An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/Octogonapus/RegistryScanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 06 Apr 2026

https://github.com/jwilk/getenvy

LD_PRELOAD library to snoop on getenv() calls

security

Last synced: 12 Apr 2025

https://github.com/cnmenghan/quietdirtozipfile

Silently save a directory as a zip file using the Console.

audit backup compress convenient file-management network-security package-files security

Last synced: 07 May 2025

https://github.com/dumbjs/foronce

The OTP Library

crypto node otp security totp

Last synced: 06 Mar 2026

https://github.com/shivamsaraswat/certify

Certify is a python tool designed to check the security of SSL/TLS certificates.

certificate-authority certify python security security-automation ssl-certificate tls tls-certificate

Last synced: 10 Apr 2025

https://github.com/dynonguyen/hospital-management-system

Safety and security of information systems project.

oracle reactjs security

Last synced: 12 Apr 2025

https://github.com/cloudposse/terraform-aws-macie

Use AI/ML and pattern matching to identify and protect sensitive data in AWS

aws compliance machine-lerning macie privacy security terraform terraform-modules

Last synced: 29 Apr 2025

https://github.com/demimarie/sliprock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 18 Jun 2025

https://github.com/zelon88/emotet_analysis-1

A quick & dirty look at an Emotet infection.

analysis botnet campaign emotet heodo malware-analysis opsec security trojan

Last synced: 09 Feb 2026

https://github.com/carlocorradini/graphql-auth-directive

GraphQL @auth directive that protects resources from unauthenticated and unauthorized access

auth authentication authorization graphql nodejs security typescript

Last synced: 16 Feb 2026

https://github.com/IBM/simrun

Attack Simulation Platform (ASP) for detection testing

attack-simulation cloud-security detection-engineering security security-automation threat-detection

Last synced: 26 Jun 2026

https://github.com/amadeusitgroup/starter-kit-for-internal-hacking-event

A kit to organize internal hacking events, improving product security and spreading security knowledge.

event fun security

Last synced: 13 Feb 2026

https://github.com/dk26/strict-path-rs

Handle paths from external or unknown sources securely. Defends against 19+ real-world CVEs including symlinks, Windows 8.3 short names, and encoding tricks and exploits.

directory-traversal file-security filesystem-security path-traversal-prevention path-validation rust rust-crate security type-safety web-security

Last synced: 22 Apr 2026

https://github.com/enquo/cretrit

Comparison-Revealing Encryption primitives

cryptography encryption enquo hacktoberfest order-revealing-encryption ore rust security

Last synced: 05 Apr 2026

https://github.com/radoslaw-sz/guardio

The most flexible control plane for AI Agent systems

ai ai-agent ai-agents control-plane framework guard mcp security

Last synced: 01 Apr 2026

https://github.com/prompt-armor/prompt-armor

Open-source prompt injection detector — 5 layers, 91.7% F1, ~27ms, offline, Apache 2.0

ai-safety anomaly-detection cli faiss jailbreak llm llm-security mcp nlp offline onnx prompt-injection prompt-security python security

Last synced: 03 Jun 2026

https://github.com/rocklambros/any2md

Convert PDF, DOCX, HTML, and TXT files — or web pages by URL — to clean, LLM-optimized Markdown with YAML frontmatter.

cli converter docx html llm markdown pdf python security txt

Last synced: 26 Apr 2026

https://github.com/matricali/kaker-scripts

Compilation of files recovered from compromised hosts. This collection contains various scripts and tools used by the attackers.

attacker backdoors compilation files-recovered hacker-scripts kaker-scripts phishing-attacks scanners scripts security shell

Last synced: 15 Apr 2025

https://github.com/aaearon/mcp-privilege-cloud

A production-ready Model Context Protocol (MCP) server for CyberArk Privilege Cloud integration. Enables AI assistants and MCP clients to securely interact with privileged account management, safe operations, and platform configurations through 8 comprehensive tools.

ai-integration claude-desktop cyberark cyberark-api cybersecurity fastmcp identity-management mcp mcp-server model-context-protocol oauth-authentication oauth2 pam password-vault platform-management privilege-cloud privileged-access-management privileged-accounts python security

Last synced: 18 Feb 2026

https://github.com/nathanjepson/wdac-framework

Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.

