An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/marvinjwendt/traefik-guardian

๐Ÿ‘ฎ A dead simple forward auth provider to protect Traefik services with passwords.

auth auth-provider authentication docker docker-image golang hacktoberfest security traefik traefik-middleware user-authentication

Last synced: 15 Dec 2025

https://github.com/nozaq/terraform-aws-secure-vpc

A terraform module to create a VPC with secure default configurations.

aws aws-auditing cis-benchmark devops hardening security security-hardening security-tools terraform vpc

Last synced: 06 May 2025

https://github.com/maximthomas/blazewall

Open Source Single-Sign-On and Access Management platform built in microservice architecture

authentication authorization cloud-native gateway-service go go-gin golang information-security microservice microservices security sso sso-solution

Last synced: 15 Dec 2025

https://github.com/storopoli/dead-man-switch

Rust no-BS Dead Man's Switch library, TUI and Web Interface

dead-man-switch privacy security tui web

Last synced: 02 Feb 2026

https://github.com/sripwoud/ethernaut

๐Ÿง‘โ€๐Ÿš€ Web3/Solidity based wargame, played in the Ethereum Virtual Machine

blockchain ctf ethereum ethernaut evm forge foundry hack security solidity web3

Last synced: 16 Mar 2026

https://github.com/briandfoy/cpan-audit

Check CPAN modules for known security vulnerabilities

cve perl perl-module perl-tool security security-audit

Last synced: 13 Apr 2025

https://github.com/jasona7/ChatCVE

ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data

devsecops python sbom security

Last synced: 04 Apr 2025

https://github.com/bwireman/go-over

A tool to audit Erlang & Elixir dependencies, to make sure your โœจ gleam projects really sparkle!

audit beam cli dependencies dependency elixir erlang ghsa gleam javascript security security-audit security-tools tools vulnerable

Last synced: 28 Oct 2025

https://github.com/akaunting/signed-url

Signed (unique) URL package for Laravel

laravel php security signed unique url

Last synced: 07 Jul 2025

https://github.com/rmbolger/pwnedpasscheck

Check passwords and hashes against the haveibeenpwned.com Pwned Passwords API using PowerShell

haveibeenpwned hibp infosec powershell powershell-module security

Last synced: 04 Jul 2025

https://github.com/paulveillard/cybersecurity-ssrf

An ongoing & curated collection of awesome web vulnerability - Server-side request forgery software practices and remediation, libraries and frameworks, best guidelines and technical resources about SSRF

cybersecurity mitigation remediation security security-tools server-side server-side-request-forgery ssrf vulnerabilities vulnerability vulnerability-assessment vulnerability-detection vulnerability-management

Last synced: 08 Oct 2025

https://github.com/wookey-project/manifest

The WooKey project manifest repository, use repo init -u https://github.com/wookey-project/manifest.git

embedded iot security wookey

Last synced: 22 Feb 2026

https://github.com/valtteril/go-implant

A flexible cross-platform post-exploitation agent written in Go with basic functionalities

backdoor payload pentest post-exploitation rat redteam remote-access remote-admin-tool reverse-shell security

Last synced: 14 Jan 2026

https://github.com/vatshayan/final-year-project-steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination.

btech-project capstone-project cipher college-project cryptography cryptography-project final-project final-projects final-year-project finalyearproject mtech-project project project-report research-paper-project security semester-project steganography university-project university-projects

Last synced: 28 Oct 2025

https://github.com/geminishkv/course_labs

ะ›ะฐะฑะพั€ะฐั‚ะพั€ะฝั‹ะต ั€ะฐะฑะพั‚ั‹ ะฟะพ ะบัƒั€ัะฐะผ ะดะปั AppSec, Risk Analysis, Securty Champion: Toolchain, Orchestration, CI/CD, UML, etc.

appsec appsec-tutorials bash bmstu containersecurity course dast docker growth-team lerning-platform owasp-top-10 python sast sca secretdetection security security-team-testing toolchain tools training-materials

Last synced: 01 Apr 2026

https://github.com/mondoohq/samples

Security Scanning Samples with cnspec, cnquery, and Mondoo Platform

hacking protect samples security security-as-code

Last synced: 19 Mar 2026

https://github.com/cocopuff2u/macos_admin_scripts

macOS Admin Script/Tool Collection

jamf macos mdm scripts security

Last synced: 01 Apr 2026

https://github.com/sassman/srp6-rs

A safe implementation of the secure remote password authentication and key-exchange protocol (SRP and SRP6a)

authentication cryptography pki protocol rust secure-remote-password security srp srp-6a

