Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2025-01-06 00:28:13 UTC
- JSON Representation
https://github.com/google/honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Last synced: 27 Oct 2024
https://github.com/qdata/textattack
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master/
adversarial-attacks adversarial-examples adversarial-machine-learning data-augmentation machine-learning natural-language-processing nlp security
Last synced: 31 Dec 2024
https://github.com/google/nsjail
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
chroot linux linux-namespaces process-isolation seccomp-bpf-policies security
Last synced: 31 Dec 2024
https://github.com/jokob-sk/NetAlertX
🖧🔍 WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
arp-scan docker intrusion-detection ipam network-analysis network-security networking pi-hole security selfhosted wifi-network wifi-security
Last synced: 05 Nov 2024
https://github.com/jokob-sk/netalertx
🖧🔍 WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
arp-scan docker intrusion-detection ipam network-analysis network-security networking pi-hole security selfhosted wifi-network wifi-security
Last synced: 31 Dec 2024
https://github.com/SUSE/Portus
Authorization service and frontend for Docker registry (v2)
containers docker docker-distribution rails ruby security
Last synced: 26 Oct 2024
https://github.com/suse/portus
Authorization service and frontend for Docker registry (v2)
containers docker docker-distribution rails ruby security
Last synced: 26 Sep 2024
https://github.com/duffn/dumb-password-rules
A compilation of sites with dumb password rules.
hacktoberfest passwords security
Last synced: 01 Jan 2025
https://github.com/payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
application application-security bugbounty command command-injection injection linux macos os os-injection payload payload-list security security-research security-testing security-vulnerability unix vulnerability vulnerability-research windows
Last synced: 01 Jan 2025
https://github.com/expressgateway/express-gateway
A microservices API Gateway built on top of Express.js
api-gateway endpoints express-gateway express-middleware expressjs javascript microservice microservices oauth2 oauth2-server security service-discovery
Last synced: 31 Dec 2024
https://github.com/express-rate-limit/express-rate-limit
Basic rate-limiting middleware for the Express web server
api express express-js express-middleware nodejs rate-limiter rate-limiting rest-api security web
Last synced: 06 Jan 2025
https://github.com/openbao/openbao
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
Last synced: 02 Jan 2025
https://github.com/OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
automation bruteforce cve cves hacking-tools information-gathering network-analysis owasp penetration-testing penetration-testing-framework pentesting pentesting-tools portscanner python scanner security security-tools vulnerability-management vulnerability-scanner vulnerability-scanners
Last synced: 28 Oct 2024
https://github.com/milesmcc/shynet
Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.
a17t analytics django docker kubernetes monitoring noscript privacy python security self-hosted web-analytics
Last synced: 01 Jan 2025
https://github.com/pallets/itsdangerous
Safely pass trusted data to untrusted environments and back.
hmac itsdangerous pallets python security serialization
Last synced: 06 Jan 2025
https://github.com/chipsec/chipsec
Platform Security Assessment Framework
firmware firmware-security firmware-tools security security-tools
Last synced: 31 Dec 2024
https://github.com/QData/TextAttack
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master/
adversarial-attacks adversarial-examples adversarial-machine-learning data-augmentation machine-learning natural-language-processing nlp security
Last synced: 03 Nov 2024
https://github.com/DedSecInside/TorBot
Dark Web OSINT Tool
algorithm crawler dark-web dedsec-inside deepweb go hacking hacktoberfest osint projects psnappz python python-web-crawler python3 security security-tools spider tor tor-network torbot
Last synced: 02 Nov 2024
https://github.com/ulisesbocchio/jasypt-spring-boot
Jasypt integration for Spring boot
encryptable-properties encryption java java-8 java8 security spring spring-boot spring-boot-2 spring-boot-starter spring-boot2 web webapp website
Last synced: 31 Dec 2024
https://github.com/securitywithoutborders/hardentools
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Last synced: 18 Dec 2024
https://github.com/ExpressGateway/express-gateway
A microservices API Gateway built on top of Express.js
api-gateway endpoints express-gateway express-middleware expressjs javascript microservice microservices oauth2 oauth2-server security service-discovery
