An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/saptaks/saikoro

Diceware GUI: An easy way for non-tech people to get diceware passphrases

diceware gui-application passphrase security

Last synced: 24 Apr 2025

https://github.com/didinj/grails4-spring-security-login-example

Grails 4 Tutorial: Spring Security Core Login Example

authentication core example grails grails4 login plugin security spring tutorial

Last synced: 24 Apr 2025

https://github.com/outbit/pivportal

Secure Linux access using a PIV (HSPD-12), CAC, SmartCard, or x509 Client Certificate remotely without a physical card reader.

cac hspd-12 hspd12 linux-client pam-module piv pkcs11 security smartcard

Last synced: 24 Apr 2025

https://github.com/panagiotisdrakatos/universal-encryption-channel

Cross-platform socket API for Windows Universall Apps and Java

cross-platform encryption key-exchanges security

Last synced: 16 Aug 2025

https://github.com/fossable/autovet

Automated security testing for open source libraries and applications.

security security-tools supply-chain

Last synced: 25 Apr 2025

https://github.com/oops-org-php/mod_execdir

mod_execdir: jailed system function. Run only the shell command in the specified directory

jail php8 security shell-injection

Last synced: 26 Apr 2025

https://github.com/pelock/total-commander-ftp-password-recovery-tool

Total Commander FTP Password Recovery Tool allows you to decrypt the FTP account password information for all Total Commander versions with the FTP plug-in.

assembler assembler-x86 assembly decoder decoder-utility decoding ftp password password-recovery php security total-commander

Last synced: 30 Oct 2025

https://github.com/mrcloudsec/mitre-aws-checks

Script for analyzing the compliance of your AWS account based on the adversary techniques on the MITRE ATT&CK Iaas Matrix.

aws mitre security security-scanner security-tools

Last synced: 24 Oct 2025

https://github.com/ubernostrum/django-flashpolicies

Flash cross-domain policies for Django.

django flash python security

Last synced: 26 Oct 2025

https://github.com/italomaia/uri-faker

See how fonts can be used to create fake URIs

fonts html jquery pentest phishing security semantic-ui uri usability

Last synced: 28 Oct 2025

https://github.com/mondoohq/ansible-mondoo

Ansible Role for Mondoo cnquery and cnspec

ansible policy policy-as-code security security-as-code

Last synced: 29 Jan 2026

https://github.com/djx-y-z/libsignal_dart

Wrapper for libsignal, implementing the Signal Protocol for end-to-end encryption. Features Double Ratchet, X3DH, Sealed Sender, Group Messaging (SenderKey), and Kyber post-quantum key exchange. Optimized for Flutter and cross-platform applications (Android, iOS, Linux, macOS, Windows). AGPL-3.0 Licensed.

cross-platform cryptography dart double-ratchet encryption end-to-end-encryption flutter flutter-rust-bridge frb libsignal messaging privacy rust sealed-sender security signal-protocol x3dh

Last synced: 01 May 2026

https://github.com/riquedev/django-login-history2

It's easy to use, plug-in django app that once included, stores logins history (with device data, like IP, user-agent, location etc.) of all users

authenticate django ip location login security session

Last synced: 17 Mar 2026

https://github.com/hexway/hive-burp-extension

About Hive Burp Suite Extension

pentest pentest-tool security security-tools

Last synced: 26 Feb 2026

https://github.com/infothrill/ansible-role-lynis

An Ansible role to install Lynis, an open source security auditing tool.

ansible ansible-role audit lynis security

Last synced: 11 Feb 2026

https://github.com/bluet/ctf.pwnd.pw

Someone's Great Website, CTF present by NCNU ISSDNA

ctf docker hacktoberfest issdna ncnu ncnu-issdna security service wargame

Last synced: 14 Feb 2026

https://github.com/vpereira/brucutu

Brute force tool for SSH, IMAP, HTTP, FTP, POP3 and others

brute-force go golang security security-audit

Last synced: 14 Feb 2026

https://github.com/khalidelboray/zap-api-raku

A Raku module for the OWASP ZAP API.