Last synced: 19 Apr 2026

https://github.com/karib0u/rustinel-rules

Official, curated detection content (Sigma, YARA, IOC packs) for the Rustinel endpoint detection engine.

blue-team detection-as-code detection-engineering edr incident-response ioc mitre-attack rustinel security sigma threat-detection yara

Last synced: 29 Jun 2026

https://github.com/cerbos/demo-rest

Demo of using Cerbos to secure a Go REST API.

access-control cerbos go policy rest-api security

Last synced: 18 Sep 2025

https://github.com/tjenkinson/gh-action-auto-merge-dependency-updates

A GitHub action that will automatically approve and merge a PR that only contains dependency updates, based on some rules. Also possible to disable the merge and use the `success` output to use in combination with other actions.

action automation automerge dependabot dependency gh-action merge security updater

Last synced: 06 Apr 2025

https://github.com/azureanimations/azureanimations.github.io

Azure Animations, where we make hard-to-understand Azure cloud concepts easier and more fun to learn!

ai azure copilot devops microsoft openai security

Last synced: 30 Jun 2025

https://github.com/zaproxy/action-af

A GitHub Action for running ZAP Automation Framework plans

actions dast devsecops github-actions security

Last synced: 30 Jun 2025

https://github.com/ntkme/security-trust-settings-tools

:lock: OS X Keychain Trust Settings Tools.

certificate macos security

Last synced: 28 Jul 2025

https://github.com/rsc-dev/ishtar

.NET applications hacking toolset

c-sharp dll-injection hacking security

Last synced: 23 Jul 2025

https://github.com/CharlesAverill/DEFFS

Distributed, Encrypted, Fractured File System - A custom distributed file system written in C with FUSE

filesystem fuse linux security

Last synced: 06 Mar 2025

https://github.com/syss-research/icebreaker-glitcher

Simple voltage glitcher implementation for the iCEBreaker FPGA board

fpga glitching ice40 ice40up5k icebreaker it-security security security-tools security-vulnerability tool

Last synced: 04 Sep 2025

https://github.com/mahdijafaridev/fastapi-middlewares

Essential middlewares that for FastAPI applications

cors fastapi logging middleware middlewares python security starlette

Last synced: 13 Jan 2026

https://github.com/oijkn/adguardhome-doh-dot

Official AdGuarHome docker with both DoH (DNS over HTTPS) and DoT (DNS over TLS) clients. Don't browse the Internet insecurely by sending your DNS requests in clear text !

adblocker adguard-home adguardhome cloudflare dns dns-over-https dns-over-tls docker docker-compose network privacy raspberry-pi security stubby unbound

Last synced: 12 May 2025

https://github.com/krishealty/hidemeplease

HideMePlease is a new generation tool to hide phising web links into legitimate web links with original domains (eg: facebook.com, instagram.com) using ccTLD Disguise method.

cybersecurity hacking hacking-tool hacking-tools phishing-script phising phising-link security vulnerability

Last synced: 14 Jul 2025

https://github.com/mariosergiosl/memusage

This tool displays the memory usage of processes on a Linux system, including total system memory, free memory, and used memory. It also shows the memory usage of each process in a hierarchical tree format.

automation automations devops linux memory-usage process-monitoring psutil python security security-tools sysadmin troubleshooting

Last synced: 16 Jan 2026

https://github.com/theredguild/devcontainer

The Red Guild's devcontainer focused in web3 and security.

devcontainer security security-tools web3

Last synced: 22 Mar 2025

https://github.com/sap-samples/s4hana-hana-audit-policies

Templates for SAP HANA audit policies of SAP S/4HANA systems.

audit s4hana sample sap-hana sap-s4hana security templates

Last synced: 05 Mar 2025

https://github.com/julien731/authpress

Add 2-factor authentication to your WordPress blog site.