Last synced: 28 Oct 2024
https://github.com/decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
compound forensics macros malware-analysis ms-office-documents ole-files olefile parser pyparsing python python-library rtf security vba
Last synced: 06 Jan 2025
https://github.com/HyperDbg/HyperDbg
State-of-the-art native debugging tools
binary-analysis chip debug debugger debugging debugging-tool ept fpga hardware hook hwdbg hyperdbg hypervisor kernel-debugger logic-analyzer malware-analysis reverse-engineering security security-tools windows-kernel
Last synced: 06 Nov 2024
https://github.com/hyperdbg/hyperdbg
State-of-the-art native debugging tools
binary-analysis chip debug debugger debugging debugging-tool ept fpga hardware hook hwdbg hyperdbg hypervisor kernel-debugger logic-analyzer malware-analysis reverse-engineering security security-tools windows-kernel
Last synced: 01 Jan 2025
https://github.com/legrandin/pycryptodome
A self-contained cryptographic library for Python
Last synced: 06 Jan 2025
https://github.com/airbnb/streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
analysis aws kinesis lambda rules security serverless terraform
Last synced: 03 Jan 2025
https://github.com/openfga/openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
abac authorization entitlements fga fine-grained-access-control fine-grained-authorization go golang hacktoberfest openfga pbac permissions rbac rebac security zanzibar
Last synced: 31 Dec 2024
https://github.com/kanidm/kanidm
Kanidm: A simple, secure, and fast identity management platform
authentication iam identity identity-management idm ldap oidc radius rust scim security ssh-authentication webauthn
Last synced: 06 Jan 2025
https://github.com/Legrandin/pycryptodome
A self-contained cryptographic library for Python
Last synced: 30 Oct 2024
https://github.com/inspec/inspec
InSpec: Auditing and Testing Framework
audit compliance devops devsec inspec security spec tdd tdd-utilities testing
Last synced: 02 Nov 2024
https://github.com/hardentools/hardentools
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Last synced: 01 Nov 2024
https://github.com/samsar4/ethical-hacking-labs
Practical Ethical Hacking Labs 🗡🛡
ethical-hacking-labs hacking linux penetration-testing pentesting security security-tools tutorial tutorials
Last synced: 03 Jan 2025
https://github.com/jpcertcc/logontracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
active-directory blueteam dfir event-log javascript python-3 security visualization
Last synced: 01 Jan 2025
https://github.com/goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
containers docker go golang kubernetes linter security security-audit security-tools vulnerability
Last synced: 31 Dec 2024
https://github.com/zegl/kube-score
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
analysis automation charts ci go hacktoberfest helm k8s kube-score kubernetes kubernetes-manifests kubernetes-monitoring linter security security-scanner static-code-analysis static-code-analyzer
Last synced: 31 Dec 2024
https://github.com/0xsyr0/OSCP
OSCP Cheat Sheet
cheat-sheet cheatsheet offensive offensive-security offsec oscp oscp-guide oscp-plus penetration-testing pentesting security
Last synced: 11 Nov 2024
https://github.com/dependencytrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection
Last synced: 02 Jan 2025
https://github.com/crytic/echidna?tab=readme-ov-file
Ethereum smart contract fuzzer
ethereum evm fuzzer security smart-contracts solidity testing
Last synced: 20 Nov 2024
https://github.com/pyllyukko/user.js
user.js -- Firefox configuration hardening
firefox mozilla mozilla-firefox privacy security security-hardening
Last synced: 27 Oct 2024
https://github.com/crytic/echidna
Ethereum smart contract fuzzer
ethereum evm fuzzer security smart-contracts solidity testing
Last synced: 31 Dec 2024
https://github.com/netflix/bless
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
aws bastion lambda python security serverless ssh ssh-certificates
Last synced: 01 Jan 2025
https://github.com/Netflix/bless
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
aws bastion lambda python security serverless ssh ssh-certificates
Last synced: 25 Oct 2024
https://github.com/0xsyr0/oscp
OSCP Cheat Sheet
cheat-sheet cheatsheet offensive offensive-security offsec oscp oscp-guide penetration-testing pentesting security
Last synced: 15 Oct 2024
https://github.com/containerssh/containerssh
ContainerSSH: Launch containers on demand
containers devsecops docker kubernetes security security-tools ssh
Last synced: 02 Jan 2025
https://github.com/eteran/edb-debugger
edb is a cross-platform AArch32/x86/x86-64 debugger.
