An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/0xjonaseb11/dn404_marketplace.3.0

A DN404 Marketplace built on ERC404 token standard inspired by Pandora coin

auditing dn404 erc404 ethereum marketplaces nfts security smartcontracts solidity tokens

Last synced: 21 Apr 2026

https://github.com/katosh/agent_sandbox

Sandbox AI agents on HPC systems with slurm.

ai-agents bubblewrap firejail hpc landlock sandbox security slurm

Last synced: 05 May 2026

https://github.com/rsclarke/terraform-cloudflare-fastmail-email

MX, SPF, DKIM and DMARC records with MTA-STS policy for email hosted by Fastmail

cloudflare dkim dmarc email mta-sts mx security spam-protection spf terraform

Last synced: 04 Apr 2026

https://github.com/mablanco/docker-rapidscan

Docker image for Rapidscan, a multi-tool web vulnerability scanner

docker pentesting security

Last synced: 02 Jun 2026

https://github.com/gowww/secure

๐Ÿ”‘ Security utilities, CSP, HPKP, HSTS and other security wins

csp go golang good-practices hpkp hsts http https policy secure security ssl

Last synced: 01 Mar 2026

https://github.com/sap-samples/btp-sac-forecast

This scenario is primarily intended to empower data driven decisions through analytics forecast using SAP Analytics Cloud, BTP extension application and SAP Build Work Zone, standard edition.

cloud-foundry sample sample-code sap-analytics-cloud sap-btp sap-build-work-zone-standard-edition sap-cap sap-hana-cloud security story

Last synced: 06 Feb 2026

https://github.com/rad-security/clawkeeper

Open-source security scanner for AI agent hosts. Audits macOS and Linux machines for misconfigurations, credential exposure, and network hardening โ€” 42 checks across 5 phases with auto-fix.

ai-agents bash devsecops hardening linux macos openclaw scanner security

Last synced: 12 Jun 2026

https://github.com/protokol/guardian

Transaction Based Permission Management (Users and Group) OnChain

ark blockchain configurable permissions security user-management

Last synced: 19 Oct 2025

https://github.com/soulteary/stargate

A minimal ForwardAuth gateway for Traefik and Nginx that handles login sessions and request access control. / ้ขๅ‘ Traefik ๅ’Œ Nginx ็š„ๆž็ฎ€ ForwardAuth ้‰ดๆƒ็ฝ‘ๅ…ณ๏ผŒ่ดŸ่ดฃไผš่ฏไธŽ่ฎฟ้—ฎๆŽงๅˆถใ€‚

auth authentication authorization enjoy-with-stargate forwardauth gateway nginx reverse-proxy security sso traefik

Last synced: 11 Feb 2026

https://github.com/heycupola/relic

Manage and share secrets. Encrypted on your device, never exposed to anyone else.

cli encrypted gdpr-compliant project-management secret-manager secrets security tui typescript zero-knowledge

Last synced: 01 Apr 2026

https://github.com/solomonkassa/nginx-automation

๐Ÿš€ NGINX Automation Framework A comprehensive, enterprise-grade NGINX automation framework designed for high-availability, security-focused, and scalable web infrastructure deployment.

ansible ci-cd doker kubernetes nginx nginx-docker prometheus script security shell-script

Last synced: 03 Apr 2026

https://github.com/onzack/kube-defcon

A tool to visualize network policy information from the Kubernetes Master API

docker kubernetes network-policy security visualization

Last synced: 26 Oct 2025

https://github.com/dragonbe/poc-webapp-vault

A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault

database mysql php proof-of-concept security vault webapp

Last synced: 16 Mar 2026

https://github.com/sowoi/check-nextcloud-security

Check the security level of your Nextcloud instance with the Nextcloud Security API

icinga icinga2 icinga2-plugin nagios-checks nagios-plugin nextcloud nextcloud-server python3 scan security

Last synced: 11 Jun 2026

https://github.com/richonn/shieldci

GitHub Action that auto-generates hardened CI/CD DevSecOps pipelines โ€” lint, tests, Trivy, Gitleaks, SAST and more โ€” and opens a PR with the generated workflows.

