An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/elliotwutingfeng/aegis-backup-decryptor

CLI tool to decrypt backup files exported from the Aegis Authenticator app. This application is neither affiliated with Beem Development nor Aegis Authenticator.

2fa aes aes-gcm android backup cryptography cybersecurity decryption encrypt encrypted encryption linux macos openssl otp privacy scrypt security totp windows

Last synced: 29 Apr 2025

https://github.com/kyopark2014/aws-security-token-service

It shows how to generate and use temporary security credential using AWS STS.

aws aws-lambda aws-sdk lambda security temporary-credentials

Last synced: 12 Apr 2025

https://github.com/derhuerst/generate-node-policy-file

Generate a Node.js policy file for your code.

json nodejs security

Last synced: 15 Apr 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/darwintantuco/eslint-plugin-require-form-method

Disallow form tags without explicit method attribute

eslint eslint-plugin eslintplugin security

Last synced: 24 Apr 2025

https://github.com/jbruchon/php_secure_auth

Secure user login/authentication template for PHP web applications

authentication pdo pdo-mysql php security

Last synced: 13 May 2025

https://github.com/cdpxe/openbsdhacks

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

bsd fupids hids host-monitoring icmp ids information-security kernel kernel-module kernel-modules openbsd openbsd-community openbsd-ports openbsd-scripts port-knocking portknocking security security-hardening security-monitoring security-tools

Last synced: 23 Mar 2025

https://github.com/akshatvg/secure-hashed-authentication

blake2b & md5 based registration and login in PHP to show a secure hashed password.

algorithm authentication blake2b blake2b-hash-algorithm cyber-security hashing login md5 networks nis php project register security

Last synced: 31 Jul 2025

https://github.com/hleliofficiel/exaaiagent

ExaAiAgent — Advanced AI-powered penetration testing framework with Docker sandbox, multi-agent workflows, and 50+ integrated cybersecurity tools.

ai-agent bug-bounty cybersecurity hacking llm pentesting prompt-injection python security vulnerability-scanner

Last synced: 01 Apr 2026

https://github.com/Peco602/dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

docker dvwa ethical-hacking security ssl

Last synced: 21 Mar 2025

https://github.com/muqsit/2fa

[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.

2fa mfa pmmp pocketmine-mp security

Last synced: 05 Aug 2025

https://github.com/jul10l1r4/identificador-cve-2018-11759

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing

Last synced: 16 May 2025

https://github.com/skx/mod_blacklist

A simple Apache module to blacklist remote hosts.

apache2 blacklist c firewall security

Last synced: 16 Mar 2026

https://github.com/beenuar/shieldapp-android

All-in-one Android security suite — deepfake detection, antivirus, Tor VPN, breach monitoring, phishing scanner, and 50+ security tools. On-device, no API keys, open source.

android android-app android-security antivirus breach-detection cybersecurity deepfake-detection jetpack-compose kotlin malware-detection material-design network-security open-source phishing-detection privacy security tensorflow-lite threat-intelligence tor vpn

Last synced: 11 May 2026

https://github.com/codeconut-ltd/wordpress-plugin-default-config

WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.

composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings

Last synced: 08 Oct 2025

https://github.com/software-engineering-and-security/confuzzion

Confuzzion is a Java Virtual Machine (JVM) fuzzer generating Java programs to find bugs and vulnerabilities in the Java VM.

bug code-generation crashes fuzzer java java-virtual-machine java-virtual-machine-fuzzer jvm jvm-fuzzer jvm-fuzzing security soot testing type-confusion vulnerabilities vulnerability

Last synced: 27 Jul 2025

https://github.com/picobaz/pybruteforge

PyBruteForge: A powerful Python brute-force login tester for ethical security audits. Forge attacks with smart password patterns and CSV logging via a modular API-driven design. Strengthen your defenses—test ethically!

bruteforce cybersecurity ethical-hacking login-tester password-audit penetration-testing python security web-security

Last synced: 23 Oct 2025

https://github.com/sap-samples/btp-sac-forecast

This scenario is primarily intended to empower data driven decisions through analytics forecast using SAP Analytics Cloud, BTP extension application and SAP Build Work Zone, standard edition.

cloud-foundry sample sample-code sap-analytics-cloud sap-btp sap-build-work-zone-standard-edition sap-cap sap-hana-cloud security story