c-plus-plus capstone debugger edb linux ollydbg qt reverse-engineering security x86 x86-64
Last synced: 31 Dec 2024
https://github.com/JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
active-directory blueteam dfir event-log javascript python-3 security visualization
Last synced: 06 Nov 2024
https://github.com/the-tcpdump-group/tcpdump
the TCPdump network dissector
auditing berkeley-packet-filter bpf bsd-packet-filter libpcap packet-capture pcap pcapng security sniffer tcpdump troubleshooting
Last synced: 31 Dec 2024
https://github.com/openziti/zrok
Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.
file-sharing golang network peer-to-peer reverse-proxy security zero-trust
Last synced: 31 Dec 2024
https://github.com/rizinorg/rizin
UNIX-like reverse engineering framework and command-line toolset.
debugging exploitation program-analysis reverse-engineering security
Last synced: 07 Jan 2025
https://github.com/rubysec/bundler-audit
Patch-level verification for Bundler
bundler-audit dependency-checker patch-management ruby ruby-advisory-db security security-audit security-tools
Last synced: 31 Dec 2024
https://github.com/DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection
Last synced: 01 Nov 2024
https://github.com/freach/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide
best-practice best-practices guide kubernetes security
Last synced: 28 Oct 2024
https://github.com/e-m-b-a/emba
EMBA - The firmware security analyzer
artificial-intelligence binary-analysis embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking infosec iot linux penetration-testing pentesting reverse-engineering sbom security security-tools static-analyzer vulnerability-scanner vulnerability-scanners
Last synced: 02 Jan 2025
https://github.com/ivrodriguezca/re-ios-apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
app-security ios online-course reverse-engineering security
Last synced: 04 Dec 2024
https://github.com/Samsar4/Ethical-Hacking-Labs
Practical Ethical Hacking Labs 🗡🛡
ethical-hacking-labs hacking linux penetration-testing pentesting security security-tools tutorial tutorials
Last synced: 05 Nov 2024
https://github.com/ivRodriguezCA/RE-iOS-Apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
app-security ios online-course reverse-engineering security
Last synced: 30 Oct 2024
https://github.com/Netflix-Skunkworks/Scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
Last synced: 05 Nov 2024
https://github.com/netflix-skunkworks/scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
Last synced: 04 Jan 2025
https://github.com/cliffe/SecGen
Create randomly insecure VMs
ctf-challenges cybok labs provisioning randomization security security-vulnerability virtualization
Last synced: 05 Nov 2024
https://github.com/ph4ntonn/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
ctf ecc encrypt golang multi-hop pentest-tool pentesting port-forward redteam security security-tools socks5 ssh stowaway tunnel
Last synced: 01 Nov 2024
https://github.com/ContainerSSH/ContainerSSH
ContainerSSH: Launch containers on demand
containers devsecops docker kubernetes security security-tools ssh
Last synced: 26 Oct 2024
https://github.com/mgeeky/penetration-testing-tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools
Last synced: 03 Jan 2025
https://github.com/grayddq/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
auditing security security-audit security-scanning security-tools vulnerability-scanning
Last synced: 08 Nov 2024
https://github.com/cliffe/secgen
Create randomly insecure VMs
ctf-challenges cybok labs provisioning randomization security security-vulnerability virtualization
Last synced: 03 Nov 2024
https://github.com/blackjacx/wwdc
You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳
apple authentication darkmode design hacktoberfest ios ipad macos networking nfc safari security session swift swiftui tvos videos watchos wwdc
Last synced: 04 Jan 2025
https://github.com/Blackjacx/WWDC
You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳
apple authentication darkmode design hacktoberfest ios ipad macos networking nfc safari security session swift swiftui tvos videos watchos wwdc
Last synced: 15 Nov 2024
https://github.com/nanovms/nanos
A kernel designed to run one and only one application in a virtualized environment
edge microservice operating-systems osdev sandbox security unikernel unikernels virtualization
Last synced: 01 Nov 2024
https://github.com/grayddq/gscan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
auditing security security-audit security-scanning security-tools vulnerability-scanning
Last synced: 03 Nov 2024
https://github.com/WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
attack blueteam chainsaw countercept detection dfir forensics logs rust security sigma threat-hunting windows
Last synced: 30 Oct 2024
https://github.com/awnumar/memguard
Secure software enclave for storage of sensitive information in memory.
