An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/Ovi3/awvs_xray

AWVS13和xray的自动化扫描脚本

scanner-web security vulnerability vulnerability-scanners web-security

Last synced: 11 Jul 2025

https://github.com/briandfoy/cpan-audit

Check CPAN modules for known security vulnerabilities

cve perl perl-module perl-tool security security-audit

Last synced: 13 Apr 2025

https://github.com/maximthomas/blazewall

Open Source Single-Sign-On and Access Management platform built in microservice architecture

authentication authorization cloud-native gateway-service go go-gin golang information-security microservice microservices security sso sso-solution

Last synced: 15 Dec 2025

https://github.com/mindpatch/pmg

Extract parameters/paths from urls

bugbounty bugbounty-tool bughunting python regex security

Last synced: 12 Jul 2025

https://github.com/bwireman/go-over

A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!

audit beam cli dependencies dependency elixir erlang ghsa gleam javascript security security-audit security-tools tools vulnerable

Last synced: 28 Oct 2025

https://github.com/jasona7/ChatCVE

ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data

devsecops python sbom security

Last synced: 04 Apr 2025

https://github.com/sripwoud/ethernaut

🧑‍🚀 Web3/Solidity based wargame, played in the Ethereum Virtual Machine

blockchain ctf ethereum ethernaut evm forge foundry hack security solidity web3

Last synced: 16 Mar 2026

https://github.com/marvinjwendt/traefik-guardian

👮 A dead simple forward auth provider to protect Traefik services with passwords.

auth auth-provider authentication docker docker-image golang hacktoberfest security traefik traefik-middleware user-authentication

Last synced: 15 Dec 2025

https://github.com/postgrespro/libblobstamper

Framework for Structure Aware Fuzzing. Allows to build own stamps that would convert pulp-data that came from fuzzer to data with structure you need

fuzzing sdl security structure-aware-fuzzing

Last synced: 28 Feb 2026

https://github.com/sassman/srp6-rs

A safe implementation of the secure remote password authentication and key-exchange protocol (SRP and SRP6a)

authentication cryptography pki protocol rust secure-remote-password security srp srp-6a

Last synced: 19 Apr 2026

https://github.com/vmagamedov/security-framework

Step-by-step personal cybersecurity guide

2fa fido2 security yubikey

Last synced: 18 Jan 2026

https://github.com/jenkinsci/authorize-project-plugin

Run a job with specified authorization

adopt-this-plugin jenkins-plugin security

Last synced: 11 May 2026

https://github.com/sinewaveai/prooflayer-rules

Open-source runtime security rules engine for MCP servers and AI agents. Detects prompt injection, command injection, jailbreaks, and data exfiltration.

ai-agents ai-security mcp mcp-protocol prompt-injection runtime-security security

Last synced: 16 Jun 2026

https://github.com/celenityy/grapheneos-settings

My recommendations for the ultimate GrapheneOS Configuration :)

android anti-tracking grapheneos hardened hardening privacy privacy-protection security tracking

Last synced: 08 Jun 2026

https://github.com/dev-sec/chef-jenkins-hardening

⛔ DEPRECATED: A secure jenkins installation

chef chef-cookbook devops hardening jenkins security

Last synced: 01 Apr 2025

https://github.com/openagentidentityprotocol/agentidentityprotocol

Agent Identity Protocol - Zero-trust security layer for AI agents. Policy enforcement proxy for MCP with Human-in-the-Loop approval, DLP scanning, and audit logging.

agent-identity-protocol ai-agents ai-safety cursor-ide dlp golang human-in-the-loop llm mcp model-context-protocol policy-enforcement security zero-trust

Last synced: 29 May 2026

https://github.com/karib0u/rustinel-rules

Official, curated detection content (Sigma, YARA, IOC packs) for the Rustinel endpoint detection engine.

blue-team detection-as-code detection-engineering edr incident-response ioc mitre-attack rustinel security sigma threat-detection yara

Last synced: 29 Jun 2026

https://github.com/ait-testbed/attackmate

AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.

api attack automation automation-framework cybersecurity exploit metasploit orchestration pentest python redteam rootkit security sliver testbed training

Last synced: 22 Apr 2025

https://github.com/m3ssap0/spring-break_cve-2017-8046

This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).

cve-2017-8046 exploit security security-tools spring-break spring-data-rest vulnerability vulnerability-scanners