2fa authy security wordpress wordpress-plugin

Last synced: 03 Aug 2025

https://github.com/charlesaverill/deffs

Distributed, Encrypted, Fractured File System - A custom distributed file system written in C with FUSE

filesystem fuse linux security

Last synced: 24 Jul 2025

https://github.com/atrexus/ws-watcher

A PoC application that detects unauthorized external access to select memory regions.

cpp memory-management security windows x64

Last synced: 14 Apr 2025

https://github.com/JosephTLucas/lintML

A security-first linter for code that shouldn't need linting

linter machine-learning security

Last synced: 18 Apr 2025

https://github.com/bird-house/twitcher

Security Proxy for Web Processing Services (WPS)

certificates oauth ogc proxy pyramid python security wps x509

Last synced: 21 Aug 2025

https://github.com/kaivyy/perseus

AI-powered security assessment for your codebase. Multi-language (JS, Go, Python, Rust, Java, PHP, Ruby, C#). Works with Claude Code, Codex, OpenCode.

ai-security claude claude-code code-review cybersecurity devsecops penetration-testing security security-audit static-analysis vulnerability-scanner

Last synced: 15 Feb 2026

https://github.com/crowdstrike/container-image-scan-action

CrowdStrike Container Image Scan Github Action

cicd containers continuous-integration security

Last synced: 22 Jun 2025

https://github.com/webpwnized/gcp-audit

GCP Audit checks projects in Google Cloud for compliance with CIS Benchmarks

audit benchmark cloud cybersecurity google platform scripts security

Last synced: 03 May 2025

https://github.com/mirego/absinthe_security

AbsintheSecurity provides utilities to improve the security posture of APIs built with Absinthe GraphQL.

absinthe absinthe-graphql elixir elixir-lang security

Last synced: 14 Aug 2025

https://github.com/securityfirst/Umbrella_ios

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

infosec ios open-source safety security

Last synced: 03 May 2025

https://github.com/apal21/target-blank-vulnerabilities-features

Examples of some features and the vulnerabilities that can exploit any webpage if target="_blank" is used without rel="noopener"

css html javascript security vulnerability

Last synced: 14 Apr 2025

https://github.com/airblackbox/airblackbox

EU AI Act compliance scanner โ€” 39 checks, 7 framework trust layers. pip install air-blackbox

accountability ai ai-agents ai-governance ai-safety aibom audit compliance eu-ai-act genai golang llm observability openai opentelemetry otel python security shadow-ai

Last synced: 05 May 2026

https://github.com/preco21/bypass-censorship-korea

:page_with_curl: ํ•œ๊ตญ์—์„œ ์ธํ„ฐ๋„ท ๊ฒ€์—ด์„ ํ”ผํ•˜๋Š” ๋ฐฉ๋ฒ•

bypass javascript korea nodejs security

Last synced: 22 Apr 2025

https://github.com/samuel-lucas6/crypto-is-cool

A list of cryptography books, papers, blog posts, presentations, and Q&A answers.

crypto cryptography infosec programming security

Last synced: 07 Jan 2026

https://github.com/itinerisltd/trellis-disable-xml-rpc

Disable WordPress XML RPC on Trellis sites

ansible-galaxy security trellis wordpress xml-rpc

Last synced: 24 Apr 2025

https://github.com/jojonas/db_nmap

Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.

metasploit metasploit-framework networks nmap security

Last synced: 14 Jan 2026

https://github.com/esadcetiner/secure-nginx-config

Fast and Secure by default Nginx configuration template

cis-benchmark cis-hardening https nginx ocsp-stapling security ssl tls

Last synced: 26 Apr 2025

https://github.com/pelock/stringencrypt-python

StringEncrypt allows you to encrypt strings and files using a randomly generated algorithm, generating a unique decryption code (so-called polymorphic code) each time in the selected programming language.

code-generation code-generator cryptography encryption encryption-tool file file-encryption polymorphic-engine python python-3 python3 security string string-encryption

Last synced: 13 Jun 2025

https://github.com/pfirmstone/jgdms

Infrastructure for providing secured micro services, that are dynamically discoverable and searchable over ipv6 networks

distributed-computing iot java osgi-services security

Last synced: 10 Apr 2025

https://github.com/wolfssl/wolfhsm

HSM library that uses wolfCrypt as it's fallback crypto

aurix automotive autosar cryptography hardware-security-module hsm pkcs11 rh850 security tricore

Last synced: 27 Apr 2025

https://github.com/merciagents/riphook

Deterministic security layer for Openclaw(Clawdbot), Cursor and Claude Code. Write secure code, prevent data exfil, and more

ai-agents clawdbot hooks moltbook moltbot openclaw openclaw-security security

Last synced: 15 Apr 2026

https://github.com/cybozu/prompt-hardener

Prompt Hardener is a tool designed to evaluate and enhance the securify of system prompts for RAG systems.