Last synced: 06 Feb 2026

https://github.com/luisschwab/smaug

smaug 🐉 guards your coins and sends you an email if they move

bitcoin network security

Last synced: 24 Jan 2026

https://github.com/happyhackingspace/privacy-policy-analyzer

A command-line tool that automatically fetches, analyzes, and scores website privacy policies using AI to highlight strengths, risks, and recommendations.

privacy security

Last synced: 13 Oct 2025

https://github.com/melardev/c_win32_bindshell_sync

BindShell written in C using Win32API and blocking sockets

bind-shell c networking pipe poc process-pipes reverse-shell security shell socket win32 win32api

Last synced: 13 Apr 2025

https://github.com/richonn/shieldci

GitHub Action that auto-generates hardened CI/CD DevSecOps pipelines — lint, tests, Trivy, Gitleaks, SAST and more — and opens a PR with the generated workflows.

automation ci-cd devops devsecops github-actions gitleaks golang pipeline sast security trivy

Last synced: 30 May 2026

https://github.com/marcominerva/dataprotectionsample

This example shows how to use the DataProtection APIs with ASP.NET Core

aspnetcore cryptography csharp data-protection dotnet minimal-api security

Last synced: 09 Apr 2025

https://github.com/smoren/url-security-manager-php

Class for building, parsing, signing, signature checking, encrypting and decrypting URLs

encryption security url-builder url-parser

Last synced: 15 Apr 2025

https://github.com/solomonkassa/nginx-automation

🚀 NGINX Automation Framework A comprehensive, enterprise-grade NGINX automation framework designed for high-availability, security-focused, and scalable web infrastructure deployment.

ansible ci-cd doker kubernetes nginx nginx-docker prometheus script security shell-script

Last synced: 03 Apr 2026

https://github.com/divd-nl/cna-bot

GitHub action to validate and submit CVE entries using cvelib, cvelint and cve service.

cve security

Last synced: 01 Mar 2026

https://github.com/accrescent/console

The Accrescent console

android angular appstore security

Last synced: 05 Mar 2026

https://github.com/mondoohq/terraform-provider-mondoo

Terraform Mondoo provider

security terraform

Last synced: 02 Apr 2026

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026

https://github.com/aginies/virt-scenario

Prepare a Virtual Machine libvirt XML config and the host to match a specific scenario usage

alp confidential-computing host libvirt opensuse qemu scenarios secure-computation security sev sev-es suse virtual-machine virtualization xml xml-schema

Last synced: 09 Oct 2025

https://github.com/dotcoocoo/hermitstash

Post-quantum encrypted, self-hosted file sharing. ML-KEM-1024 + P-384 hybrid crypto, zero plaintext on disk, one-command deploy. 🦀

argon2 cryptography docker encryption end-to-end-encryption fido2 file-sharing file-upload ml-kem nodejs passkeys post-quantum privacy security self-hosted sqlite webauthn xchacha20 zero-dependency zero-knowledge

Last synced: 26 Jun 2026

https://github.com/fivexl/terraform-aws-ssl-checker

Simple SSL check and expiring certificates reminder with additional DNS check and host availability check.

heartbleed lambda security ssl terraform terraform-module tls tls-certificate-checker tls-scan tls13

Last synced: 09 Apr 2025

https://github.com/itcmsgr/nftban

NFTBan is an open-source Linux Intrusion Prevention System (IPS) and firewall manager built on nftables, designed to integrate cleanly with modern Linux security stacks.

ai-security almalinux centos debian fail2ban firewall firewall-management intrusion-prevention ips linux nftables red-hat rocky rocky-linux rockylinux security suricata ubuntu zabbix

Last synced: 04 Jul 2026

https://github.com/onzack/kube-defcon

A tool to visualize network policy information from the Kubernetes Master API

docker kubernetes network-policy security visualization

Last synced: 26 Oct 2025

https://github.com/exxeta/flutter-security-toolkit

Mobile Security Toolkit for Flutter

flutter security security-tools

Last synced: 23 Oct 2025

https://github.com/ebrasha/abdal-security-headers

Abdal Security Headers is a powerful WordPress plugin that enhances your website's security through HTTP security headers. It provides an easy-to-use interface for managing security policies and protecting against common web vulnerabilities.

abdal abdal-security-group ebrahim-shafiei ebrasha hsts security security-headers wordpress wordpress-plugin wp