Last synced: 01 Mar 2026

https://github.com/beevik/nts

network time security client package for go

go ntp ntp-client ntp-protocol nts nts-client nts-protocol security time

Last synced: 12 Apr 2025

https://github.com/avast/authenticode-parser

Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.

cryptography security

Last synced: 07 Apr 2025

https://github.com/anotherhadi/github-recon

Retrieves and aggregates public OSINT data about a GitHub user using Go and the GitHub API. Finds hidden emails in commit history, previous usernames, friends, other GitHub accounts, and more.

cybersecurity github osint recon security

Last synced: 30 Aug 2025

https://github.com/bbva/gitsec

gitsec: GIT Secret Discovery

dvcs secrets security

Last synced: 15 Aug 2025

https://github.com/dl-solarity/audits

Distributed Lab public Solidity audits

auditing security solarity solidity

Last synced: 31 Oct 2025

https://github.com/azureanimations/azureanimations.github.io

Azure Animations, where we make hard-to-understand Azure cloud concepts easier and more fun to learn!

ai azure copilot devops microsoft openai security

Last synced: 30 Jun 2025

https://github.com/neuralegion/sectester-js-demo

This is a demo project for the SecTester JS SDK framework, with some installation and usage examples.

appsec brightsec demo e2e jest nestjs pentesting qa security test testing typescript

Last synced: 05 Apr 2025

https://github.com/tijme/binaries

A mirror of several precompiled standalone red-teaming tools.

binaries cyber hacking mirror precompiled redteam security standalone tools

Last synced: 25 Apr 2025

https://github.com/tjenkinson/gh-action-auto-merge-dependency-updates

A GitHub action that will automatically approve and merge a PR that only contains dependency updates, based on some rules. Also possible to disable the merge and use the `success` output to use in combination with other actions.

action automation automerge dependabot dependency gh-action merge security updater

Last synced: 06 Apr 2025

https://github.com/openziti/ziti-sdk-js

A JavaScript-based SDK for delivering secure browser-based web applications over a Ziti Network

appsec javascript netsec openziti sdk security zero-trust zero-trust-network zero-trust-network-access zero-trust-security zerotrust ztna

Last synced: 29 Jul 2025

https://github.com/mariosergiosl/memusage

This tool displays the memory usage of processes on a Linux system, including total system memory, free memory, and used memory. It also shows the memory usage of each process in a hierarchical tree format.

automation automations devops linux memory-usage process-monitoring psutil python security security-tools sysadmin troubleshooting

Last synced: 16 Jan 2026

https://github.com/kaivyy/perseus

AI-powered security assessment for your codebase. Multi-language (JS, Go, Python, Rust, Java, PHP, Ruby, C#). Works with Claude Code, Codex, OpenCode.

ai-security claude claude-code code-review cybersecurity devsecops penetration-testing security security-audit static-analysis vulnerability-scanner

Last synced: 15 Feb 2026

https://github.com/jeziellago/appclonedetector

Kill app if it is running under a cloned environment in Android device.

android clone detector kotlin kotlin-android security

Last synced: 07 May 2025

https://github.com/mirego/absinthe_security

AbsintheSecurity provides utilities to improve the security posture of APIs built with Absinthe GraphQL.

absinthe absinthe-graphql elixir elixir-lang security

Last synced: 14 Aug 2025

https://github.com/coinfabrik/scout-actions

Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. This GitHub Action allows you to incorporate Scout's analysis into every Pull Request.

audit auditing blockchain ink rust security smart-contract soroban static-analysis vulnerability-detection

Last synced: 30 Jun 2025

https://github.com/apal21/target-blank-vulnerabilities-features

Examples of some features and the vulnerabilities that can exploit any webpage if target="_blank" is used without rel="noopener"

css html javascript security vulnerability

Last synced: 14 Apr 2025

https://github.com/jakbin/flask-tor

Host your flask website on tor using flask-tor.

flask onion onion-service onionshare python security tor tor-onion-service

Last synced: 12 Apr 2025

https://github.com/infertux/sysechk

System Security Checker is a bundle of small shell scripts to assess your computer security.

