An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/catalyst/patch-friend

Which of my hosts are affected by a security advisory?

debian python security security-advisories ubuntu

Last synced: 27 Apr 2025

https://github.com/haccer/xmail

Go tool that detects which email addresses have domains which are able to be registered

account-takeover bug-bounty bugbounty cyber email go golang infosec osint pentesting redteam redteam-tools security

Last synced: 14 Mar 2026

https://github.com/itinerisltd/itineris-disable-xml-rpc

Disable WordPress XML-RPC via actions and filters

security wordpress wordpress-plugin xml-rpc

Last synced: 20 Aug 2025

https://github.com/kovart/forta-spam-detector

Advanced spam detector powered by Forta Network

blockchain detector erc1155 erc20 erc721 ethereum forta phishing scam security spam token

Last synced: 15 Apr 2025

https://github.com/ryanbalfanz/rtspios

A Raspberry Pi distribution that turns your Pi in to an RTSP server (e.g. security camera)

camera custompios cvlc raspberry-pi-camera raspberrypi raspicam raspivid rtsp rtsp-server security vlc

Last synced: 24 Apr 2025

https://github.com/saadbazaz/crackhead

A simple, smart & distributed password-cracking algorithm

algorithm password-cracker security

Last synced: 13 Jun 2025

https://github.com/aw-junaid/security-and-hacking

Explore ethical hacking and security: penetration testing, vulnerability scanning, and exploit development. Includes tools, scripts, and hands-on labs.

ethical-hacking exploit hacking penetration-testing security vulnerabilities vulnerability-scanners

Last synced: 08 Jan 2026

https://github.com/louib/challenge-response

Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust.

authentication challenge-response encryption hmac hmac-sha1 nitrokey onlykey otp security yubico yubikey

Last synced: 24 Mar 2025

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/safinsingh/midnight

🔧 An extensible Linux security auditing tool

cybersecurity docker go golang linux security

Last synced: 09 Mar 2026

https://github.com/offsh/offsh

Xonsh-powered pentesting framework.

pentesting security wazuh xonsh xxh

Last synced: 12 Mar 2025

https://github.com/eqstlab/cve-2024-53677

File upload logic flaw in Apache Struts2 exploit

cve-2024-53677 java jsp proof-of-concept security struts2 vulnerability

Last synced: 16 Sep 2025

https://github.com/simeononsecurity/Apache-Web-Server-Hardening

An collection of example configurations and scripts to aid administrators in configuring a hardened Apache Web Server

apache encryption hardening security ssl-certificates

Last synced: 17 Aug 2025

https://github.com/bytehide/cli

Dotnetsafer CLI is a console tool that allows you to protect your .NET developments, integrates different products and services to keep your code safe.

analyzer dotnet netcore obfuscation owasp protection security security-tools vulnerability

Last synced: 27 Jun 2025

https://github.com/wode490390/sanctioner

Sanctioner plugin for Nukkit

ban crash minecraft nukkit plugin sanction security

Last synced: 14 Apr 2025

https://github.com/andreacioni/keelink

Keepass2Android QR Plug-In Utility

android encryption keepass keepass2android-qr-plug plugin security

Last synced: 21 Mar 2025

https://github.com/quenty/dns-drone-project

Drone simulation of adhoc networks in Roblox for Data and Network Security class at UNL

adhoc-networks drone lua roblox security

Last synced: 02 Aug 2025

https://github.com/imagemlt/nodelcx

nodejs编写的tcp内网穿透脚本

forward-proxy lcx security security-tools

Last synced: 13 Apr 2025

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/extwiii/cybersecurity-university.of.maryland

Cybersecurity Specialization - Cybersecurity Fundamentals. Construction of Secure Systems - Coursera

cyber-security cybersecurity maryland security

Last synced: 03 Feb 2026

https://github.com/melroyb/psbettercap

Control multiple Bettercap nodes through REST API

bettercap cluster hack linux powershell powershell-script security security-audit wifi windows

Last synced: 18 Apr 2026

https://github.com/krishealty/worm

Worm is an Android post exploitation Framework to gain remote access of any Android device by exploiting Android Debug Bridge.