application-control applicationcontrol defender enterprise-security operation-system-security powershell powershell-script security sqlite sqlite-database wdac windows windows-defender windows-defender-application-control windowsdefender winrm zero-trust

Last synced: 21 Jun 2025

https://github.com/kovart/forta-spam-detector

Advanced spam detector powered by Forta Network

blockchain detector erc1155 erc20 erc721 ethereum forta phishing scam security spam token

Last synced: 15 Apr 2025

https://github.com/fractaslabs/silverstripe-security-layouts

SilverStripe module for fancier security layouts (login, logout, lost password etc.)

security silverstripe silverstripe-4 silverstripe-module silverstripe-theme

Last synced: 15 Jan 2026

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/anthonyharrison/sbom-manager

Manage collection of SBOMs (Software Bill of Materials)

cyclonedx devsecops sbom sbom-repository sbom-tool security spdx vulnerabilities

Last synced: 11 Apr 2025

https://github.com/andreacioni/keelink

Keepass2Android QR Plug-In Utility

android encryption keepass keepass2android-qr-plug plugin security

Last synced: 21 Mar 2025

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/fvinas/tf_aws_lambda_ip_whitelist

An AWS Lambda-based mechanism to allow temporary IP whitelisting via security groups

aws-ec2 aws-lambda aws-security-group infrastructure lambda-functions security terraform-module whitelist

Last synced: 14 Apr 2025

https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 07 Nov 2025

https://github.com/offsh/offsh

Xonsh-powered pentesting framework.

pentesting security wazuh xonsh xxh

Last synced: 12 Mar 2025

https://github.com/casbin/mux-authz

gorilla/mux's RBAC & ABAC Authorization middleware based on Casbin

abac acl authz casbin gorilla-mux middleware mux plugin rbac security

Last synced: 22 Apr 2025

https://github.com/mitre/apache-tomcat-8-cis-baseline

(WIP) (Alpha) InSpec profile for CIS Apache Tomcat v8 Benchmark

apache inspec inspec-profile mitre-corporation mitre-inspec mitre-saf security tomcat

Last synced: 21 Apr 2025

https://github.com/nwtgck/aes128gcm-stream-npm

🛡128-bit AES-GCM Encryption Stream for Web Browsers

aes-gcm browser encryption javascript security stream streams-api

Last synced: 01 Apr 2025

https://github.com/bytehide/cli

Dotnetsafer CLI is a console tool that allows you to protect your .NET developments, integrates different products and services to keep your code safe.

analyzer dotnet netcore obfuscation owasp protection security security-tools vulnerability

Last synced: 27 Jun 2025

https://github.com/trvswgnr/crab-snitch

Get an alert on macOS if an application accesses your microphone or webcam.

macos personal security

Last synced: 08 Sep 2025

https://github.com/bandarlabs/cveingest

Convert CVEs into LLMs friendly input with multi level crawling

audio cve llm security

Last synced: 03 Jul 2025

https://github.com/crashdump/covert

Covert is a deniable encryption software.

cli deniable-encryption encryption sdk security

Last synced: 16 Feb 2026

https://github.com/ayushn21/bridgetown-content-security-policy

A Bridgetown plugin to add a Content Security Policy in a meta tag

bridgetown bridgetown-plugin content-security-policy security

Last synced: 14 Apr 2025

https://github.com/flutterguard/flutterguard-cli

Know and see everything an attacker can extract and get from your published Flutter app

android apk cli dart exploit flutter opensource reverse-engineering security static-analysis

Last synced: 13 Jan 2026

https://github.com/therootcompany/base62-token.js

Generate & Verify GitHub-style & npm-style Base62 Tokens

base62 base62-encoding github-tokens-generator npm-tokens-generator security

Last synced: 17 Jul 2025

https://github.com/elementsinteractive/sheriff

Sheriff is a tool to scan repositories and generate security reports.

dependency-scanning security security-audit security-tools vulnerability-scanner

Last synced: 12 Jan 2026

https://github.com/line/webauthndemo-kotlin

WebAuthnDemo Kotlin is a sample application demonstrating the integration of the webauthn-kotlin SDK for secure, password-less authentication in Android apps. It showcases the use of biometric and device credential authenticators, along with examples for registering and authenticating credentials.