Last synced: 26 Jan 2026

https://github.com/dragonbe/poc-webapp-vault

A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault

database mysql php proof-of-concept security vault webapp

Last synced: 16 Mar 2026

https://github.com/yandex-cloud-examples/yc-mk8s-copy-fail-mitigation

DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)

kubernetes mk8s security yandex-cloud yandexcloud

Last synced: 25 Jun 2026

https://github.com/shinesolutions/aem-test-suite

AEM infrastructure test suite covering acceptance, recovery, security guideline testing scenarios

acceptance aem aem-opencloud performance recovery security testing

Last synced: 06 Mar 2026

https://github.com/zdnk/authorized

🔐 Simple way to authorize user actions on resources for Vapor 3

authorization security server-side-swift swift swift4 vapor vapor-3 vapor-swift

Last synced: 26 Apr 2025

https://github.com/lauslim12/attendance

🔐 Secure full-stack + REST API implementation of 2FA in the form of an attendance system

api authentication authorization express full-stack multi-factor-authentication nextjs owasp production security totp typescript

Last synced: 10 May 2026

https://github.com/soulteary/stargate

A minimal ForwardAuth gateway for Traefik and Nginx that handles login sessions and request access control. / 面向 Traefik 和 Nginx 的极简 ForwardAuth 鉴权网关,负责会话与访问控制。

auth authentication authorization enjoy-with-stargate forwardauth gateway nginx reverse-proxy security sso traefik

Last synced: 11 Feb 2026

https://github.com/liberzon/claude-hooks

Smart PreToolUse hook for Claude Code — decomposes compound bash commands and checks each sub-command against allow/deny permission patterns

bash claude-code claude-hooks cli security

Last synced: 20 Apr 2026

https://github.com/geniuszly/CVE-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/dzek69/html-safe-json

Small wrapper for JSON-stringify that makes result safe to embed directly into HTML `<script>` tag.

javascript json node security xss

Last synced: 22 Sep 2025

https://github.com/bonedaddy/postables-solidity-modules

Collection of reusable contracts and libraries I use in contracts I write.

blockchain contracts cryptocurrency ethereum libraries modules openzeppelin safemath security solidity upgradeable utilities

Last synced: 12 May 2025

https://github.com/jreisinger/waf-tester

Test Web Application Firewalls (WAFs)

cli ftw security testing tool waf

Last synced: 31 Jan 2026

https://github.com/venura9/manage-nsg

GitHub Action to Manage NSG Rules allowing public running deployment to resources secured by Azure NSGs

nsg security

Last synced: 06 Feb 2026

https://github.com/x13a/pschk

Check for suspicious processes on macOS

macos osx security swift

Last synced: 02 Jul 2025

https://github.com/ddrimus/http-threat-blocklist

A daily-updated blocklist of IP addresses involved in malicious HTTP attacks that bypassed multiple security layers. Ideal for protecting web servers against probing, exploits, and bot traffic.

blocklist cybersecurity firewall malware security threat-intelligence

Last synced: 31 Jan 2026

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/darxisr/cryline-v3.0

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.

aes-encryption assembly cplusplus dotnet encryption malware programming ransomware security source-code windows

Last synced: 16 Aug 2025

https://github.com/louis3797/xss-shield

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks

express-middleware middleware node security typescript xss xss-attacks xss-filter xss-sanitizer xss-shield

Last synced: 07 Apr 2025

https://github.com/potatoqualitee/disarepotools

🦅 DISA Patch Repository Tools - List, download files and install files from DISA patch repositories using your smartcard

disa security

Last synced: 27 Oct 2025

https://github.com/pythonhacker/varuh

Password manager for the command line for Unix like operating systems

command-line command-line-tool encryption golang linux password-manager security security-tools shell unix-like

Last synced: 19 Mar 2025

https://github.com/divineomega/laravel-password-security-audit

🔏 Artisan command to audit the security of your users' passwords

laravel laravel-package password php security security-audit users

Last synced: 24 Aug 2025

https://github.com/elliotwutingfeng/passwordsim

passwordsim lets you search for passwords similar to your specified password in any passwords dataset. The similarity metric used is the Damerau-Levenshtein distance.

cybersecurity damerau-levenshtein data-breaches hacktoberfest haveibeenpwned osint password password-manager security