crypto cryptography go golang memory security
Last synced: 31 Dec 2024
https://github.com/mgeeky/Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools
Last synced: 01 Nov 2024
https://github.com/opensc/opensc
Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend
c minidriver opensc pkcs11 security smartcard tokend
Last synced: 07 Jan 2025
https://github.com/flipkart-incubator/astra
Automated Security Testing For REST API's
ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation
Last synced: 01 Jan 2025
https://github.com/energizedprotection/block
Let's make an annoyance free, better open internet, altogether!
ad ad-block ad-blocker adblock ads-blocker advertisement malware porn pornware privacy protection ransomware security spam spy spyware tracker tracking trojans
Last synced: 03 Jan 2025
https://github.com/activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
analysis analytics beacon beacon-sniffer bhis blueteam bro-ids dga dns dns-tunneling logs network-traffic offensive-countermeasures rita scanning security threat
Last synced: 02 Jan 2025
https://github.com/evilsocket/bettercap
DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
bettercap ettercap man-in-the-middle mitm proxy security security-audit spoofing sslstrip tls
Last synced: 25 Sep 2024
https://github.com/flipkart-incubator/Astra
Automated Security Testing For REST API's
ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation
Last synced: 29 Oct 2024
https://github.com/denji/nginx-tuning
NGINX tuning for best performance
best-practices details nginx security tuning
Last synced: 03 Jan 2025
https://github.com/glauth/glauth
A lightweight LDAP server for development, home use, or CI
developer-tools go golang ldap ldap-server security
Last synced: 31 Dec 2024
https://github.com/qihoo360/safe-rules
详细的C/C++编程规范指南,由360质量工程部编著,适用于桌面、服务端及嵌入式软件系统。
code-quality guidelines safe security
Last synced: 05 Dec 2024
https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
active-directory active-directory-cheatsheet active-directory-exploitation cheat-sheet cheatsheet enumeration exploitation hacking hacking-cheasheet hacking-tool hacking-tools infosec penetration-testing pentesting powershell privilege-escalation security windows windows-active-directory
Last synced: 03 Nov 2024
https://github.com/blackorbird/apt_report
Interesting APT Report Collection And Some Special IOC
apt cybersecurity malware security threat-hunting
Last synced: 02 Jan 2025
https://github.com/integration-it/active-directory-exploitation-cheat-sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
active-directory active-directory-cheatsheet active-directory-exploitation cheat-sheet cheatsheet enumeration exploitation hacking hacking-cheasheet hacking-tool hacking-tools infosec penetration-testing pentesting powershell privilege-escalation security windows windows-active-directory
Last synced: 10 Oct 2024
https://github.com/EnergizedProtection/block
Let's make an annoyance free, better open internet, altogether!
ad ad-block ad-blocker adblock ads-blocker advertisement malware porn pornware privacy protection ransomware security spam spy spyware tracker tracking trojans
Last synced: 25 Oct 2024
https://github.com/jedisct1/piknik
Copy/paste anything over the network.
clipboard copy crypto paste security security-protocol staging-server transit
Last synced: 03 Jan 2025
https://github.com/Qihoo360/safe-rules
详细的C/C++编程规范指南,由360质量工程部编著,适用于桌面、服务端及嵌入式软件系统。
code-quality guidelines safe security
Last synced: 28 Oct 2024
https://github.com/hackeralert/picocrypt
A very small, very simple, yet very secure encryption tool.
argon2 blake2b cryptography encryption file-encryption golang password portable privacy privacy-tools reed-solomon security security-tools serpent sha3 xchacha20
Last synced: 02 Jan 2025
https://github.com/tracecathq/tracecat
The open source Tines / Splunk SOAR alternative for security engineers.
automation cybersecurity event-driven fastapi llm low-code monitoring nextjs openapi orchestration pydantic security temporalio workflow-engine
Last synced: 01 Jan 2025
https://github.com/HACKERALERT/Picocrypt
A very small, very simple, yet very secure encryption tool.
argon2 blake2b cryptography encryption file-encryption golang password portable privacy privacy-tools reed-solomon security security-tools serpent sha3 xchacha20
Last synced: 18 Nov 2024
https://github.com/Permify/permify
Permify is an open-source authorization service inspired by Google Zanzibar.
abac access-control acl authorization ciam cloud-native distributed fga fine-grained-access-control golang grpc kubernetes least-privilege permission permissions rbac rebac security zanzibar
Last synced: 29 Oct 2024
