Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/glauth/glauth

A lightweight LDAP server for development, home use, or CI

developer-tools go golang ldap ldap-server security

Last synced: 28 Apr 2025

https://github.com/WithSecureLabs/chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

attack blueteam chainsaw countercept detection dfir forensics logs rust security sigma threat-hunting windows

Last synced: 27 Mar 2025

https://github.com/tracecathq/tracecat

The open source Tines / Splunk SOAR alternative for security and IT engineers. Built on simple YAML templates for integrations and response-as-code.

automation cybersecurity event-driven fastapi incident-response llm low-code monitoring nextjs openapi orchestration pydantic security temporalio workflow-engine

Last synced: 10 Apr 2025

https://github.com/OpenSC/OpenSC

Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend

c minidriver opensc pkcs11 security smartcard tokend

Last synced: 16 Mar 2025

https://github.com/denji/nginx-tuning

NGINX tuning for best performance

best-practices details nginx security tuning

Last synced: 14 Apr 2025

https://github.com/TracecatHQ/tracecat

The open source Tines / Splunk SOAR alternative for security and IT engineers. Built on simple YAML templates for integrations and response-as-code.

automation cybersecurity event-driven fastapi incident-response llm low-code monitoring nextjs openapi orchestration pydantic security temporalio workflow-engine

Last synced: 24 Mar 2025

https://github.com/blackorbird/apt_report

Interesting APT Report Collection And Some Special IOC

apt cybersecurity malware security threat-hunting

Last synced: 10 Apr 2025

https://github.com/blackorbird/APT_REPORT

Interesting APT Report Collection And Some Special IOC

apt cybersecurity malware security threat-hunting

Last synced: 10 Apr 2025

https://github.com/mewebstudio/captcha

Captcha for Laravel 5/6/7/8/9/10/11/12

captcha laravel php security

Last synced: 27 Apr 2025

https://github.com/activecm/rita-legacy

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

analysis analytics beacon beacon-sniffer bhis blueteam bro-ids dga dns dns-tunneling logs network-traffic offensive-countermeasures rita scanning security threat

Last synced: 11 Apr 2025

https://github.com/evilsocket/bettercap

DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap

bettercap ettercap man-in-the-middle mitm proxy security security-audit spoofing sslstrip tls

Last synced: 17 Jan 2025

https://github.com/joychou93/java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

benchmark code cors deserialize java jsonp rce rmi security spel sqli ssrf tomcat web xxe

Last synced: 10 Apr 2025

https://github.com/wolfssl/wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

c-library cipher-suites cryptography cryptography-api dtls embedded-systems encryption fips https iot openssl openssl-alternative openssl-api security sniffer ssl tls tls13 trusted-execution-environment wolfssl

Last synced: 28 Apr 2025

https://github.com/netwrix/pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

active-directory ciso dod hipaa mimikatz nist ping-castle pingcastle reporting-tool security sox stig

Last synced: 10 Apr 2025

https://github.com/pac4j/pac4j

Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

authentication authorization cas dropwizard j2e java jax-rs jwt ldap oauth openid-connect play-framework ratpack saml security shiro sparkjava spring-mvc spring-security vertx

Last synced: 22 Apr 2025

https://github.com/arch3rPro/Pentest-Windows

Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

pentesting pentesting-tools pentesting-windows security security-tools

Last synced: 05 Apr 2025

https://github.com/arch3rpro/pentest-windows

Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

pentesting pentesting-tools pentesting-windows security security-tools

Last synced: 09 Apr 2025

https://github.com/guardianproject/orbot-android

The Github home of Orbot: Tor on Android (Also available on gitlab!)

anonymity anticensorship censorship-circumvention security tor

Last synced: 30 Apr 2025

https://github.com/r0eXpeR/redteam_vul

红队作战中比较常遇到的一些重点系统漏洞整理。

hacking redteam security

Last synced: 02 May 2025

https://github.com/brendan-rius/c-jwt-cracker

JWT brute force cracker written in C

brute-force cracker jwt-authentication security

Last synced: 14 Apr 2025

https://github.com/jedisct1/piknik

Copy/paste anything over the network.