owasp raku raku-module security web-security zaproxy

Last synced: 01 Apr 2026

https://github.com/henriquetourinho/brhttp

Um servidor estático em Go, superpoderoso. Oferece Live Reload, mas também automação de build com webhooks, proxy reverso e uma API de controle completa.

automation binario debian dev-server frontend go golang linux live-reload minimalist no-dependencies open-source performance reverse-proxy security spa static-server zero-config

Last synced: 04 May 2026

https://github.com/sethvargo/go-malice

A malicious package to demonstrate the importance of software supply chain security.

dont-use-this-no-really security software-supply-chain

Last synced: 08 May 2025

https://github.com/neospl0it/discord-rat

A powerful Discord RAT for remote control & monitoring. Capture screenshots, grab passwords, evade detection.

discord discord-bot discord-rat grabber-password grabber-token python rat remote-access-trojan remoteaccesstrojan security

Last synced: 22 Apr 2025

https://github.com/pixielabs/whisper-key

Send & receive secure messages in the browser.

cryptography messaging security

Last synced: 20 Jun 2025

https://github.com/humblelad/neuro

Netlas automation to scan for vulnerabilities using nuclei templates.

netlas security security-automation

Last synced: 10 May 2025

https://github.com/pawamoy/django-cerberus-ac

Django Cerberus Access Control, extended permission system.

access control django ontology permissions role-based-access-control security

Last synced: 05 Jul 2025

https://github.com/riimu/kit-securerandom

Library for leveraging secure random generators

php php-library random-generation security uuid

Last synced: 25 Jul 2025

https://github.com/zaryab2000/smart-contracts_audit_reports

A collection of my publicly available smart contract security audit reports and details about my audit procedures. 🔐

security security-audit smart-contracts solidity web3

Last synced: 30 Jul 2025

https://github.com/jakiboy/ratr

Router Config Extractor (Huawei, ZTE)

ppp router security tr069 zte

Last synced: 21 Jun 2025

https://github.com/sfr-development/wondersuite-ai-bug-bounty

AI-Powered Offensive Security Research Engine - desktop-native security testing platform with native MCP integration. 90 tools, MITM proxy, stealth browser, autonomous AI agent. Built on Tauri + Rust + React.

ai-agent bug-bounty burp-suite-alternative desktop-app llm-tools mcp mitm-proxy model-context-protocol offensive-security pentesting react rust security security-tools tauri typescript vulnerability-scanner web-security

Last synced: 30 May 2026

https://github.com/aniketp/audittestsuite

An implementation of Regression Test Suite for FreeBSD Audit Framework [GSoC-18]

filesystem freebsd gsoc-2018 ipc kernel operating-system security sockets

Last synced: 09 Jul 2026

https://github.com/mrcl0wnlab/new-ip-tor

This module that makes it easy to reboot IP Tor network

hacking python security security-tools tor

Last synced: 18 Jul 2025

https://github.com/jenkinsci/pam-auth-plugin

Jenkins plugin to support authentication using PAM on Unix-like systems.

authentication jenkins-plugin pam security

Last synced: 22 Jun 2025

https://github.com/capnspacehook/basp

A better way to manage software restriction policies, on Windows XP through 10

c-plus-plus security whitelisting windows

Last synced: 12 May 2025

https://github.com/maandree/correctpony

Passphrase generator based on http://xkcd.com/936/

correcthorsebatterystaple password-generator security

Last synced: 24 Feb 2025

https://github.com/davemolk/dorking

advanced searching for bing, brave, duck duck go, and yahoo

bug-bounty bugbounty dorking go golang infosec osint pentesting pentesting-tools recon research search search-engine security