automation ci-cd devops devsecops github-actions gitleaks golang pipeline sast security trivy

Last synced: 30 May 2026

https://github.com/iris-eval/mcp-server

The agent eval standard for MCP โ€” score output quality, catch safety failures, enforce cost budgets

agent-evaluation ai-agent claude eval evaluation llm mcp mcp-server model-context-protocol observability security tracing

Last synced: 07 May 2026

https://github.com/alexfrancow/gomitm

:construction: An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers written in go.

go golang http https martian mitm proxy security tcp

Last synced: 14 Oct 2025

https://github.com/appsflyer/srealip

Go package for securely extracting HTTP client's real public IP

go golang http ip security

Last synced: 10 Oct 2025

https://github.com/netlify/plugin-csp-nonce

Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.

csp netlify security

Last synced: 26 Oct 2025

https://github.com/exxeta/flutter-security-toolkit

Mobile Security Toolkit for Flutter

flutter security security-tools

Last synced: 23 Oct 2025

https://github.com/jreisinger/waf-tester

Test Web Application Firewalls (WAFs)

cli ftw security testing tool waf

Last synced: 31 Jan 2026

https://github.com/kumuluz/kumuluzee-security

KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.

cloud-native java javaee kumuluzee microservices oauth2 openid-connect security

Last synced: 17 Oct 2025

https://github.com/liberzon/claude-hooks

Smart PreToolUse hook for Claude Code โ€” decomposes compound bash commands and checks each sub-command against allow/deny permission patterns

bash claude-code claude-hooks cli security

Last synced: 20 Apr 2026

https://github.com/ryandaniels/ansible-role-dnsmasq-adblock

Use dnsmasq for adblocking with OpenVPN. Use this Ansible role after installing OpenVPN (PiVPN or Streisand, etc) on a RaspberryPi or a VPS for example.

adblock ansible ansible-role dnsmasq openvpn privacy raspberry-pi security ubuntu vpn

Last synced: 10 Apr 2025

https://github.com/t94j0/polymorphic_compression_malware

Warning, this is malware. Don't do something stupid with it

hacking malware security

Last synced: 07 Mar 2026

https://github.com/fabian-hk/secure-two-party-computation

Python implementation of the TPC protocol from the paper "Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation"

google-protocol-buffers multi-party-computation network-communication python3 secure-computation security tpc two-party-computation

Last synced: 14 Apr 2025

https://github.com/lukebaggett/ssh-credscan

A multi-factor SSH login scanner with support for password, public key, and google authenticator authentication.

google-authenticator multi-factor-authentication scanner security ssh ssh-client two-factor-authentication

Last synced: 22 Jul 2025

https://github.com/weixian-zhang/fuzzie

A VSCode GUI-based fuzzer for Rest API and GraphQL

fuzzing python3 rest-api security vscode-extension

Last synced: 30 Dec 2025

https://github.com/Peco602/dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

docker dvwa ethical-hacking security ssl

Last synced: 21 Mar 2025

https://github.com/authress/authress-sdk.py

The Python Authress SDK provides authorization as a service with fully compatible REST apis.

authorization authorization-backend authorization-framework authorization-middleware authorization-server authorizationservice authress python security

Last synced: 13 May 2025

https://github.com/turbot/steampipe-mod-snowflake-compliance

Run individual controls or full compliance benchmarks across all of your Snowflake accounts using Powerpipe and Steampipe.

compliance hacktoberfest powerpipe powerpipe-mod security snowflake snowflakedb steampipe steampipe-mod

