An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/fabaff/security-lab

Fedora Security Lab - The Fedora Security Lab (FSL) provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. This repository is a copy of the original development.

fedora fedora-security-lab lab osstmm pentesting security spin

Last synced: 20 Aug 2025

https://github.com/Ahoo-Wang/CoSec

RBAC-based And Policy-based Multi-Tenant Reactive Security Framework | 基于 RBAC 和策略的多租户响应式安全框架

authentication authorization cloud-native gateway identity java jwt kotlin microservice multi-tenant oauth2 policy project-reactor rbac reactive redis security spring-boot spring-cloud spring-cloud-gateway

Last synced: 02 Apr 2025

https://github.com/ahoo-wang/cosec

RBAC-based And Policy-based Multi-Tenant Reactive Security Framework | 基于 RBAC 和策略的多租户响应式安全框架

authentication authorization cloud-native gateway identity java jwt kotlin microservice multi-tenant oauth2 policy project-reactor rbac reactive redis security spring-boot spring-cloud spring-cloud-gateway

Last synced: 01 Apr 2026

https://github.com/paulveillard/cybersecurity-security-harderning

A collection of awesome security hardening software, libraries, learning tutorials & documents, e-books, best practices, checklists, benchmarks about hardening in Cybersecurity

ami linux-hardening os-hardening security security-audit security-hacks security-hardening ubuntu-hardening ubuntu-sec-tools vulnerability vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanning windows-hardening

Last synced: 07 Jul 2025

https://github.com/jpcertcc/cobaltstrike-config

Repository for archiving Cobalt Strike configuration

malware security

Last synced: 16 Feb 2026

https://github.com/bytemare/opaque

Go implementation of OPAQUE, the asymmetric password-authenticated key exchange protocol.

cryptography elliptic-curves encryption go golang opaque password-safety ristretto255 security

Last synced: 10 Apr 2025

https://github.com/pigri/cf-n8n-proxy

Cloudflare worker for n8n proxy

cf cloudflare firewall n8n proxy rate-limit security

Last synced: 29 Dec 2025

https://github.com/grapheneos/platform_packages_apps_updater

Automatic background updater for modern Android. See https://github.com/GrapheneOS/script/blob/15/generate_metadata.py for the server metadata generation tool.

android grapheneos privacy security

Last synced: 07 Apr 2025

https://github.com/kubescape/node-agent

Kubescape eBPF agent 🥷🏻

ebpf kubernetes kubescape security

Last synced: 26 Jun 2026

https://github.com/moritzheiber/crowbar

Securily generates temporary AWS credentials through identity providers using SAML

aws aws-cli cli idp jumpcloud mfa okta rust saml security single-sign-on

Last synced: 13 Apr 2025

https://github.com/paragonie/libgossamer

Public Key Infrastructure without Certificate Authorities, for WordPress and Packagist

blake2 crypto cryptography digital-signature ed25519 gossamer php pki secure-code-delivery security sha384 wordpress

Last synced: 15 Jul 2025

https://github.com/knqyf263/go-cpe

A Go library for CPE (A Common Platform Enumeration 2.3)

cpe security security-tools

Last synced: 24 Jul 2025

https://github.com/cesarferreira/seguro

Secure persistence using AES+CBC encryption on Android with no dependencies.

aes android cbc library security seguro sharedpreferences

Last synced: 14 Apr 2025

https://github.com/seal-community/cli

A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.

appsec cli cve fix hotfix patch remediation scan seal security update upgrade vulnerabilities

Last synced: 10 May 2026

https://github.com/firefart/pastebin_scraper

golang program to parse Pastebin for keywords and send them per E-Mail

go golang pastebin pastebin-scraper scraper security

Last synced: 07 Mar 2026

https://github.com/aregowe/magento2-module-polyshell-protection

Comprehensive defense-in-depth Magento 2 module that closes the PolyShell unrestricted file upload vulnerability (APSB25-94) — blocking polyglot webshell uploads across eight interception layers including request path blocking, controller-level upload prevention, polyglot file detection, and framework-level image hardening.

magento magento2 php php8 security

Last synced: 21 Apr 2026

https://github.com/controlplaneio/threat-modelling-labs

Labs for Threat Modelling training delivered by ControlPlane

kubernetes security threatmodelling training

Last synced: 24 Oct 2025

https://github.com/marcusminus/orthrus-blocklist

List to block ads, trackers & malwares. Plus 200.000 unique domains and about 4 MB in size.