clipboard copy crypto paste security security-protocol staging-server transit

Last synced: 13 Apr 2025

https://github.com/Qihoo360/safe-rules

详细的C/C++编程规范指南,由360质量工程部编著,适用于桌面、服务端及嵌入式软件系统。

code-quality guidelines safe security

Last synced: 20 Mar 2025

https://github.com/outflanknl/redelk

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

elastic elasticsearch kibana logstash monitoring red-teaming security siem

Last synced: 10 Apr 2025

https://github.com/fisco-bcos/fisco-bcos

FISCO BCOS(发音为/ˈfɪskl bi:ˈkɒz/)是一个稳定、高效、安全的许可区块链平台,已被广泛应用于现实的行业应用。截至目前,已拥有5000多家企事业单位,400多个产业数字化标杆应用,涵盖文化版权、司法服务、政府服务、物联网、金融、智慧社区、房地产建设、社区治理、乡村振兴等领域。FISCO BCOS (pronounced /ˈfɪskl bi:ˈkɒz/) is a stable, efficient, and secure permissioned blockchain platform that has been widely used in real-world industry applications.

bcos blockchain consensus consortium crud crypto evm fintech fisco fisco-bcos p2p pbft precompiled raft rpc security solidity synchronization zero-knowledge

Last synced: 10 Apr 2025

https://github.com/conorpp/u2f-zero

U2F USB token optimized for physical security, affordability, and style

hardware security u2f

Last synced: 14 Apr 2025

https://github.com/JoyChou93/java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

benchmark code cors deserialize java jsonp rce rmi security spel sqli ssrf tomcat web xxe

Last synced: 21 Nov 2024

https://github.com/yzcheng90/x-springboot

X-SpringBoot是一个轻量级的Java快速开发平台,能快速开发项目并交付【接私活利器】

minio mybatis-plus redis restful security spring-boot spring-mvc springmvc-java-web springmvc-mybatis swagger

Last synced: 10 Apr 2025

https://github.com/googleprojectzero/winafl

A fork of AFL for fuzzing Windows binaries

afl fuzzing security

Last synced: 10 Apr 2025

https://github.com/duoergun0729/nlp

兜哥出品 <一本开源的NLP入门书籍>

ai fasttext nlp security word2vec

Last synced: 13 Apr 2025

https://github.com/ajinabraham/nodejsscan

nodejsscan is a static security code scanner for Node.js applications.

code-analysis code-review devsecops javascript lint node node-security nodejs nodejsscan sast security security-scanner static-analysis

Last synced: 10 Apr 2025

https://ajinabraham.github.io/NodeJsScan

nodejsscan is a static security code scanner for Node.js applications.

code-analysis code-review devsecops javascript lint node node-security nodejs nodejsscan sast security security-scanner static-analysis

Last synced: 17 Feb 2025

https://github.com/authpass/authpass

AuthPass - Password Manager based on Flutter for all platforms. Keepass 2.x (kdbx 3.x) compatible.

android contributions-welcome dart dartlang debian flutter flutter-apps hacktoberfest help-wanted ios kdbx keepass linux macos-application password-manager password-store security web windows

Last synced: 10 Apr 2025

https://github.com/outflanknl/RedELK

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

elastic elasticsearch kibana logstash monitoring red-teaming security siem

Last synced: 21 Nov 2024

https://github.com/ory/fosite

Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

auth authentication authorization golang hacktoberfest library oauth oauth2 openid-connect sdk security

Last synced: 30 Apr 2025

https://github.com/keystone-engine/keystone

Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings

arm arm64 assembler framework hexagon mips powerpc reverse-engineering security sparc systemz x86 x86-64

Last synced: 10 Apr 2025

https://github.com/rsmusllp/king-phisher

Phishing Campaign Toolkit

king-phisher phishing python security

Last synced: 11 Apr 2025

https://github.com/TokTok/c-toxcore

The future of online communications.

cryptography encryption network p2p security toxcore

Last synced: 02 Apr 2025

https://github.com/onionbrowser/onionbrowser

An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network

anonymity browser ios mobile mpl objective-c onion privacy security tor tor-network web-browser

Last synced: 10 Apr 2025

https://github.com/FISCO-BCOS/FISCO-BCOS

FISCO BCOS(发音为/ˈfɪskl bi:ˈkɒz/)是一个稳定、高效、安全的许可区块链平台,已被广泛应用于现实的行业应用。截至目前,已拥有5000多家企事业单位,400多个产业数字化标杆应用,涵盖文化版权、司法服务、政府服务、物联网、金融、智慧社区、房地产建设、社区治理、乡村振兴等领域。FISCO BCOS (pronounced /ˈfɪskl bi:ˈkɒz/) is a stable, efficient, and secure permissioned blockchain platform that has been widely used in real-world industry applications.

bcos blockchain consensus consortium crud crypto evm fintech fisco fisco-bcos p2p pbft precompiled raft rpc security solidity synchronization zero-knowledge

Last synced: 27 Mar 2025

https://github.com/hotcakex/harden-windows-security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