cybersecurity hacking hacking-tools information-gathering kali-linux osint-framework osint-tool penetration-testing pentesting python python3 security vulnerability vulnerability-scanners

Last synced: 14 Apr 2025

https://github.com/shadawck/nse-install

Install and update external NSE script for nmap

installer-script nmap nmap-scan-script nmap-scripts nse security security-tools

Last synced: 24 Sep 2025

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/barandev/firebase-authentication-template

A template repository for implementing Firebase Authentication with Flask and JavaScript. This template provides a basic setup for integrating Firebase Authentication into web applications using Flask as the backend framework. It includes functionalities for user signup, signin, signout, and session management.

firebase firebase-auth firebase-webapp flask html-css-javascript javascript modal-design password-hashing python responsive-design security session-management signin-signup template user-management userauthentication web-template webdevelopment

Last synced: 19 Feb 2026

https://github.com/hcl-tech-software/appscan-sast-action

Integrate static security testing with HCL AppScan on Cloud using GitHub Actions

action appscan github github-actions sast scanning security security-automation security-scanner security-testing security-tools

Last synced: 31 Aug 2025

https://github.com/elementsinteractive/sheriff

Sheriff is a tool to scan repositories and generate security reports.

dependency-scanning security security-audit security-tools vulnerability-scanner

Last synced: 12 Jan 2026

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/upgundecha/applied-security

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity

appsec cloudsecurity cybersecurity devsecops infosec security security-tools

Last synced: 14 Apr 2025

https://github.com/octogonapus/registryscanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 28 Jun 2025

https://github.com/mindpatch/latestpocs

Latest PoC exploit & Writeups

cves pentesting poc proof-of-concept security

Last synced: 20 Sep 2025

https://github.com/m3ssap0/data-grabber

This is a simple PHP script that can be used as a cookie grabber / session stealer. It uses MySQL to store data in a structured way.

cookie-grabber cookie-stealer security security-tools session-grabber session-stealer

Last synced: 28 Jun 2025

https://github.com/fvinas/tf_aws_lambda_ip_whitelist

An AWS Lambda-based mechanism to allow temporary IP whitelisting via security groups

aws-ec2 aws-lambda aws-security-group infrastructure lambda-functions security terraform-module whitelist

Last synced: 14 Apr 2025

https://github.com/lreimer/secure-devex22

Demo repository for my talk at the Heise Developer Experience 2022 conference.

checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api

Last synced: 02 Aug 2025

https://github.com/houssemdellai/kubernetes-allowed-registries-policy

Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.

aks-kubernetes-cluster container-registry container-security policy security

Last synced: 03 Jan 2026

https://github.com/digitalruby/socketcloser

Close ipv4 and ipv6 sockets on Windows and Linux

ipv4 ipv6 linux network networking security sockets windows

Last synced: 24 Jul 2025

https://github.com/mychewcents/e2e-encryption

An npm module to allow for easier E2E encryption and decryption. Works on 'tweetnacl' npm package.

e2e-encryption encryption encryption-decryption encryption-tool end-to-end-encryption npm npm-package privacy privacy-protection security

Last synced: 17 Jan 2026

https://github.com/padok-team/security-vault-credential-broker

Code to deploy a PoC of an implementation of Vault as a credential broker for Boundary, with a PostgreSQL database as target.

boundary security vault

Last synced: 26 Dec 2025

https://github.com/csm-actions/approve-pr-action

GitHub Action to approve pull requests securely

github-actions oss security

Last synced: 13 May 2025

https://github.com/ynori7/hulksmash

A very easy-to-use library for building a custom brute-force requester for QA purposes

bruteforce qa qatools security security-tools

Last synced: 23 Jan 2026

https://github.com/jaybrown/application-launch-monitor-alm-

Extend macOS Gatekeeper functionality by verifying applications at every launch

anti-malware anti-virus antimalware antivirus codesign gatekeeper macos malware privacy security

Last synced: 03 Mar 2026

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/jessechale/halehound-cyd

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

bluetooth cc1101 cheap-yellow-display cyd esp32 esp32-diy hacking nrf24l01 offensive-security pentest security security-tools subghz wifi

