An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/xbol0/ehs

ex-hostscan, another implements of https://github.com/cckuailong/hostscan

cli redteam-tools scanner security security-tools subdomain-scanner

Last synced: 14 Jan 2026

https://github.com/barikad/gitlabmonitor

Un script shell robuste pour surveiller automatiquement l'apparition de nouveaux dépôts publics sur une instance GitLab et envoyer des notifications par email lors de leur première détection.

gitlab monitor public security

Last synced: 13 Apr 2026

https://github.com/softspiders/express-basicauth-starter

Minimalistic basic-authentication starter on Express

auth basic-auth express js min node security server softspiders ss starter template

Last synced: 11 Apr 2026

https://github.com/elnappo/broadtractor

Broadcast Extractor

broadcast privacy python3 security

Last synced: 25 Mar 2025

https://github.com/vistone/utls-tcp-fingerprint-alignment-downloader

Next-generation TCP/IP fingerprint alignment platform. Bypass Cloudflare, Akamai, Imperva & F5 WAF with uTLS JA3/JA4 spoofing, TCP/IP SYN tuning, HTTP/2 stream manipulation, and global DNS resolution.

akamai cloudflare cybersecurity dns-resolver http2 http3 imperva ja3 ja4 networking nextjs nodejs quic scraping security tcp-fingerprint tls-spoofing typescript utls waf-bypass

Last synced: 12 Jun 2026

https://github.com/cruxstack/octo-sts-distros

Distribution packages and deployment artifacts for Chainguard's Octo STS token service

ci-security cicd github-app octo-sts oidc security sts token

Last synced: 17 Jan 2026

https://github.com/levminer/authme-docs

Documentation for Authme and Authme Web

2fa authme authme-web security

Last synced: 16 Mar 2025

https://github.com/kalebers/web_and_network_vulnerability_scanner

Scripts stricted to research on web and network vulnerabilities.

network python research security vulnerability web

Last synced: 15 Mar 2025

https://github.com/oaslananka/boardreadyops

Board-ready operations toolkit for governance evidence, release discipline, issue triage, security controls, and executive reporting across software delivery workflows.

automation ci-cd compliance evidence github-actions governance issue-triage operations project-management release-management reporting security typescript

Last synced: 30 May 2026

https://github.com/p10ns11y/arch-machine

**The only Arch Linux setup that audits itself harder than your ex audits your text messages 👀💔**. Meet arch-machine 🛡️🤖 — your AI-forged, profile-based Arch Linux fortress 🏰 that turns a fresh install into a paranoid, self-healing, ML/AI-ready workstation ⚡ faster than you can say “yay/paru/pacman … oh god why is it still compiling” 😩�

agents ai archlinux devex installers ml security sentinels shell system-audit tools virusscan vulenrability

Last synced: 30 May 2026

https://github.com/sscarduzio/ror-docker-demo

All in one ELK + ReadonlyREST Free + ReadonlyREST Enterprise docker container for demo purposes

docker elasticsearch elk elk-stack kibana multitenancy security

Last synced: 08 Feb 2026

https://github.com/contisimone99/lbts2023-2024_trusted_interpreter

Interpreter with built-in taint analysis & information flow control. Implements language-level security via custom trust blocks, secret types, and strict execution contexts.

interpreter ocaml security

Last synced: 02 Jul 2025

https://github.com/sampsonc/Perfmon

Performance metrics for Burp Suite

burp java security

Last synced: 19 Apr 2025

https://github.com/luandnh/a2billing.securityconsole

Tool to auto generate MD5 passworđ for extension asterisk and a2billing account.

asterisk netcore security

Last synced: 10 Oct 2025

https://github.com/thecomputeguy/jedi

A web malware analysis framework for PHP-based backends

cms malware-detection python security

Last synced: 26 Apr 2025

https://github.com/silverpoision/thefirstvideo

TheFirsVideo aims to manage your Youtube channels so that you can set your channel priorities and watch latest videos from the channels you want to watch first. TheFirstVideo is a Node-Next app that uses SSR to pre-render the page content and provide user a better response time and thus a better UX

authentication authorization javascript nextjs nodejs reactjs security

Last synced: 10 Apr 2026

https://github.com/gregl83/comandare

TCP Command Line Execution

backdoor rust security tcp

Last synced: 09 Apr 2025

https://github.com/ind4skylivey/s1bpassport-guard

Advanced OAuth2 token monitoring, threat detection & forensics for Laravel Passport. Track tokens, detect brute-force attacks, analyze client activity from CLI.