authenticator demo fido2 kotlin passwordless security webauthn

Last synced: 02 Sep 2025

https://github.com/rix4uni/portmap

portmap is a fast portscan tool, uses shodan public data for port scan used internetdb.shodan.io and api.shodan.io/shodan/host

bug-bounty bugbounty bugbountytips hacking infosec internetdb osint osint-resources penetration-testing pentest-tool pentesting port-enumeration portscanner recon reconnaissance scan-ports security security-tools shodan threat-intelligence

Last synced: 28 Aug 2025

https://github.com/fortio/safecast

Go, safe from accidental overflow, number type conversions

conversions golang golang-library security

Last synced: 17 Jun 2025

https://github.com/solun-pm/solun

Solun is a service that allows you to share files, text and sending emails with end-to-end encryption, without having to worry about your privacy.

docker end-to-end-encryption mongodb nextjs privacy security

Last synced: 15 Jun 2025

https://github.com/arturmiller/adversarial_ml_ctf

This repository is a CTF challenge, showing a security flaw in most (all?) common artificial neural networks. They are vulnerable for adversarial images.

adversarial challenge ctf docker flask machine-learning optimization python security website

Last synced: 18 Apr 2025

https://github.com/gatomod/path_trav

🤨🔎 A simple path traversal checker made with Rust. Useful for APIs that serve dynamic files.

fs path path-traversal rust security

Last synced: 13 Apr 2025

https://github.com/gp187/ubuntu-privacy-fix

After a fresh install don't forget to remove telemetry and harden security

privacy security telemetry ubuntu

Last synced: 11 Apr 2025

https://github.com/heartsucker/rust-secure-session

Signed, encrypted session cookies for Iron

cryptography http iron rust security session

Last synced: 13 May 2025

https://github.com/riotkit-org/gpbkdf2

PBKDF2 key encoder for use in shell. Single, tiny binary. Written in Go.

aes aes-256 aes-256-cbc cbc cbc-mode crypto go openssl pbkdf2 pbkdf2-cli security

Last synced: 02 Aug 2025

https://github.com/mdeous/dnscheck

Subdomain takeover assessment tool.

dns security subdomain-takeover

Last synced: 11 Apr 2026

https://github.com/benjitrapp/project-makalu

Penetration testing challenge => Test the broken "Session Handling" in the new shop of the "anna group"

burpsuite ctf-challenges docker flask hacking-simulator python3 security

Last synced: 14 Apr 2025

https://github.com/rohaquinlop/immunipy

A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust.

cli python python-library sca security vulnerability-detection vulnerability-scanners

Last synced: 17 Oct 2025

https://github.com/soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

dast penetration-testing security soos web-security

Last synced: 24 Feb 2026

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026

https://github.com/jessechale/halehound-cyd

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

bluetooth cc1101 cheap-yellow-display cyd esp32 esp32-diy hacking nrf24l01 offensive-security pentest security security-tools subghz wifi

Last synced: 12 Mar 2026

https://github.com/seznam/jailoc

🔒 Jail your AI agents — sandboxed Docker environments with network isolation for Opencode agents

ai-agents cli devtools docker docker-compose golang network-isolation opencode sandbox security

Last synced: 04 Apr 2026

https://github.com/p0dalirius/securityscripts

This repository contains a set of useful scripts templates for pentesters and security researchers.

pentest python scripts security

Last synced: 03 Jul 2026

https://github.com/smed79/easylist-hosts

Unified EasyList hosts blacklist for use with DNS and domain blocking tools as pi-hole for the purpose of blocking bad domains used for serving ads, tracking, mining, malware and other nasty content.

adblock adblock-plus adguard blacklist blocklist dns dnsforge domains easylist easyprivacy hosts hosts-file malware nextdns personaldnsfilter phishing pi-hole privacy security ublock

Last synced: 24 Oct 2025

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/always-further/runseal

Sealed execution environment for GitHub Actions.

actions isolation sandbox security supply-chain-security

Last synced: 05 Jun 2026

https://github.com/orijtech/tickeryzer

Check missing (*time.Ticker).Stop() call, which can cause resources leak.