Last synced: 12 Mar 2026

https://github.com/p0dalirius/securityscripts

This repository contains a set of useful scripts templates for pentesters and security researchers.

pentest python scripts security

Last synced: 03 Jul 2026

https://github.com/smed79/easylist-hosts

Unified EasyList hosts blacklist for use with DNS and domain blocking tools as pi-hole for the purpose of blocking bad domains used for serving ads, tracking, mining, malware and other nasty content.

adblock adblock-plus adguard blacklist blocklist dns dnsforge domains easylist easyprivacy hosts hosts-file malware nextdns personaldnsfilter phishing pi-hole privacy security ublock

Last synced: 24 Oct 2025

https://github.com/dk26/strict-path-rs

Handle paths from external or unknown sources securely. Defends against 19+ real-world CVEs including symlinks, Windows 8.3 short names, and encoding tricks and exploits.

directory-traversal file-security filesystem-security path-traversal-prevention path-validation rust rust-crate security type-safety web-security

Last synced: 22 Apr 2026

https://github.com/soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

dast penetration-testing security soos web-security

Last synced: 24 Feb 2026

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/IBM/simrun

Attack Simulation Platform (ASP) for detection testing

attack-simulation cloud-security detection-engineering security security-automation threat-detection

Last synced: 26 Jun 2026

https://github.com/neuralegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

appsec brightsec e2e pentesting qa security test testing typescript

Last synced: 17 Mar 2026

https://github.com/epappas/llmtrace

Zero-code LLM security & observability proxy. Real-time prompt injection detection, PII scanning, and cost control for OpenAI-compatible APIs. Built in Rust.

agentic ai-agents ai-infrastructure ai-security aiops chatgpt llm-inference llm-monitoring llm-security llm-security-compliance-prompt-injection llmops mlops observability openai pii-detection prompt-injection proxy rust security

Last synced: 19 Feb 2026

https://github.com/demimarie/sliprock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 18 Jun 2025

https://github.com/shivamsaraswat/certify

Certify is a python tool designed to check the security of SSL/TLS certificates.

certificate-authority certify python security security-automation ssl-certificate tls tls-certificate

Last synced: 10 Apr 2025

https://github.com/hayesall/maliciousportableexecutabledetection

Determining whether a portable executable file (.exe) is malicious or benign with comparative results for multiple ML algorithms: AdaBoost, DT, GNB, GradientBoosting, KNN, RF.

classification machine-learning security

Last synced: 28 Oct 2025

https://github.com/vv198x/go2ban

Protect your servers

firewall go golang open-source security

Last synced: 20 Jan 2026

https://github.com/crytic/vscode-starknet-explorer

StarkNet support extension for VSCode. Visualize StarkNet contracts: view storage variables, external and view functions, and events.

auditing cairo review security starknet

Last synced: 01 May 2025

https://github.com/nathanjepson/wdac-framework

Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.

application-control applicationcontrol defender enterprise-security operation-system-security powershell powershell-script security sqlite sqlite-database wdac windows windows-defender windows-defender-application-control windowsdefender winrm zero-trust

Last synced: 21 Jun 2025

https://github.com/globaltradingtechnologies/crypt-bundle

Provides symfony encryptor/decryptor services based on various cryptographic components

aes bundle decryptor encryption encryptor rsa security symfony-bundle

Last synced: 10 Apr 2025

https://github.com/etf1/ip2proxy

IP2Location.com Proxy database parser for Golang

golang golang-library golang-package iplocation proxy security tor

Last synced: 17 Jan 2026

https://github.com/5GSEC/MobiFlow-Auditor

An O-RAN compliant xApp supporting fine-grained and security-aware statistics monitoring over 5G RAN and UEs

5g o-ran security visibility xapp

Last synced: 14 May 2026

https://github.com/tempehs/the_unsecure_pwa

An unsecure by-design PWA that students can analyse with a suite of tools and support to build their understanding of web-based secure software architecture.