analitics api-security audit authentication cli cybersecurity devops forensics laravel laravel-package laravel-passport monitoring outh2 php red-team security symfony-console threat-detection token-management

Last synced: 13 Jan 2026

https://github.com/alexlaurence/psyauth

🔐A crypto protocol system that plants an authentication token inside a user's implicit memory to unconsciously learn sensitive information that is robust against torture/coercion

biometric-authentication cryptography memory-game psychology-experiments security

Last synced: 10 Oct 2025

https://github.com/manav-khandurie/file-bin-aws-csm-project

A full stack web application deployed on aws cloud that uses various different aws security services and is a project made and inspired from tiny URL and paste bin

aws security serverless

Last synced: 18 May 2026

https://github.com/BKLockly/ShadowMeld

🕶️ 隐蔽Shellcode嵌入与反检测加载器生成框架 / Stealthy Payload Delivery Framework with Anti-EDR Capabilities

bypass-antivirus bypass-av cipher cryptography hacking hide-files image-steganography lsb-steganography security shellcode shellcode-loader

Last synced: 01 Apr 2025

https://github.com/nuvtools/nuvtools-security

Common library for security purposes.

jwt security token

Last synced: 06 Oct 2025

https://github.com/davidcrowe/openclaw-gatewaystack-governance

GatewayStack governance layer for OpenClaw — identity, scope, rate limiting, injection detection, and audit logging for every tool call

agentic agenticcontrolplane ai audit-logging authorization compliance gatewaystack governance identity injection-detection llm observability openclaw policy rate-limiting scope security

Last synced: 14 Apr 2026

https://github.com/nxgn-kd01/shai-hulud-scanner

Detect the Shai Hulud 2.0 npm supply chain attack (796+ packages). Scans for malicious files, hashes, and compromised ecosystems. Fast, accurate scanner.

cdn cve polyfill polyfill-io scanner security supply-chain vulnerability-scanner

Last synced: 21 Jan 2026

https://github.com/filipnet/nodered-securitycam

Retrieval of e-mail, extraction of image attachments, resizing and creation of slideshow for MQTT

attachments camera e-mail flow hikam image mqtt node-red security slide slideshow

Last synced: 10 Oct 2025

https://github.com/gluufederation/agama-typekey

Agama Project to authenticate people using typing keyboard dynamics

jans security typekey

Last synced: 15 Aug 2025

https://github.com/didrod205/jwtlens

Decode, audit & verify JWTs entirely offline — stop pasting live tokens into jwt.io. Local signature verification (HS/RS/PS/ES/EdDSA) with your own secret/PEM/JWK, plus a security lint (alg:none, exp, aud/iss). Deterministic CLI, JSON/MD reports.

appsec auth authentication cli json-web-token jws jwt jwt-cli jwt-decode node offline security token typescript verify

Last synced: 16 Jun 2026

https://github.com/limitedeternity/ost2

OpenSecurityTraining2 – Lectures

architecture infosec security

Last synced: 10 Oct 2025

https://github.com/padok-team/security-auth-alb

Code to deploy a PoC of application authentication using an Application Load Balancer integrated with AWS Cognito.

authentication aws security

Last synced: 10 Jun 2025

https://github.com/byteskeptical/credcat

Keeper Security Manager application vault access. Meant to be served behind a protected API enpoint, returns records as json.

keeper keeper-secret-manager password-manager security security-tools zero-knowledge

Last synced: 18 Jan 2026

https://github.com/laamalif/vuxml-go

FreeBSD VuXML query tool

cli freebsd freebsd-ports security unix vuxml

Last synced: 18 Jan 2026

https://github.com/whisperrnote/chats

open source, secure chat application

chat privacy security signal telegram whatsapp

Last synced: 15 Aug 2025

https://github.com/than-dev/passm

A simple and secure node local password manager!

cryptography filesystem javascript linux management nodejs security terminal

Last synced: 12 Apr 2026

https://github.com/malmichaels-gif/agent-instructions-kit

Keep your AGENTS.md and CLAUDE.md files consistent, safe, and lint-checked

agents automation claude cli devtools github-action prompt-injection security

Last synced: 18 Jan 2026

https://github.com/sixt/hardcoded-slack-webhook-alerter

This tool can be used to scan for hardcoded Slack webhooks and send an alert to each one about the dangers of hardcoded credentials.