adblock ads blacklist blocklist domain domains filter filters hosts hostsfile internet malware pi-hole pihole privacy security tracker tracking

Last synced: 24 Oct 2025

https://github.com/robertdebock/ansible-role-vault

Install Hashicorp Vault, either a package or a binary.

ansible hashicorp molecule playbook security tox vault

Last synced: 23 Oct 2025

https://github.com/tstromberg/ttp-bench

Adversary emulation for EDR/SIEM testing (macOS/Linux)

benchmark edr ids intrusion ioc security ttp

Last synced: 01 May 2025

https://github.com/openclarity/kubeclarity

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems

kubernetes kubernetes-security sbom scanner security supply-chain vulnerabilities

Last synced: 29 Dec 2025

https://github.com/jchambers/id-obfuscator

A Java library for reversibly obfuscating numerical identifiers (e.g. 1234 ↔ 4TQCNTL)

java obfuscation security

Last synced: 26 Mar 2025

https://github.com/simone-sanfratello/node-security-checklist

node.js server security checklist

nodejs security

Last synced: 30 Apr 2025

https://github.com/k8gege/k8badusb

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

badusb downexec exploit hacking pentest powershell security tennsy

Last synced: 17 Mar 2026

https://github.com/Rohde-Schwarz/botan

Crypto and TLS for C++11

c-plus-plus crypto cryptography security tls x509

Last synced: 11 Mar 2025

https://github.com/kpcyrd/archlinux-userland-fs-cmp

Forensic tool to read all installed packages from a mounted Arch Linux drive and compare the filesystem to a trusted source

archlinux forensics integrity pacman rust security

Last synced: 27 Jan 2026

https://github.com/probiusofficial/better_starlink

更好的可读性和视觉效果,优雅的与源项目404StarLink保持同步。 https://starlink.tjsec.cn/

opensource security tools

Last synced: 26 Apr 2025

https://github.com/gajus/sguid

Signed Globally Unique Identifier (SGUID) generator.

guid security signing

Last synced: 15 Apr 2025

https://github.com/gamemann/the-dpdk-common

A repository that includes common helper functions for writing applications in the DPDK. I will be using this for my future projects in the DPDK.

bypass c common cyber cyber-security cybersecurity dpdk fast intel kernel low-level net-programming network-programming networking networkprogramming packet security

Last synced: 20 Jul 2025

https://github.com/kiding/apple-ocsp-noiser

Privacy-Preserving Noise Machine for Apple Developer ID OCSP

big-sur macos ocsp pki privacy security

Last synced: 08 Apr 2025

https://github.com/grapheneos-archive/attestationsamples

A small subset of the submitted sample data from https://github.com/GrapheneOS/Auditor. It has a sample attestation certificate chain per device model (ro.product.model) along with a subset of the system properties from the sample as supplementary information.

android attestation authenticity cryptography hsm integrity remote-attestation secure-boot secureboot security strongbox verifiedboot

Last synced: 09 May 2025

https://github.com/skx/pam_pwnd

A PAM module to test passwords against previous leaks at haveibeenpwned.com

haveibeenpwned linux pam pam-module security ssh sudo

Last synced: 17 Apr 2025

https://github.com/ryokacchi/discordjs-security

Security bot with configuration

bot discord discordapp javascript security

Last synced: 22 Apr 2025

https://github.com/bezzad/securechat

Node.js based, client side asymmetric encrypted instant chat channel

aes aes-256 chat communication e2ee encrypted-chat instant-messaging secure-chat secure-communication security

Last synced: 24 Jul 2025

https://github.com/emphereio/ovrse

Reference engine and content library for the Open Vulnerability Remediation Specification (OVRS) — a standard format for describing how to fix vulnerabilities.

cve devsecops remediation sbom security specification vulnerability

Last synced: 03 Mar 2026

https://github.com/coinfabrik/scout-audit

Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development on which we extend scout for specific blockchains.

audit auditing blockchain ink rust security smart-contracts soroban static-analysis substrate vulnerability-detection

Last synced: 04 Oct 2025

https://github.com/binorassocies/brostash

brostash: Linux distribution based on Debian and focusing on network security events collection

bro bro-ids debian elk filebeat linux linux-distribution packetbeat pf-ring security