golang security static-analysis

Last synced: 09 Feb 2026

https://github.com/neuralegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

appsec brightsec e2e pentesting qa security test testing typescript

Last synced: 17 Mar 2026

https://github.com/demon1a/bounties-uwu

Chrome extension uses the HackerOne API to reveal hidden rewarded bounties on HackerOne

bugbounty hackerone javascript security tools

Last synced: 14 Oct 2025

https://github.com/samouraiworld/sec-guidebook

The Ultimate Security Guide Book for new-cryptorich friends

exploits good-practices privacy protection security wallet

Last synced: 27 Jan 2026

https://github.com/zekker6/devsandbox

Sandbox for running untrusted dev tools. Filesystem isolation via bubblewrap, optional MITM proxy for traffic inspection. Perfect for AI coding assistants.

ai-coding-assistant bubblewrap claude-code development-tools linux mitm namespaces proxy sandbox security

Last synced: 29 Apr 2026

https://github.com/visualbean/hibp.net

A simple .NET wrapper for the HIBP (Have I been pwned?) Api

csharp haveibeenpwned hibp netcore nuget security

Last synced: 10 Oct 2025

https://github.com/epappas/llmtrace

Zero-code LLM security & observability proxy. Real-time prompt injection detection, PII scanning, and cost control for OpenAI-compatible APIs. Built in Rust.

agentic ai-agents ai-infrastructure ai-security aiops chatgpt llm-inference llm-monitoring llm-security llm-security-compliance-prompt-injection llmops mlops observability openai pii-detection prompt-injection proxy rust security

Last synced: 19 Feb 2026

https://github.com/99999g/ak47

AK47 是一款跨平台的漏洞利用与安全评估工具 | AK47 is a cross-platform vulnerability exploitation and security assessment tool

expr mcp pentest redteam security skills wails

Last synced: 10 Apr 2026

https://github.com/jaybrown/application-launch-monitor-alm-

Extend macOS Gatekeeper functionality by verifying applications at every launch

anti-malware anti-virus antimalware antivirus codesign gatekeeper macos malware privacy security

Last synced: 03 Mar 2026

https://github.com/ynori7/hulksmash

A very easy-to-use library for building a custom brute-force requester for QA purposes

bruteforce qa qatools security security-tools

Last synced: 23 Jan 2026

https://github.com/bmedicke/reed

notes about 🔍 Reverse Engineering and 🔥 Exploit Development

debugging exploit-development reverse-engineering security

Last synced: 09 Oct 2025

https://github.com/venkatas/vikramaditya

Autonomous VAPT platform. Give it a target (FQDN, IP, CIDR) — it hunts, it reports. Inspired by the Obsidian Order.

ai-security autonomous-agent bash bug-bounty penetration-testing python recon security vapt vulnerability-scanner

Last synced: 30 Apr 2026

https://github.com/ryanbalfanz/rtspios

A Raspberry Pi distribution that turns your Pi in to an RTSP server (e.g. security camera)

camera custompios cvlc raspberry-pi-camera raspberrypi raspicam raspivid rtsp rtsp-server security vlc

Last synced: 24 Apr 2025

https://github.com/pelock/jobfuscator-python

JObfuscator is a source code obfuscator for the Java language. Protect Java source code & algorithms from hacking, cracking, reverse engineering, decompilation & technology theft.

decompiler decompiler-java java mangle mangler obfuscate obfuscate-code obfuscate-strings obfuscated obfuscated-code obfuscation obfuscator security source-code

Last synced: 13 Jul 2025

https://github.com/buession/buession-security

Buession 安全框架,整合了 spring security、shiro、pac4j;封装了极验等行为验证产品 SDK。

desensitization geetest java mcrypt pac4j security shiro spring

Last synced: 14 Apr 2025

https://github.com/lanshuns/wintorproxy

A batch script that enabling Tor and Privoxy as a SOCKS5 proxy, providing enhanced privacy and anonymity for internet traffic.

batch privacy proxy security socks tor

Last synced: 25 Feb 2026

https://github.com/mychewcents/e2e-encryption

An npm module to allow for easier E2E encryption and decryption. Works on 'tweetnacl' npm package.

e2e-encryption encryption encryption-decryption encryption-tool end-to-end-encryption npm npm-package privacy privacy-protection security

Last synced: 17 Jan 2026