credentials devsecops pentesting secrets security security-tools

Last synced: 14 Jan 2026

https://github.com/rmkanda/sample-api-service

Sample Spring API for testing

sample security spring-boot vulnerable-app

Last synced: 22 Apr 2025

https://github.com/xrian/mongoose-encrypt-field

对将要保存到 mongodb 中的字段 加解密.基于 mongoose.

crypto encrypt encryption mongodb mongoose mongoose-plugin nodejs security typescript

Last synced: 18 Jan 2026

https://github.com/illusioxd/weatherfastapi

RESTful FastAPI Weather API with JWT authentication, email OTP verification, and MongoDB integration.

api authentication backend educational-project email-verification fastapi jwt microservices mongodb python rest security weather web-development

Last synced: 22 Aug 2025

https://github.com/jahed/knock

A simple port knocker. Given a host, looks up its port sequence and knocks on it.

port-knocker port-knocking powershell security shell ssh

Last synced: 25 Nov 2025

https://github.com/thomas-maurice/unseal-vault

Binary to initialise/unseal a Vault server

golang security vault vault-api

Last synced: 13 Jan 2026

https://github.com/kavindu-mane/gpn8-password-manager

First year Semester 2 final project - group 8 (2021) , Uva Wellassa University , Sri Lanka.

password password-generator password-manager security

Last synced: 06 Apr 2025

https://github.com/m4stanuj/cai-osint

Autonomous OSINT and penetration testing framework. Shodan + Nmap + Nuclei orchestrated by AI. CEH-aligned methodology.

cybersecurity nmap nuclei osint pentesting python security shodan

Last synced: 29 May 2026

https://github.com/olivr/terraform-aws-identity-account

An "identity" AWS account setup using Cognito as an identity provider in AWS IAM.

auth0 authentication authorization automation aws cloud cognito identity infrastructure-as-code security terraform

Last synced: 11 Apr 2026

https://github.com/samsung/security

Samsung Security Advisory

advisory disclosure-policy scope security

Last synced: 04 Jan 2026

https://github.com/gitbolt/insecure-program

An intentionally made insecure Anchor program for Solana Summer Fellowship 2024

anchor security solana

Last synced: 20 Oct 2025

https://github.com/byjohnmichael/sealed-wallet

Sealed Wallet is a set of python scripts to enable you to create and manage air-gapped crypto wallets

air-gapped-wallet arch-linux cryptocurrency cryptography security

Last synced: 15 May 2026

https://github.com/lewisgoddard/monopoly

WIP: Configuration items for full Microsoft integration with online services from a hybrid domain system.

aad config integration microsoft security sharepoint windows

Last synced: 30 Jun 2025

https://github.com/f33rni/homeland-sees

RaspberryPi / OrangePi based simple automated surveillance camera project with Telegram bot integration

bot camera ffmpeg home-security orange-pi orangepi python raspberry-pi security surveillance telegram telegram-bot

Last synced: 20 Apr 2026

https://github.com/containerssh/charts

The ContainerSSH Helm charts

devsecops docker kubernetes security ssh

Last synced: 20 Jul 2025

https://github.com/infineon/mtb-example-psoc6-security

This is a minimal starter dual-CPU security application template for PSoC™ 62/63 MCU devices. This code example is meant to be a companion to the AN221111 – PSoC™ 6 MCU: Designing a secured system application note. It demonstrates the following features to create a secured system as explained in the application note.

cy8ckit-062-ble cy8ckit-062-wifi-bt cy8ckit-062s2-43012 cy8cproto-062-4343w cy8cproto-062s3-4343w cy8cproto-063-ble security

Last synced: 25 Jun 2025

https://github.com/fadhilthomas/firebase-exploit

go-firebase-exploit or gfe is a tool for exploiting insecure firebase databases

cve golang security

Last synced: 10 Mar 2026

https://github.com/lukes-05/generate-password

Generate a cryptographically secure password in Python.

password password-generator python python3 security

Last synced: 28 May 2026

https://github.com/capiscio/capiscio-sdk-python

Runtime security middleware for A2A (Agent-to-Agent) protocol agents. Provides always-on validation, signature verification, and rate limiting for AI agent interactions.

a2a a2a-protocol agent-to-agent ai-agents middleware protocol python rate-limiting sdk security trust validation

Last synced: 17 Jan 2026

https://github.com/rignaneseleo/easy-gpg4win

Easy explanation of basic use of gpg4win

decryption encryption gdpr gnupg gpg4win security

Last synced: 04 Jan 2026

https://github.com/dohabanoui/security-of-distributed-systems-oauth2-oidc-and-keycloak