cve cve-scanning security security-checker shell

Last synced: 26 Oct 2025

https://github.com/crowdstrike/container-image-scan-action

CrowdStrike Container Image Scan Github Action

cicd containers continuous-integration security

Last synced: 22 Jun 2025

https://github.com/pgrls/pgrls

Static analyzer for Postgres Row-Level Security — 47 lint rules covering tenant and per-user row-scoping bugs, performance traps, and hygiene; 17 mechanically auto-fixable; semantic policy-diff command for CI gating; pytest plugin for RLS isolation tests.

ci linter multi-tenant postgres postgresql rls row-level-security security static-analysis supabase

Last synced: 30 Jun 2026

https://github.com/securityfirst/Umbrella_ios

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

infosec ios open-source safety security

Last synced: 03 May 2025

https://github.com/jojonas/db_nmap

Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.

metasploit metasploit-framework networks nmap security

Last synced: 14 Jan 2026

https://github.com/phylum-dev/vuln-reach

A library for building tools to determine if vulnerabilities are reachable in a code base.

cve security vulnerabilities

Last synced: 13 Oct 2025

https://github.com/koukyosyumei/rhoevm

symbolic EVM execution engine written in Rust

evm formal-methods rust security smart-contracts symbolic-execution

Last synced: 13 Oct 2025

https://github.com/alexylon/ferrocrypt

FerroCrypt is a pure Rust library, CLI, and desktop application for encrypting and decrypting files and directories using password-based or key-pair-based encryption.

cli cryptography decryption encryption file-encryption gui hybrid-encryption rust rust-lang rustlang security security-tools slint symmetric-encryption

Last synced: 24 May 2026

https://github.com/ambitus/racfu

RACFu (RACF universal) - A unified and standardized interface to RACF callable services.

automation json mainframe python racf racfu security simplification standardization zos

Last synced: 23 Jan 2026

https://github.com/ukhomeoffice/policy-admission

Kubernetes admission controller

admission-controllers kubernetes security

Last synced: 08 Apr 2025

https://github.com/heutelbeck/sapl-demos

Demo, tutorial, and benchmarks for the SAPL policy engine

access-control authorization benchmark demo examples java policies sapl security spring spring-security tutorial

Last synced: 27 Feb 2026

https://github.com/wolfssl/wolfhsm

HSM library that uses wolfCrypt as it's fallback crypto

aurix automotive autosar cryptography hardware-security-module hsm pkcs11 rh850 security tricore

Last synced: 27 Apr 2025

https://github.com/dataplat/dbadisa

🦅 DISA STIG automation module for SQL Server

automation disa powershell security sqlserver stig

Last synced: 04 Apr 2025

https://github.com/tankerhq/spec

Technical specification of the Tanker SDK and protocol for end-to-end encryption

cryptography encryption end-to-end privacy sdk security specification tanker

Last synced: 07 Feb 2026

https://github.com/shelld3v/python-shell-cheat-sheet

Full python reverse shell and bind shell payloads

bind-shell cheat-sheet exploit hacking python python3 reverse-shell security shell

Last synced: 01 May 2026

https://github.com/brickmakersgmbh/aspsecurityheaders

A small package for ASP.Net (Core) to automatically configure secure HTTP-Headers

asp-net asp-net-core brickmakers csharp csp dotnet dotnet-core hsts http-headers https security security-headers

Last synced: 24 Apr 2025

https://github.com/talsec/free-rasp-capacitor

Capacitor plugin for Android and iOS mobile devices. SDK providing app protection and threat monitoring. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jailbreak, Frida, emulators, bots, tampering and integrity issues, obfuscation, VPN usage, malware, and monitor device identification and fingerprint.

app-security capacitor capacitor-app-security capacitor-app-shielding capacitor-application-security capacitor-community capacitor-frida capacitor-plugin capacitor-rasp capacitor-reverse-engineering capacitor-root-detection capacitor-security capacitor-tampering capacitor-tampering-detection freerasp security

Last synced: 20 Feb 2026

https://github.com/samuel-lucas6/crypto-is-cool

A list of cryptography books, papers, blog posts, presentations, and Q&A answers.

crypto cryptography infosec programming security

Last synced: 07 Jan 2026

https://github.com/charlesportwoodii/libsodium-uwp

libsodium for Universal Windows Platform (UWP) - A secure cryptographic library

cryptography hash hkdf libsodium nacl nuget security sodium uwp

Last synced: 24 Jun 2025

https://github.com/slippyex/data-guardian

Tiny, zero-dependencies, package which tries to mask sensitive data in arbitrary collections (map, set), errors, objects and strings.