Last synced: 11 Jul 2025

https://github.com/ashishb/checkdevicecredentials

Force device credential check before decrypting data

android android-security keystore security

Last synced: 02 May 2025

https://github.com/olliecheng/passwordbreachchecker

A small unofficial extension to check passwords you type in against the database at HaveIBeenPwned (Chrome only for now)

browser-extension chrome-extension extension password-security security

Last synced: 26 Jun 2025

https://github.com/spiral/security

[READ ONLY] RBAC security layer based on NIST definition, role/rule/permission associations, bulletproof. Subtree split of the Spiral Security component (see spiral/framework)

nist rbac security spiral

Last synced: 28 Oct 2025

https://github.com/imagemlt/easyscanner

distributed cms fingerprint scanner using celery with redis

scanner security security-tools

Last synced: 13 Apr 2025

https://github.com/strmprivacy/data-plane-helm-chart

Care about your data leaving your VPC/environment in SaaS mode? With our self-hosted option you can run our privacy focused Data Plane in your own Kubernetes Cluster. Just (1) sign-up, (2) request a self-hosted installation, (3) use our values.yaml on your own k8s clusters and (4) run your (customer) data inside your own cloud like ๐Ÿช„

charts data helm kubernetes privacy security

Last synced: 23 Jun 2025

https://github.com/john-b-yang/course-dev

Personal repository of teaching material

databases pedagogy security software-development

Last synced: 15 Jun 2025

https://github.com/chriszarate/know-your-deps

Picks a random dependency from your project and splains it to you.

npm security vulnerabilities

Last synced: 20 Aug 2025

https://github.com/cdpxe/openbsdhacks

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

bsd fupids hids host-monitoring icmp ids information-security kernel kernel-module kernel-modules openbsd openbsd-community openbsd-ports openbsd-scripts port-knocking portknocking security security-hardening security-monitoring security-tools

Last synced: 23 Mar 2025

https://github.com/marcreichel/password-exposed-rule

Laravel Validation rule to check that a password hasn't been exposed

data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation

Last synced: 13 Jan 2026

https://github.com/jwilk/fuzzing

Jakub's fuzzing goodies

fuzzing security

Last synced: 12 Apr 2025

https://github.com/googlechromelabs/web-identity-demos

Demos for identity on the web. Built by the Chrome Developer Relations team and friends.

authentication autofill demo passkeys security

Last synced: 09 Jul 2025

https://github.com/kaansk/go-euvd

Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.

api-client cvss enisa epss european-union euvd go golang incident-response open-source oss security threat-intelligence vulnerability vulnerabilitymanagement

Last synced: 16 Jul 2025

https://github.com/swedishmike/dmarcparser

A quick and dirty implementation to get DMARC reports into Splunk for further analysis

dmarc dmarc-reports email python security spam-prevention splunk splunk-sdk

Last synced: 08 May 2025

https://github.com/404notf0und/python-guide

Practice makes perfect

bugs coding python security tricks

Last synced: 12 Apr 2025

https://github.com/sammcj/github-app-installation-token

Generates Github tokens using a Github App install

actions authentication security token workflow

Last synced: 10 Apr 2025

https://github.com/dimon222/py-gitsshgen

Automatic generation of SSH keys for VCS

automation git hacktoberfest python security ssh vcs

Last synced: 29 Oct 2025

https://github.com/oktsec/oktsec

Security layer for AI agent-to-agent communication. Every message is signed, inspected, and logged. If it doesn't comply, it doesn't pass. No LLM. No cloud. Single binary. Your infra, your data.

ai-agents audit ed25519 golang identity inter-agent mcp open-source proxy security

Last synced: 02 Apr 2026

https://github.com/janloebel/nipca

Network IP Camera Application Programming Interface (NIPCA) - Client

client ip-camera ipcamera javascript nipca node security

Last synced: 15 Jul 2025

https://github.com/elliotwutingfeng/aegis-backup-decryptor

CLI tool to decrypt backup files exported from the Aegis Authenticator app. This application is neither affiliated with Beem Development nor Aegis Authenticator.