Securing distributed systems using Keycloak, an identity and access management server compliant with OAuth2 and OIDC standards, integrated with Spring Boot and Angular.

angular auth2 distributed-systems keycloak oidc openfeign security spring-boot spring-security

Last synced: 09 May 2026

https://github.com/djvirus9/awesome-devsecops-mastery-2026

🛡️ A curated, actionable checklist for securing CI/CD pipelines and Kubernetes clusters in 2026.

automation awesome checklist cybersecurity devsecops kubernetes security techniques

Last synced: 12 Mar 2026

https://github.com/mohammadshahidbeigh/mindvault

A full-stack web application that allows users to manage their personal knowledge base. Users can save articles, research papers, books, and other content.

apollo-client apollo-server-express aws-ec2 axios cicd-pipeline docker docker-compose graphql jwt-auth material-ui mongodb morgan-middleware nginx nodejs rate-limiting react react-router reactreduxtoolkit security

Last synced: 10 Feb 2026

https://github.com/zd87pl/slm-vault

Privacy-first AI personal data manager. A local trusted agent that external AIs command via MCP — they never see your documents. Encrypted storage, local RAG, activity logging, and per-agent permissions.

agentic-ai ai apple-silicon encryption llm local-first mcp mlx model-context-protocol personal-data privacy python rag security

Last synced: 13 Apr 2026

https://github.com/ed7hunt/linux-public

I use these tools occasionally, and have posted these mainly for myself. If you are looking for something more specific, just ask.

anti-virus backup bash certificate chage epoch-time fqdn ip-address linux nslookup rsync savtray security sudo symantec unlock

Last synced: 09 Apr 2026

https://github.com/remotiq/wa2fa-meta

Meta WhatsApp 2FA plugin for Keycloak (Java): OTP login step, phone verification required action, QR verify flow, and login security alerts.

2fa keycloak saml security sso whatsapp

Last synced: 21 Feb 2026

https://github.com/joelayo/kubectl-go-mcp-server

MCP server for secure Kubernetes Interaction via kubectl commands. Enables AI assistants like GitHub Copilot to safely interact with K8s clusters with robust validation and security.

copilot devops go golang k8s-tools kubectl kubernetes mcp-server model-context-protocol security

Last synced: 17 Apr 2026

https://github.com/ctkqiang/backdoortheory

这是一个基于 Erlang 构建的高并发 TCP 后门模拟框架,旨在真实复刻黑客如何伪装一个正常应用的行为,实则在后台运行隐秘通信逻辑,支持十万级并发连接、自定义命令-数据分离协议、自动数据落地与 Mnesia 分布式持久化存储,并通过彩色日志与复杂度优化构建极致可控性和可扩展性,适用于教育、安全研究、红队演练与恶意软件行为模拟场景,全面揭示现代木马应用的工程结构与潜在攻击链。

backdoor beam china chinese ctkqiang cybersecurity erlang erlang-developement erlang-otp network nmap otp python security tcp tcp-server trojan vulnerability

Last synced: 09 Oct 2025

https://github.com/samuel-lucas6/clipboardclear

Clear your clipboard with one click.

clipboard clipboard-clear clipboard-management security

Last synced: 09 Oct 2025

https://github.com/edneedham/cred

A command-line tool to manage secrets and environment variables locally and remotely.

cli rust secrets security

Last synced: 04 Feb 2026

https://github.com/wackysysadmin/ocsp-responder-container

This is a containerised version of OpenSSL's OCSP web responder.

certificates crl ocsp openssl openssl-certs openssl-extension responder security

Last synced: 10 Mar 2026

https://github.com/astrid-project/cb-manager

APIs to interact with the Context Broker's database. Through a REST Interface, it exposes data and events stored in the internal storage system in a structured way. It provides uniform access to the capabilities of monitoring agents.

agent beats control data ebpf elasticsearch log logstash management programmability security

Last synced: 30 Jun 2025

https://github.com/sorah/hocho-jwt

Pass JWT to servers on hocho apply

hocho itamae jwt provisioning security

Last synced: 09 Oct 2025

https://github.com/pahaz/open-node-js-edr

Secure one file easy to understand and install zero-dependent cross-platform Endpoint Detection & Response security tool

cross-platform edr endpoint-protection endpoint-security open-source reverse-shell security

Last synced: 26 Mar 2025

https://github.com/dideler/fish-index

🐟 Shows indexed chars for hidden or visible text data

fish fish-packages fish-plugin fish-shell fisherman oh-my-fish security sensitive-data