1st-party-security applicationcontrol bitlocker defender encryption enterprise-security firewall-configuration harden module operation-system-security powershell powershell-script proactive security security-hardening tpm2 wdac windows windows11 windowsdefender

Last synced: 11 Apr 2025

https://github.com/OnionBrowser/OnionBrowser

An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network

anonymity browser ios mobile mpl objective-c onion privacy security tor tor-network web-browser

Last synced: 13 Mar 2025

https://github.com/wolfSSL/wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

c-library cipher-suites cryptography cryptography-api dtls embedded-systems encryption fips https iot openssl openssl-alternative openssl-api security sniffer ssl tls tls13 trusted-execution-environment wolfssl

Last synced: 04 Apr 2025

https://github.com/pglombardo/passwordpusher

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

communicate-passwords docker-container encryption hacktoberfest information-technology netsec netsec-tools openshift-templates password password-expiration password-pusher password-safety ruby secret security security-tools self-hosted

Last synced: 10 Apr 2025

https://github.com/solokeys/solo1

Solo 1 firmware in C

fido2 hardware security u2f webauthn

Last synced: 14 Apr 2025

https://github.com/solokeys/solo

Solo 1 firmware in C

fido2 hardware security u2f webauthn

Last synced: 04 Apr 2025

https://github.com/guardianproject/orbot

The Github home of Orbot: Tor on Android (Also available on gitlab!)

anonymity anticensorship censorship-circumvention security tor

Last synced: 15 Jan 2025

https://github.com/palahsu/ddos-ripper

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

attack-defense attack-server ddos ddos-attack ddos-attack-tool ddos-attack-tools ddos-attacks ddos-protection ddos-ripper ddos-tool deface-website denial-of-service hacking-tool hacking-tools internet-traffic linux-tools protection security sql-injection web-security

Last synced: 11 Apr 2025

https://github.com/rabbitstack/fibratus

Adversary tradecraft detection, protection, and hunting

adversary blueteam edr etw golang instrumentation python security windows windows-kernel

Last synced: 29 Apr 2025

https://github.com/find-sec-bugs/find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

bytecode code-analysis cwe findbugs hacktoberfest java owasp security security-audit static-analysis taint-analysis

Last synced: 26 Mar 2025

https://github.com/pglombardo/PasswordPusher

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

communicate-passwords docker-container encryption hacktoberfest information-technology netsec netsec-tools openshift-templates password password-expiration password-pusher password-safety ruby secret security security-tools self-hosted

Last synced: 03 Apr 2025

https://github.com/unrolled/secure

HTTP middleware for Go that facilitates some quick security wins.

go golang middleware security

Last synced: 22 Apr 2025

https://github.com/woodruffw/zizmor

A static analysis tool for GitHub Actions

github-actions security security-tools static-analysis

Last synced: 23 Apr 2025

https://github.com/Yamato-Security/hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

attack cybersecurity detection dfir event forensics hayabusa hunting incident incident-response logs response rust security security-automation sigma threat threat-hunting windows yamato

Last synced: 02 Apr 2025

https://github.com/coreruleset/coreruleset

OWASP CRS (Official Repository)

crs owasp ruleset security

Last synced: 26 Mar 2025

https://github.com/onury/accesscontrol

Role and Attribute based Access Control for Node.js

abac access-control acl attributes authorization nodejs permissions rbac roles security

Last synced: 09 Apr 2025

https://github.com/bhavsec/reconspider

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

automated cybersecurity framework hacking information-gathering osint pentest pentesting python recon reconnaissance scanner security

Last synced: 27 Mar 2025

https://github.com/praetorian-inc/gokart

A static analysis tool for securing Go code

golang security security-tools static-analysis static-code-analysis

Last synced: 18 Jan 2025

https://github.com/crev-dev/cargo-crev

A cryptographically verifiable code review system for the cargo (Rust) package manager.

code code-review decentralized p2p review scalable security trust

Last synced: 23 Apr 2025

https://github.com/mozilla/mozdef

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

abandoned elasticsearch elk elk-stack python security siem unmaintained

Last synced: 22 Jan 2025

https://github.com/mozilla/MozDef

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

abandoned elasticsearch elk elk-stack python security siem unmaintained

Last synced: 16 Mar 2025

https://github.com/gautamkrishnar/nothing-private

Do you think you are safe using private browsing or incognito mode?. :smile: :imp: This will prove that you're wrong. Previously hosted at nothingprivate.ml

browser-fingerprinting browsers fingerprinting google-analytics hacktoberfest icognito-mode privacy private-browsing proof-of-concept security website