Last synced: 30 Oct 2025

https://github.com/typeerror/crystalball

An enchanting 🔮 web screenshot tool for capturing and sharing web content effortlessly

bugbounty enumeration infosec security web-screenshot

Last synced: 14 Apr 2025

https://github.com/Ryokacchi/discordjs-security

Security bot with configuration

bot discord discordapp javascript security

Last synced: 14 Apr 2025

https://github.com/jwilk/ttyjack

proof-of-concept tty hijacking via TIOCSTI or TIOCLINUX

security

Last synced: 07 Mar 2026

https://github.com/CremitHQ/nebula

💫 Nebula: An open-source secret management solution secure, scalable, and flexible handling of secret across multiple domains.

attribute-based-encryption cli cryptography rust secret secret-management secret-manager secret-sharing security vault

Last synced: 07 Nov 2025

https://github.com/ja7ad/otp

A high-performance, zero-dependency Go package for generating and validating TOTP, HOTP and OCRA one-time passwords — RFC 4226, RFC 6238 and RFC 6287 compliant.

2fa authentication go golang hotp mfa otp rfc4226 rfc6238 rfc6287 security totp

Last synced: 06 Sep 2025

https://github.com/tijme/reverse-engineering

This repository contains some of the executables that I've cracked.

arm armv7 assembly crackme hacking reverse-engineering security x86 x86-64

Last synced: 25 Apr 2025

https://github.com/Polaristow/awesome-ton-security

A curated list of awesome ton security resources

func security security-audit security-tools tact ton ton-blockchain

Last synced: 13 Jun 2025

https://github.com/stfbk/mqttsa

A tool to assist IoT developers in securing MQTT-based IoT deployments

mqtt security

Last synced: 17 Jan 2026

https://github.com/henry-fisher/privacyresources

A list of resources to help me keep track of important news/studies/projects/etc. in the privacy & security world.

anonymous privacy privacy-protection privacy-tools security security-tools

Last synced: 05 Apr 2026

https://github.com/reime005/react-native-secure-element

The most secure way to encrypt and decrypt personal data on a mobile device. Automatically E2E tested and deployed via Github Actions CI/CD.

android hacktoberfest ios java keychain keystore objc react react-native security typescript

Last synced: 06 Apr 2025

https://github.com/0x0be/mitm

A simple yet effective python3 script to perform DNS spoofing via ARP poisoning

arp-poisoning dns-spoofing hacking mitm monitoring network-attacks python3 security spoofing

Last synced: 09 Jul 2025

https://github.com/rbidou/pyrasp

PyRASP is a Runtime Application Self Protection package for Python-based Web Servers (Flask, FastAPI and Django), Serverless Functions (AWS Lambda, Azure and Google Cloud Functions) and MCP Servers (FastMCP)

application-security aws-lambda azure-functions django fastapi fastmcp flask gcp-cloud-functions mcp mcp-servers rasp runtime-security security

Last synced: 14 Dec 2025

https://github.com/inblocks/precedence

precedence brings secure blockchain-powered traceability features to your already existing legacy information system

blockchain existence precedence proof proof-of-existence proof-of-ownership proof-of-process security traceability

Last synced: 03 Apr 2025

https://github.com/cirruslabs/softnet

Software networking with isolation for Tart

dhcp firewall networking packet-filter security tart vmnet

Last synced: 06 May 2025

https://github.com/johndoe31415/ratched

Ratched is a transparent Man-in-the-Middle TLS proxy intended for penetration testing

attack intercept mitm pentest security ssl tls

Last synced: 30 Dec 2025

https://github.com/ollionorg/gcp-landing-zone

Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

cis-gcp-benchmark cloud-compliance cloud-security compliance foundation gcp gcp-enterprice-foundations-blueprint gcp-landing-zone gcp-landing-zones google-cloud-landing-zone google-cloud-landing-zone-platform nist800-53 opa pci-dss regula security security-foundation

Last synced: 12 Apr 2025

https://github.com/backslash-security/Claw-Hunter

Claw Hunter is an open-source security tool (MDM) by Backslash Security, designed to detect, audit & secure OpenClaw/Moltbot shadow AI agents across macOS, Linux & Windows endpoints.

clawdbot itsec itsecurity mdm openclaw security shadow-ai shadow-ai-detector vibe-coding

Last synced: 16 Feb 2026

https://github.com/theme-next/hexo-leancloud-counter-security

A plugin to fix a serious security bug in leancloud visitor counter for NexT.