Last synced: 14 Jul 2025

https://github.com/dsha256/token-go

JWT & PASETO Implementation of the Token Based Authentication

go golang jwt-tokens paseto-tokens security token-based-authentication

Last synced: 26 Jun 2025

https://github.com/csfelix/csharp-fermat-method-rsa-attack

👥 Just to education goals, please, doesn't use it to bad purposes!! 👥 (🔑 KeyWords: C#, C Sharp, RSA Algorithm, Fermat's Method 🔑)

cipher csharp rsa security

Last synced: 28 Apr 2025

https://github.com/rix4uni/msarjun

Mass-scale hidden parameter discovery using Arjun. A high-performance wrapper that parallelizes Arjun for efficient parameter discovery across multiple targets.

api-fuzzer api-fuzzing api-testing arjun bug-bounty bugbounty bugbountytips content-discovery hacking infosec osint osint-tool parameter-discovery penetration-testing pentest-tool pentesting recon reconnaissance security security-tools

Last synced: 07 Apr 2026

https://github.com/theoomoregbee/angular4-auth

EVERYTHING YOU NEED TO KNOW ON SECURING YOUR ANGULAR 2+ SPA

angular-cli angular4 security single-page-app spa

Last synced: 09 May 2025

https://github.com/jwilk/longutf8

generate overlong UTF-8 sequences

security unicode

Last synced: 12 Apr 2025

https://github.com/mkmik/getsum

Abuse the gosum database to store verifiable hashes about any binary file

go hack security transparency

Last synced: 17 Aug 2025

https://github.com/hobbyquaker/check_nextcloud

Nagios/Icinga Nextcloud Security Check :cloud: :closed_lock_with_key: :ballot_box_with_check:

icinga monitoring nagios nextcloud security

Last synced: 12 Apr 2025

https://github.com/contributte/event-dispatcher-extra

:recycle: Nette-based Symfony events for application, presenter, form, latte, templates, security and many others.

application contributte event-dispatcher event-emitter events mvc nette nette-framework security

Last synced: 19 Jul 2025

https://github.com/mwolff44/pi-secured-setup

Secure setup and permission hardening extension for the Pi coding agent.

coding-agent hardening permissions pi pi-extension policy security skill-verification

Last synced: 06 Jul 2026

https://github.com/akmalovaa/crowdsec-blocklist

Crowdsec Blacklist mirror - allows you to create a local HTTP service with an up-to-date list of harmful IP addresses

blocklist crowdsec docker docker-compose firewall security

Last synced: 19 Apr 2025

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/zuazo/chef-encrypted-attributes

Chef plugin to add Node encrypted attributes support using client keys.

chef credentials devops encrypted-attributes encryption gcm keys passwords pki plugin secrets security

Last synced: 13 Apr 2025

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/buession/buession-security

Buession 安全框架,整合了 spring security、shiro、pac4j;封装了极验等行为验证产品 SDK。

desensitization geetest java mcrypt pac4j security shiro spring

Last synced: 14 Apr 2025

https://github.com/zelon88/accessibility-tools-utilmon-defender

A Windows 7-10 startup script for detecting and preventing "Ease Of Access" attacks.

accessibility admin-tools anti-hacking defender security

Last synced: 31 Oct 2025

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/aaearon/mcp-privilege-cloud

A production-ready Model Context Protocol (MCP) server for CyberArk Privilege Cloud integration. Enables AI assistants and MCP clients to securely interact with privileged account management, safe operations, and platform configurations through 8 comprehensive tools.

ai-integration claude-desktop cyberark cyberark-api cybersecurity fastmcp identity-management mcp mcp-server model-context-protocol oauth-authentication oauth2 pam password-vault platform-management privilege-cloud privileged-access-management privileged-accounts python security

Last synced: 18 Feb 2026

https://github.com/demimarie/sliprock

A secure local interprocess communication library.

interprocess-communication secure-by-default security sockets unix windows

Last synced: 18 Jun 2025

https://github.com/eftec/securityonemysql

It is a library

mysql php php7 security

Last synced: 07 Mar 2026

https://github.com/digitalruby/socketcloser

Close ipv4 and ipv6 sockets on Windows and Linux

ipv4 ipv6 linux network networking security sockets windows

Last synced: 24 Jul 2025

https://github.com/flutterguard/flutterguard-cli

Know and see everything an attacker can extract and get from your published Flutter app

android apk cli dart exploit flutter opensource reverse-engineering security static-analysis