2fa api content-security-policy csp csrf cybersecurity cybersecurity-education encryption form-validation learning-by-doing learning-cybersecurity learning-project penetration-testing race-conditions security session-management sql-injection sqlite3 testing-practices xss

Last synced: 13 Apr 2025

https://github.com/rix4uni/linkinspector

linkinspector is a fast command-line tool for inspecting URLs and retrieving HTTP status codes, content lengths, and content types. It supports filtering and matching responses, and can process URLs from stdin or files.

bug-bounty bugbounty bugbountytips hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools threat-intelligence

Last synced: 17 Feb 2026

https://github.com/alexkander/loopback-socket

Loopback module for create Socket.io connections and allow call methods and make subscriptions

auth events express expressjs io loopback realtime security socket strongloop subscription websocket

Last synced: 14 Oct 2025

https://github.com/padsalatushal/malicious-debian-package-maker

Inject your own bash script inside any Debian package.

debian linux package python security

Last synced: 18 Jul 2025

https://github.com/elastic/dac-reference

DaC Repo to store the reference documentation and detection-rules management with Elastic rules.

automation dac elastic security

Last synced: 15 Jun 2025

https://github.com/ninoseki/simplewhatweb

Simplified ver. of WhatWeb

pentesting security

Last synced: 19 Jul 2025

https://github.com/contributte/event-dispatcher-extra

:recycle: Nette-based Symfony events for application, presenter, form, latte, templates, security and many others.

application contributte event-dispatcher event-emitter events mvc nette nette-framework security

Last synced: 19 Jul 2025

https://github.com/geniuszly/cve-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/eftec/securityonemysql

It is a library

mysql php php7 security

Last synced: 07 Mar 2026

https://github.com/melardev/xeytanboost-rat

WORK IN PROGRESS. RAT written in C++ using Boost Libraries

asio backdoor boost cpp desktop malware networking rat remote-administration-tool security sockets trojan

Last synced: 13 Apr 2025

https://github.com/umair9747/leakygpt

The one-stop DLP browser extension to stop users from sharing sensitive information with chatGPT.

ai artificial-intelligence chatgpt compliance cybersecurity data-leakage-prevention dlp gpt llm openai openai-chatgpt security security-compliance

Last synced: 03 May 2026

https://github.com/thedvlprguy/cyberorgs

A site for viewing and analyzing the info of the cybersecurity related organizations participating in Google Summer of Code.

archlinux blackarch-linux cybersecurity googlesu gsoc honeynet kali-linux linux linux-app linux-kernel owasp parrot-os parrotsec security

Last synced: 30 Apr 2025

https://github.com/chen-keinan/openshift-ordeal

Open Source runtime scanner for OpenShift cluster and perform security audit checks based on CIS RedHat OpenShift Benchmark specification

audit-checks cis-benchmark cis-security kube kubernetes linux openshift openshift-ordeal openshift-scrutiny redhat scan security

Last synced: 11 Apr 2025

https://github.com/anthonyharrison/sbom-manager

Manage collection of SBOMs (Software Bill of Materials)

cyclonedx devsecops sbom sbom-repository sbom-tool security spdx vulnerabilities

Last synced: 11 Apr 2025

https://github.com/didntchooseaname/altered-security-reporting

A generic sysreptor template to write on-premise related Altered Security's certifications reports of compromission.

altered security sysreptor template

Last synced: 11 Jan 2026

https://github.com/cisco-open/go-lanai

go-lanai is an application frameworks and a set of modules that make writing applications easy

microservice oauth2 openid-connect saml security spring-boot spring-cloud webapp

Last synced: 18 Mar 2025

https://github.com/inverse/cert-host-scraper

Query the certificate transparency log

certificate scraper security

Last synced: 19 Jan 2026

https://github.com/benoitchantre/wp-composer-auto-updates

WordPress MU-Plugin to enable maintenance and security updates when the site uses version control and DISALLOW_FILE_MODS.

auto-update security wordpress wordpress-mu-plugin

Last synced: 30 Apr 2025

https://github.com/passmarked/ssl

Rules that relate to checking the SSL configuration of each individual resolved server from the domain to ensure locked down config with the broadest compatibility

attack certificate chain cipher compatibility passmarked root-certificate security ssl ssl2 ssl3 standards tls tlsv1 vulnerability

Last synced: 09 Jul 2025