auditing covering logging masking security sensitive-data sensitivity telemetry tracing

Last synced: 12 May 2025

https://github.com/stdevel/linux-host-security

Talk about Linux host security and various code examples

aide ansible devsec linux presentation security talk

Last synced: 23 Apr 2025

https://github.com/theredguild/devcontainer

The Red Guild's devcontainer focused in web3 and security.

devcontainer security security-tools web3

Last synced: 22 Mar 2025

https://github.com/infineon/remote-attestation-optiga-tpm

Setup and operation guide for OPTIGA™ TPM backed remote attestation on a Linux system

raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/krishealty/hidemeplease

HideMePlease is a new generation tool to hide phising web links into legitimate web links with original domains (eg: facebook.com, instagram.com) using ccTLD Disguise method.

cybersecurity hacking hacking-tool hacking-tools phishing-script phising phising-link security vulnerability

Last synced: 14 Jul 2025

https://github.com/reverseapple/dgraph

Visualizing Mach-O Loads Recursively using Graphviz

apple executable graph macho reverse-engineering security

Last synced: 09 Apr 2025

https://github.com/oijkn/adguardhome-doh-dot

Official AdGuarHome docker with both DoH (DNS over HTTPS) and DoT (DNS over TLS) clients. Don't browse the Internet insecurely by sending your DNS requests in clear text !

adblocker adguard-home adguardhome cloudflare dns dns-over-https dns-over-tls docker docker-compose network privacy raspberry-pi security stubby unbound

Last synced: 12 May 2025

https://github.com/bird-house/twitcher

Security Proxy for Web Processing Services (WPS)

certificates oauth ogc proxy pyramid python security wps x509

Last synced: 21 Aug 2025

https://github.com/mahdijafaridev/fastapi-middlewares

Essential middlewares that for FastAPI applications

cors fastapi logging middleware middlewares python security starlette

Last synced: 13 Jan 2026

https://github.com/checkedc/checkedc-llvm-project

This was a fork of Checked C clang used from 2021-2024. The changes have been merged into the original Checked C clang repo, which is now at https://github.com/checkedc/checkedc-clang.

c clang compilers llvm security

Last synced: 13 Jul 2025

https://github.com/mav8557/virus

Polymorphic ELF Virus

elf malware security virus vx

Last synced: 20 Jul 2025

https://github.com/merciagents/riphook

Deterministic security layer for Openclaw(Clawdbot), Cursor and Claude Code. Write secure code, prevent data exfil, and more

ai-agents clawdbot hooks moltbook moltbot openclaw openclaw-security security

Last synced: 15 Apr 2026

https://github.com/cymmetria/micros_honeypot

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.

deception honeypot micros oracle security security-tools security-vulnerability vulnerability

Last synced: 04 Apr 2026

https://github.com/julien731/AuthPress

Add 2-factor authentication to your WordPress blog site.

2fa authy security wordpress wordpress-plugin

Last synced: 02 Apr 2025

https://github.com/psecio/secure-api

Repository for the "Building a Secure API" series on Websec.io

api php security training tutorial websecio

Last synced: 11 Apr 2025

https://github.com/blackducksoftware/opssight-connector

OpsSight Connector documentation

cloud-native kubernetes ops pod security

Last synced: 10 Apr 2025

https://github.com/bitoiu/repo-visibility-alert-action

Action that alerts org owners of a repository made public. See upcoming `repo-visibility-toggle-sms-action` to toggle it back via SMS reply.

devsecops github github-actions security security-tools twilio twilio-sms-api

Last synced: 30 Apr 2025

https://github.com/shadawck/mitrecve

Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)

api cli cve cve-scanning cve-search dependencies mitre mitre-api mitre-attack security security-scanner security-tools

Last synced: 13 Apr 2025

https://github.com/simeononsecurity/firefox-security-researcher

Configure FireFox with Security and Intelligance features for OSINT and Security Investigations.

security

Last synced: 29 Oct 2025

https://github.com/theodo/accent

Access Control Checker Easy Neat Thorough

access-control security

Last synced: 18 Jul 2025

https://github.com/spinoco/fs2-crypto

Crypto support for fs2

fs2 https security security-tools ssl tls

Last synced: 29 Oct 2025