Last synced: 29 Apr 2025

https://github.com/lambda2/breezer

🔒 Lock your Gemfile dependencies to safe versions

ci gemfile ruby security

Last synced: 18 Jan 2026

https://github.com/teh9/laravel-tg-2fa

A simple implementation of a two-factor authentication via Telegram for Laravel

2fa auth authentication laravel login php security telegram two-factor

Last synced: 22 Aug 2025

https://github.com/emilioforrer/go-stack

Production-ready Go scaffold template with clean architecture, lifecycle-managed dependency injection (samber/do), HTTP server (net/http + Huma/OpenAPI), CLI scaffolding, 45+ AI agent skills for Claude/Copilot/OpenCode, and built-in DevOps security tooling.

agentic-coding ai-agent ai-skills claude clean-architecture cli code-quality codex copilot dependency-injection go golang microservices openapi opencode production-ready security starter-kit template vertical-slice-architecture

Last synced: 30 May 2026

https://github.com/hxsecurity/dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.

applicationsecuritymonitoring devsecops django dongtai dongtai-iast security

Last synced: 26 Apr 2025

https://github.com/hqarroum/open-sniffer

:nose: A POSIX utility used to read and dissect network packets.

security sniffer

Last synced: 19 Apr 2025

https://github.com/ekino/hibernate-crypto-types

Provides new hibernate column types to encrypt your column data before being stored in your database

encryption gradle hibernate jpa secrets security

Last synced: 06 Oct 2025

https://github.com/netlify/plugin-csp-nonce

Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.

csp netlify security

Last synced: 26 Oct 2025

https://github.com/edsoncelio/ctf-guide

Information guide about CTF: https://edsoncelio.github.io/ctf-guide/

computer-engineering criptography pentest security

Last synced: 06 Feb 2026

https://github.com/k3rnel-dev/katanaframework

Katana-Framework это фреймворк для энтузиастов по тестированию на проникновение на данный момент еще находится в разработке.

framework hack hacking malware metasploit pentest pentesting post-exploitation security

Last synced: 28 Jun 2025

https://github.com/m-mizutani/aws-honeypot-templates

CloudFormation templates of low interaction honeypot on AWS

cloudformation honeypot security

Last synced: 27 Apr 2025

https://github.com/autodidaddict/grpctls_sample

Sample illustrating mutual TLS and streaming gRPC using Elixir

elixir elixir-lang grpc grpc-stream mutual-tls otp security tls

Last synced: 21 Apr 2025

https://github.com/miller79/spring-security-demo

Demonstrates how to use Spring Security with common production patterns.

java oauth2 security spring spring-boot spring-framework spring-security

Last synced: 01 Jul 2025

https://github.com/blank-query/lazyVPN-for-Omarchy

LazyVPN is an Omarchy VPN manager for WireGuard connections. It replaces manual systemd-networkd configuration with a fast, keyboard-driven TUI featuring killswitch, auto-recovery, and Waybar integration.

linux mullvad-vpn omarchy omarchy-linux privacy protonvpn security tui vpn vpn-manager wireguard wireguard-ui wireguard-vpn

Last synced: 07 Feb 2026

https://github.com/cs-joy/blockchain_exploration

All about of Blockchain Technology - Especially about Data Privacy and Security

blockchain-technology cia data-privacy security

Last synced: 06 Feb 2026

https://github.com/lirantal/security-report

Report a security vulnerability

nodejs npm npx security

Last synced: 21 Apr 2025

https://github.com/cyberark/escape-the-cloud

Web Application for CyberArk Cloud Escape Room CTF challenge

aws challenge cloud conjbot-skip conjbot-skip-vulnrreport ctf security

Last synced: 03 May 2025

https://github.com/mtk911/mailinator-scraper

A powershell script to scrap mailinator without API for sensitive emails

mailinator powershell powershell-script scanner scraper security security-tools

Last synced: 03 Jul 2025

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/zabojeb/phpgp

phPGP - tool to store your PGP keys on the physical storage (USB, flash drive etc.)

cryptography cybersecurity encoding gnupg gpg pgp pypi python security usb

Last synced: 29 Jan 2026

https://github.com/homebrew/homebrew-brew-vulns

🔓 A Homebrew subcommand that checks installed packages for vulnerabilities

brew homebrew security vulnerability-scanners

Last synced: 05 Feb 2026

https://github.com/YosaiProject/pyramid_yosai

Yosai integration with the Pyramid Web Framework

pyramid python security web-application yosai

Last synced: 13 May 2025