Last synced: 13 Apr 2025

https://github.com/codingo/reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 14 Apr 2025

https://github.com/pucherot/pi.alert

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

adminlte arp-scan dnsmasq ids intrusion-detection lan mac-address network pi-hole scan security wifi

Last synced: 15 Apr 2025

https://github.com/codingo/Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 30 Mar 2025

https://github.com/pucherot/Pi.Alert

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

adminlte arp-scan dnsmasq ids intrusion-detection lan mac-address network pi-hole scan security wifi

Last synced: 28 Mar 2025

https://github.com/palahsu/DDoS-Ripper

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

attack-defense attack-server ddos ddos-attack ddos-attack-tool ddos-attack-tools ddos-attacks ddos-protection ddos-ripper ddos-tool deface-website denial-of-service hacking-tool hacking-tools internet-traffic linux-tools protection security sql-injection web-security

Last synced: 06 Apr 2025

https://github.com/evilsocket/xray

XRay is a tool for recon, mapping and OSINT gathering from public networks.

intelligence mapping network osint security shodan

Last synced: 15 Apr 2025

https://github.com/jtpereyda/boofuzz

A fork and successor of the Sulley Fuzzing Framework

fuzzing python security

Last synced: 23 Apr 2025

https://github.com/owasp/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 11 Apr 2025

https://github.com/OWASP/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 26 Mar 2025

https://github.com/owasp/api-security

OWASP API Security Project

api documentation-portal owasp-top security web-api

Last synced: 25 Mar 2025

https://github.com/smodnix/31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security

Last synced: 02 May 2025

https://github.com/bank-vaults/bank-vaults

A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).

alibaba-cloud amazon azure golang google-cloud helm-chart hsm istio kubernetes kubernetes-secrets mutating-webhook operator secret security unseal vault vault-client vault-operator vault-unsealing

Last synced: 10 Apr 2025

https://github.com/oxsecurity/megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

apex autofix azure-pipelines best-practices code-quality formatter gitlab-ci golang groovy java jenkins kotlin linter linters markdown megalinter python sarif-report security terraform

Last synced: 22 Apr 2025

https://github.com/aress31/burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

ai burp-extensions burp-plugin burpsuite burpsuite-extender cybersecurity gpt gpt-3 openai openai-api pentesting security security-automation webapp

Last synced: 11 Apr 2025

https://github.com/OWASP/API-Security

OWASP API Security Project

api documentation-portal owasp-top security web-api

Last synced: 13 Mar 2025

https://github.com/kata-containers/runtime

Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).

container containers cri-o docker k8s kubernetes kvm oci qemu security virtual-machine virtualization

Last synced: 21 Jan 2025

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 85 awesome-security 321 awesome-web-security 405 awesome-ctf 220 awesome-hacker-search-engines 518 android-security-awesome 212 awesome-incident-response 218 awesome-privacy 1,399 Awesome-WAF 172 DevSecOps 181 awesome-security-hardening 204 awesome-infosec 213 awesome-cybersecurity-blueteam 252 awesome-sec-talks 264 WebHackersWeapons 411 awesome-vehicle-security 220 awesome-api-security 201 backend-cheats 961 awesome-nodejs-security 185 awesome-game-security 90 awesome-iot-hacks 70 awesome-cloud-security 153 alternative-frontends 119 awesome-embedded-and-iot-security 131 awesome-golang-security 34 DevSecOps 48 awesome-iam 275 awesome-windows-domain-hardening 70 Awesome-FL 2,522 Awesome-Cybersecurity-Datasets 54 awesome-azure-architecture 273 Crypto-OpSec-SelfGuard-RoadMap 473 osx-and-ios-security-awesome 56 awesome-ethereum-security 81 awesome-aws-security 166 awesome-executable-packing 668 awesome-executable-packing 667 awesome-llm-security 100 awesome-vulnerable-apps 88 awesome-he 90 awesome-lists 733 awesome-python-security 35 security-apis 111 MobileHackersWeapons 71 awesome-anti-forensic 143 graph-adversarial-learning-literature 314 awesome-opa 224 awesome-runners 36 awesome-russian-it 514
Security Categories
Uncategorized 3,529 fl in top-tier journal 1,883 :books: Literature 1,576 Pentesting 1,309 Tools 857 fl in top ml conference and journal 847 Attack 778 Operating Systems 624 应用推荐 586 Threat Hunting: 480 Papers 467 **Мероприятия** 459 Weapons 454 Other Lists 435 Blue Team 432 Defense 371 fl on graph data and graph neural networks 324 Official 319 Programming Language 316 Resources 316