hexo leancloud leancloud-database leancloud-visitor-counter security

Last synced: 10 Jul 2025

https://github.com/wultra/powerauth-mobile-sdk

PowerAuth mobile SDK adds capability for authentication and transaction signing into the mobile apps (iOS, tvOS, watchOS, Android).

android android-sdk authentication banking ios ios-sdk mobile mobile-security passwordless passwordless-authentication psd2 sdk security strong-customer-authentication

Last synced: 31 Jul 2025

https://github.com/brunobonacci/1config

A command line tool and a library to manage application secrets and configuration safely and effectively.

aws aws-lambda clojure configuration configuration-management java security

Last synced: 17 Mar 2025

https://github.com/0xpolygon/storage-delta

Real-time smart contract storage auditor.

foundry security

Last synced: 26 Aug 2025

https://github.com/vincezk/authorization

An Object Oriented Authorization Framework for Node.js

acl authorization authorization-profiles identity nodejs passport security

Last synced: 29 Jun 2025

https://github.com/binarcode/laravel-stateless-session

CSRF verification and session persistent through request/response headers.

csrf laravel php security session

Last synced: 15 May 2025

https://github.com/raffaeleflorio/qubes-url-redirector

This browser extension, designed for Qubes OS, blocks and/or redirects non whitelisted URLs to another qube of your choice.

browser-addon browser-extension browser-plugin browser-security open-in-qube open-url-in-qube qubes qubes-os qubes-url-redirector security url-redirection webextension webextensions

Last synced: 09 Apr 2025

https://github.com/telagod/code-abyss

☠️ 一键为 Claude Code / Codex CLI 注入邪修人格与 40+ 安全工程秘典 | npx code-abyss

ai-assistant blue-team claude-code cli codex-cli configuration prompt-engineering red-team security

Last synced: 12 Apr 2026

https://github.com/skyzyx/bad-passwords

A list of the top 10,000 most-used passwords from hacked password lists.

passwords php security

Last synced: 17 Sep 2025

https://github.com/seanmajorpayne/opendashauth

A Multi-User Authentication Baseplate for Dash Applications

authentication dash flask python3 security

Last synced: 12 Jun 2025

https://github.com/panther-labs/tutorials

Cloud security tutorials and best practices

aws cloud security

Last synced: 12 Aug 2025

https://github.com/banujan6/csrf-handler

A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.

csr csrf csrf-prevention csrf-tokens hack pentesting php php-library security web-app

Last synced: 11 Jan 2026

https://github.com/kayranfatih/awesome-iot-and-hardware-security

A collection of awesome tools, books, resources, software, documents and cool stuff about IoT and HW security.

awesome awesome-list cybersecurity embedded hardware iot pentest security

Last synced: 01 May 2026

https://github.com/mxrxdxn/pwned-passwords

A PHP library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach.

breach password password-strength passwords php php7 pwnedpasswords security

Last synced: 14 Feb 2026

https://github.com/cymmetria/weblogic_honeypot

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

deception execution-vulnerability honeypot oracle security security-tools security-vulnerability vulnerability weblogic weblogic-server

Last synced: 04 Apr 2026

https://github.com/kee-org/keevault2

Kee Vault 2 is a password manager for multiple devices. Password databases (Vaults) are encrypted using the KeePass storage format (KDBX) before being stored on the local device or sent to a remote server for synchronisation purposes.

android flutter kee-vault keepass password password-manager password-safety password-security password-store password-vault passwords security

Last synced: 22 Feb 2026

https://github.com/thewh1teagle/chrome-privless-encryption

A PoC demonstrating how to bypass Chrome v20+ appbound encryption to extract HTTP-only and secure cookies using Chrome's Remote Debugging Protocol, without admin rights.

appbound chrome cookies encryption hacking security

Last synced: 14 Oct 2025

https://github.com/zidansec/subscan

Subscan is a simple tool for subdomain scanner, it can scan subdomains fast.

cyber-security hacktool information-security linux-tools osint osint-tool pentest pentest-tool security subdomain-scanner

Last synced: 25 Mar 2025

https://github.com/cylonix/cylonix

Fully open sourced client app alternative to Tailscale

mesh-vpn network sase security tailscale vpn wireguard ztna

Last synced: 04 Apr 2026

https://github.com/ex0dus-0x/microkv

Minimal and persistent key-value store designed with security in mind

crypto database rust security systems

Last synced: 15 Aug 2025