ai generative-ai llm security security-tools system-prompt-hardener

Last synced: 28 Apr 2025

https://github.com/banhao/autospamemailscan

AutoSpamEmailScan.ps1 is used to monitor a specific mailbox that enterprise users can forward suspicious spam emails to a specific mailbox.

automation esa ews-api google-safe-browsing ironport mdatp minemeld phishing phishing-detection quarantine securex security security-automation soar spam spam-detection spam-emails virustotal workflow

Last synced: 26 Apr 2025

https://github.com/heutelbeck/sapl-demos

Demo, tutorial, and benchmarks for the SAPL policy engine

access-control authorization benchmark demo examples java policies sapl security spring spring-security tutorial

Last synced: 27 Feb 2026

https://github.com/reverseapple/dgraph

Visualizing Mach-O Loads Recursively using Graphviz

apple executable graph macho reverse-engineering security

Last synced: 09 Apr 2025

https://github.com/doshareme/desktop

Personal Cloud Storage and File Management Solution with Privacy and Security

ai file-manager javascript open-source privacy rust security self-hosting

Last synced: 12 Apr 2025

https://github.com/koukyosyumei/rhoevm

symbolic EVM execution engine written in Rust

evm formal-methods rust security smart-contracts symbolic-execution

Last synced: 13 Oct 2025

https://github.com/brickmakersgmbh/aspsecurityheaders

A small package for ASP.Net (Core) to automatically configure secure HTTP-Headers

asp-net asp-net-core brickmakers csharp csp dotnet dotnet-core hsts http-headers https security security-headers

Last synced: 24 Apr 2025

https://github.com/checkedc/checkedc-llvm-project

This was a fork of Checked C clang used from 2021-2024. The changes have been merged into the original Checked C clang repo, which is now at https://github.com/checkedc/checkedc-clang.

c clang compilers llvm security

Last synced: 13 Jul 2025

https://github.com/julien731/AuthPress

Add 2-factor authentication to your WordPress blog site.

2fa authy security wordpress wordpress-plugin

Last synced: 02 Apr 2025

https://github.com/shadawck/mitrecve

Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)

api cli cve cve-scanning cve-search dependencies mitre mitre-api mitre-attack security security-scanner security-tools

Last synced: 13 Apr 2025

https://github.com/jakbin/flask-tor

Host your flask website on tor using flask-tor.

flask onion onion-service onionshare python security tor tor-onion-service

Last synced: 12 Apr 2025

https://github.com/spinoco/fs2-crypto

Crypto support for fs2

fs2 https security security-tools ssl tls

Last synced: 29 Oct 2025

https://github.com/toktok/btox

Official TokTok mobile Tox client

android cryptography encryption ios network p2p security toxcore web

Last synced: 30 Apr 2025

https://github.com/blackducksoftware/opssight-connector

OpsSight Connector documentation

cloud-native kubernetes ops pod security

Last synced: 10 Apr 2025

https://github.com/HappyHackingSpace/vt

Vulnerable Target (VT) is a specialized tool designed for security professionals, researchers, and educators that creates intentionally vulnerable environments across multiple platforms.

cybersecurity repl security vulnerable

Last synced: 02 Apr 2026

https://github.com/gousaiyang/pickleassem

A simple pickle assembler to make handcrafting pickle bytecode easier.

assembler bytecode ctf exploit pickle security security-tools

Last synced: 13 Apr 2025

https://github.com/psecio/secure-api

Repository for the "Building a Secure API" series on Websec.io

api php security training tutorial websecio

Last synced: 11 Apr 2025

https://github.com/jaybrown/disable-and-toggle-webrtc-in-macos-safari

System hack to disable and toggle WebRTC in macOS Safari

disable enable libwebrtc macos osx privacy safari security sip toggle webkit webrtc

Last synced: 15 May 2026

https://github.com/xtekky/simple-sig

Simple Signature to secure your website's traffic with backend validation api

http-signature http-signatures javascript obfuscation security signature signature-verification web-security

Last synced: 10 Apr 2025

https://github.com/jeziellago/appclonedetector

Kill app if it is running under a cloned environment in Android device.

android clone detector kotlin kotlin-android security

Last synced: 07 May 2025

https://github.com/simeononsecurity/firefox-security-researcher

Configure FireFox with Security and Intelligance features for OSINT and Security Investigations.

security

Last synced: 29 Oct 2025

https://github.com/mav8557/virus

Polymorphic ELF Virus

elf malware security virus vx

Last synced: 20 Jul 2025