Last synced: 02 Sep 2025

https://github.com/oktadev/okta-jpaseto-example

Example of how to use JPaseto

example java paseto security tokens

Last synced: 13 Oct 2025

https://github.com/turbot/flowpipe-mod-sendgrid

SendGrid pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect SendGrid to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code orchestration pipelines security sendgrid sendgrid-api trello-se twilio-sendgrid workflow workflow-automation workflow-engine

Last synced: 19 Mar 2026

https://github.com/zezav-cz/NetworkClock

Server app for time shearing

csharp security time

Last synced: 15 Oct 2025

https://github.com/priyanshu-vyas/privacy-security-dashboard

A cybersecurity extension project to show privacy info and extra security options in a dashboard.

cybersecurity dashboard extension information infosec privacy security

Last synced: 15 Oct 2025

https://github.com/ajtatum/babou.aspnetcore.securityextensions

Babou is concerned about security, so I created a .NET Standard 2.0 Security Extensions package for him. Babou is from the TV show Archer and is not affiliated with this package.

asp-net-core babou dotnet dotnetcore dotnetcore3 http-headers security

Last synced: 11 Apr 2026

https://github.com/turbot/flowpipe-mod-gitlab

GitLab pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect GitLab to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod gitlab gitlab-api hacktoberfest integrations low-code orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 15 Oct 2025

https://github.com/shnatsel/libdiffuzz-c99

Custom memory allocator that helps discover reads from uninitialized memory (portable C99 implementation)

fuzz-testing fuzzing memory-allocator portable sanitizer security security-audit security-testing security-tools

Last synced: 16 Oct 2025

https://github.com/approov/demo-android-chatgpt

Android ChaptGPT Kotlin mobile app demo for the OpenAI GPT-3 API to send questions and get responses. This repo will be used as the basis for a series of articles on how to properly hide secrets in a mobile app.

android approov chatgpt secrets security

Last synced: 14 Apr 2026

https://github.com/serverfarmer/sf-samba-manager

sf-samba-manager extension provides scripts for Samba servers management, that can be used with sf-samba-server extension.

samba samba-server security security-automation security-tools storage user-management user-manager

Last synced: 18 Oct 2025

https://github.com/logicalhacking/secureuml-gui

A ArgoUML extensions for modelling SecureUML supporting various SecureUML dialects with and without support for Generic Break Glass concepts.

modelling-framework secure security uml

Last synced: 19 Oct 2025

https://github.com/destan0098/checkwpjson

This Tool Check Wordpress WP-Json and if opened show Website Users

security security-tools vulnerability wordpress

Last synced: 27 Jan 2026

https://github.com/satvikx/project-usb

This is a software which enhances the physical security of the Computers and protects it from BadUSBs by blocking the USB ports (essentially by running batch scripts).)

batch-script gui python security tkinter usb

Last synced: 23 Jan 2026

https://github.com/anseki/gnirts-loader

gnirts loader module for webpack - Obfuscate string literals in JavaScript code.

literal loader mangle obfuscate obfuscation obfuscator password secret security string webpack

Last synced: 06 Feb 2026

https://github.com/buskill/trigger_cryptomator_umount

Trigger to close encrypted cryptomator volumes

anti-forensics deadmanswitch infosec opsec security tripwire

Last synced: 22 Oct 2025

https://github.com/gms1/journalcheck

audit systemd journal entries with configurable priority filtering, pattern matching, and security violation detection

admin audit journal journald logcheck logging monitoring security systemd

Last synced: 15 Mar 2026

https://github.com/simplepie/.github.bak

Information about being part of the SimplePie community.

code-of-conduct community contributing license ng security simplepie simplepie-ng

Last synced: 06 Feb 2026

https://github.com/marcelo-theodoro/lambdatotp

lambdatotp is an application to implement TOTP authentication using Amazon Lambda e DynamoDB.

amazonlambda authentication chalice dynamodb security totp

Last synced: 04 Jul 2026

https://github.com/charfweh/infosec-labs

Do-It-Yourself Infosec labs, create your own lab and exploit it!

infosec lfi penetration-testing security source-code-review sql

Last synced: 19 Mar 2026

https://github.com/tiny-md/harden-urls

Secure URL sanitization and hardening utilities for Markdown and HTML — includes `rehype-harden-urls` and `harden-react-markdown-urls` for safe rendering.

harden-react-markdown links markdown react-markdown rehype sanitize security url validation xss

Last synced: 26 Oct 2025