Last synced: 13 Jan 2026

https://github.com/riotkit-org/gpbkdf2

PBKDF2 key encoder for use in shell. Single, tiny binary. Written in Go.

aes aes-256 aes-256-cbc cbc cbc-mode crypto go openssl pbkdf2 pbkdf2-cli security

Last synced: 02 Aug 2025

https://github.com/octogonapus/registryscanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 28 Jun 2025

https://github.com/benjitrapp/project-makalu

Penetration testing challenge => Test the broken "Session Handling" in the new shop of the "anna group"

burpsuite ctf-challenges docker flask hacking-simulator python3 security

Last synced: 14 Apr 2025

https://github.com/csm-actions/approve-pr-action

GitHub Action to approve pull requests securely

github-actions oss security

Last synced: 13 May 2025

https://github.com/pelock/jobfuscator-python

JObfuscator is a source code obfuscator for the Java language. Protect Java source code & algorithms from hacking, cracking, reverse engineering, decompilation & technology theft.

decompiler decompiler-java java mangle mangler obfuscate obfuscate-code obfuscate-strings obfuscated obfuscated-code obfuscation obfuscator security source-code

Last synced: 13 Jul 2025

https://github.com/solun-pm/solun

Solun is a service that allows you to share files, text and sending emails with end-to-end encryption, without having to worry about your privacy.

docker end-to-end-encryption mongodb nextjs privacy security

Last synced: 15 Jun 2025

https://github.com/mahmudnibir/hiddenmessage

⚕️ HiddenMessage is a Python script that uses LSB steganography to hide and extract secret text in images. It encrypts the message with AES before embedding, ensuring both privacy and invisibility.

data-hiding digital-forensics encoding encryption encryption-decryption image-processing lsb message-hiding password pil python security steganography

Last synced: 21 Jul 2025

https://github.com/gatomod/path_trav

🤨🔎 A simple path traversal checker made with Rust. Useful for APIs that serve dynamic files.

fs path path-traversal rust security

Last synced: 13 Apr 2025

https://github.com/rix4uni/linkinspector

linkinspector is a fast command-line tool for inspecting URLs and retrieving HTTP status codes, content lengths, and content types. It supports filtering and matching responses, and can process URLs from stdin or files.

bug-bounty bugbounty bugbountytips hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools threat-intelligence

Last synced: 17 Feb 2026

https://github.com/louib/challenge-response

Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust.

authentication challenge-response encryption hmac hmac-sha1 nitrokey onlykey otp security yubico yubikey

Last synced: 24 Mar 2025

https://github.com/MaybeThisIsRu/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 07 Nov 2025

https://github.com/offsh/offsh

Xonsh-powered pentesting framework.

pentesting security wazuh xonsh xxh

Last synced: 12 Mar 2025

https://github.com/iwpnd/fiber-key-auth

fiber api key authentication middleware

api gofiber golang security

Last synced: 20 Mar 2025

https://github.com/maybethisisru/eleventy-plugin-safe-external-links

Stop XSS attacks by preventing access to origin window for links that open in a new tab/window.

11ty eleventy external-links links security

Last synced: 12 Apr 2025

https://github.com/trvswgnr/crab-snitch

Get an alert on macOS if an application accesses your microphone or webcam.

macos personal security

Last synced: 08 Sep 2025

https://github.com/rezen/openvas-up

Levels up scripting OpenVAS

openvas python security vulnerability-scanners

Last synced: 10 Jun 2025

https://github.com/imagemlt/nodelcx

nodejs编写的tcp内网穿透脚本

forward-proxy lcx security security-tools

Last synced: 13 Apr 2025

https://github.com/bitsofinfo/vault-token-issuer

Simple REST API proxy and SPA for Hashicorp's Vault token auth method API(s), specifically create-orphan

ci-cd hashicorp-vault proxy security token-based-authentication vault

Last synced: 01 Nov 2025