://github.com/houssemdellai/kubernetes-allowed-registries-policy

Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.

aks-kubernetes-cluster container-registry container-security policy security

Last synced: 03 Jan 2026

https://github.com/benjitrapp/project-makalu

Penetration testing challenge => Test the broken "Session Handling" in the new shop of the "anna group"

burpsuite ctf-challenges docker flask hacking-simulator python3 security

Last synced: 14 Apr 2025

https://github.com/haccer/xmail

Go tool that detects which email addresses have domains which are able to be registered

account-takeover bug-bounty bugbounty cyber email go golang infosec osint pentesting redteam redteam-tools security

Last synced: 14 Mar 2026

https://github.com/aaearon/mcp-privilege-cloud

A production-ready Model Context Protocol (MCP) server for CyberArk Privilege Cloud integration. Enables AI assistants and MCP clients to securely interact with privileged account management, safe operations, and platform configurations through 8 comprehensive tools.

ai-integration claude-desktop cyberark cyberark-api cybersecurity fastmcp identity-management mcp mcp-server model-context-protocol oauth-authentication oauth2 pam password-vault platform-management privilege-cloud privileged-access-management privileged-accounts python security

Last synced: 18 Feb 2026

https://github.com/digitalruby/socketcloser

Close ipv4 and ipv6 sockets on Windows and Linux

ipv4 ipv6 linux network networking security sockets windows

Last synced: 24 Jul 2025

https://github.com/divineomega/php-password-cracker

PHP package to crack passwords

password password-cracker php security

Last synced: 25 Jul 2025

https://github.com/barandev/firebase-authentication-template

A template repository for implementing Firebase Authentication with Flask and JavaScript. This template provides a basic setup for integrating Firebase Authentication into web applications using Flask as the backend framework. It includes functionalities for user signup, signin, signout, and session management.

firebase firebase-auth firebase-webapp flask html-css-javascript javascript modal-design password-hashing python responsive-design security session-management signin-signup template user-management userauthentication web-template webdevelopment

Last synced: 19 Feb 2026

https://github.com/rattleycooper/warble

Steganography tool that can embed files into the pixel data of images, or the data chunk of a wav file.

obfuscation pentesting security steganography

Last synced: 31 Aug 2025

https://github.com/m3ssap0/data-grabber

This is a simple PHP script that can be used as a cookie grabber / session stealer. It uses MySQL to store data in a structured way.

cookie-grabber cookie-stealer security security-tools session-grabber session-stealer

Last synced: 28 Jun 2025

https://github.com/mindpatch/latestpocs

Latest PoC exploit & Writeups

cves pentesting poc proof-of-concept security

Last synced: 20 Sep 2025

https://github.com/cristalhq/ipfilterware

Go HTTP middleware to filter clients by IP address

filtering firewall go golang http ip ipv4 ipv6 middleware security

Last synced: 08 Apr 2025

https://github.com/line/webauthndemo-kotlin

WebAuthnDemo Kotlin is a sample application demonstrating the integration of the webauthn-kotlin SDK for secure, password-less authentication in Android apps. It showcases the use of biometric and device credential authenticators, along with examples for registering and authenticating credentials.

authenticator demo fido2 kotlin passwordless security webauthn

Last synced: 02 Sep 2025

https://github.com/geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/mdeous/dnscheck

Subdomain takeover assessment tool.

dns security subdomain-takeover

Last synced: 11 Apr 2026

https://github.com/zelon88/accessibility-tools-utilmon-defender

A Windows 7-10 startup script for detecting and preventing "Ease Of Access" attacks.

accessibility admin-tools anti-hacking defender security

Last synced: 31 Oct 2025

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/kovart/forta-spam-detector

Advanced spam detector powered by Forta Network

blockchain detector erc1155 erc20 erc721 ethereum forta phishing scam security spam token

Last synced: 15 Apr 2025

https://github.com/upgundecha/applied-security

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity

appsec cloudsecurity cybersecurity devsecops infosec security security-tools

Last synced: 14 Apr 2025

https://github.com/shadawck/nse-install

Install and update external NSE script for nmap

installer-script nmap nmap-scan-script nmap-scripts nse security security-tools

Last synced: 24 Sep 2025

https://github.com/octogonapus/registryscanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 28 Jun 2025

https://github.com/lreimer/secure-devex22

Demo repository for my talk at the Heise Developer Experience 2022 conference.

checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api

Last synced: 02 Aug 2025

https://github.com/riotkit-org/gpbkdf2

PBKDF2 key encoder for use in shell. Single, tiny binary. Written in Go.

aes aes-256 aes-256-cbc cbc cbc-mode crypto go openssl pbkdf2 pbkdf2-cli security

Last synced: 02 Aug 2025

https://github.com/aw-junaid/golang-web-security

Secure Golang web app with best practices: authentication, authorization, input validation, CSRF protection, and secure headers. Example code for secure development.

golang penetration-testing security websecurity

Last synced: 14 Apr 2025

https://github.com/matricali/kaker-scripts

Compilation of files recovered from compromised hosts. This collection contains various scripts and tools used by the attackers.

attacker backdoors compilation files-recovered hacker-scripts kaker-scripts phishing-attacks scanners scripts security shell

Last synced: 15 Apr 2025

https://github.com/bytehide/cli

Dotnetsafer CLI is a console tool that allows you to protect your .NET developments, integrates different products and services to keep your code safe.

analyzer dotnet netcore obfuscation owasp protection security security-tools vulnerability

Last synced: 27 Jun 2025