2fa aes aes-gcm android backup cryptography cybersecurity decryption encrypt encrypted encryption linux macos openssl otp privacy scrypt security totp windows

Last synced: 29 Apr 2025

https://github.com/nilportugues/php-uuid

Use this class to encapsulate the latest and more secure Uuid versions

composer php php7 secure security uuid uuid-generator uuid4 uuid5

Last synced: 14 Jul 2025

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/aureq/cloud-maps.info

AWS Security Primer

audit aws cloud compliance map security

Last synced: 31 Oct 2025

https://github.com/neurophant/ouija

Python relay/proxy server and library to build reliable encrypted TCP/UDP tunnels with entropy control for TCP traffic

asyncio censorship cipher encrypted entropy http https network proxy relay security tcp tunnel udp

Last synced: 04 May 2025

https://github.com/petr-panteleyev/password-manager

Desktop application to keep passwords and other sensitive information

aes-256 desktop-application java java-24 javafx javafx-application password-manager security

Last synced: 29 Apr 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/nearata/flarum-ext-twofactor

A Flarum extension. Allow your users to enable two factor authentication.

flarum flarum-extension security two-factor

Last synced: 10 Apr 2025

https://github.com/rm3l/container-scan-to-sarif

Converts Azure Container Scan Action output to SARIF, for an easier integration with tools like GitHub Code Scanning

container-scanning go golang sarif sarif-report security

Last synced: 26 Mar 2025

https://github.com/Nearata/flarum-ext-twofactor

A Flarum extension. Allow your users to enable two factor authentication.

flarum flarum-extension security two-factor

Last synced: 28 Mar 2025

https://github.com/aw-junaid/android-security

Explore Android security: secure app development, reverse engineering, vulnerability testing, and best practices for data protection and encryption.

android android-rat androidsecurity hacking hacking-tool security vulnerabilities

Last synced: 01 Jul 2025

https://github.com/geniuszly/cve-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/ms2138/cameraviewer

Add/View Dahua security camera video streams

camera dahua dahua-cameras onvif onvif-camera security swift uikit xcode

Last synced: 04 May 2025

https://github.com/ufukty/ovpn-auth

Simple to use, easy to deploy 2FA login for OpenVPN servers

authentication golang openvpn password security totp two-factor-authentication

Last synced: 17 Jan 2026

https://github.com/stackrox/jenkins-plugin

The StackRox Jenkins Plugin for image scanning and security

containers hacktoberfest jenkins k8s security stackrox

Last synced: 06 May 2025

https://github.com/luketainton/pwnedpw

Checks if your password has been leaked.

password pwned pwned-passwords pwnedpasswords security

Last synced: 30 Apr 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/jsign/timing-attack

Timing attack proof-of-concept in Go

go security statistics timing-attack

Last synced: 18 Mar 2025

https://github.com/bitexpert/sulu-securitytxt-bundle

Sulu Bundle to manage security.txt files

php security sulu sulu-bundle symfony

Last synced: 14 Apr 2025

https://github.com/andiveloper/ts-rbac

Use ts-rbac if you need role-based access control in your TypeScript application, independent from your architecture.

jwt security ts typescript

Last synced: 06 May 2025

https://github.com/fiware/tutorials.roles-permissions

:closed_book: FIWARE 402: IDM - Application Roles and Permissions

fiware fiware-keyrock identity-management security tutorial

Last synced: 30 Apr 2025

https://github.com/kyopark2014/aws-security-token-service

It shows how to generate and use temporary security credential using AWS STS.

aws aws-lambda aws-sdk lambda security temporary-credentials

Last synced: 12 Apr 2025

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/0xhunterr/hack_map

A Collection of InfoSec Mind Maps

ejpt-notes ejpt-study mindmap security

Last synced: 14 Feb 2026

https://github.com/jpcertcc/huiloader-research

HUI Loader analysis research

malware security

Last synced: 05 Feb 2026

https://github.com/grottopress/samba

Single Sign On authentication for Lucky framework

authentication crystal lucky-framework oauth2 security sso

Last synced: 22 Apr 2025

https://github.com/suuhm/log4shell4shell

Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell

checker hacking linux log4j log4j2 log4shell macos patch penetration-testing pentesting proof-of-concept scanner security tomcat vulnerability-scanners windows

Last synced: 03 May 2026