Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-06-25 00:24:17 UTC
- JSON Representation
https://github.com/gregwar/mitm
Man in the middle tool
arp-poisoning attack audit c network replayed-packets security security-tools
Last synced: 08 Jul 2025
https://github.com/sysdiglabs/scan-action
Inline Image Scan Github Action
image-scanning scan scanning security sysdig-scanning vulnerability vulnerability-scanners
Last synced: 08 Apr 2025
https://github.com/ScribeMD/rootless-docker
Run Docker in Rootless Mode to Prevent Permission Errors
asdf composite-action conventional-commits docker editorconfig github-actions github-actions-docker megalinter nodejs permissions pre-commit prettier python python-poetry renovate rootless-docker security semver vscode yaml
Last synced: 08 Jul 2025
https://github.com/permify/targe
Open-source CLI for managing IAM (Identity and Access Management) operations with AI assistance.
authorization aws awscli azure cloud gcp iam security
Last synced: 14 Jun 2025
https://github.com/snapt/traefik-nova-plugin
Traefik plugin to proxy requests to Snapt Nova for evaluation against the WAF.
Last synced: 15 Jan 2026
https://github.com/gamemann/packet-flooder
A packet flooding/generating program I made that supports TCP, UDP, and ICMP packets. Includes functionality to change characteristics per packet and is also multithreaded.
c denial-of-service dos dos-attack fast flood flooding multithreading network packet packet-flood packet-flooder packet-generator packetflood pcktflood pcktgen pentest pentest-tool pentesting security
Last synced: 18 Mar 2025
https://github.com/masterflomaster1/jfxcrypto
🔐 150+ Algorithms, Reactive GUI, and More: Text & File Encryption, Hashing, MAC, Key Generation, and Password Strength Evaluation. JCA, JCE with Bouncy Castle
aes aes-256 chacha20 cipher encryption enigma gui hash hmac java javafx md5 mvvm password pbkdf2 rc4 reactive salsa20 security sha-256
Last synced: 13 Jul 2025
https://github.com/pentesttoolscom/pentesttools-github-action
Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.
ci cicd cli continuous-delivery continuous-integration penetration-testing security security-audit security-automation security-hardening security-scanner security-testing security-tools vulnerability-assessment vulnerability-detection vulnerability-scanners
Last synced: 03 Apr 2025
https://github.com/leondz/lm_risk_cards
Risks and targets for assessing LLMs & LLM vulnerabilities
llm llm-security red-teaming security vulnerability
Last synced: 01 Jul 2025
https://github.com/nextcloud/end_to_end_encryption_rfc
🔒 Specification for end-to-end encryption used by Nextcloud sync & mobile apps
encryption encryption-rfc end-to-end-encryption nextcloud nextcloud-sync security
Last synced: 15 Jun 2025
https://github.com/kickstarter/ruby-homograph-detector
🕵️♀️🕵️♂️ Ruby gem for determining whether a given URL is considered an IDN homograph attack
homograph-attack idn-homograph-attack security unicode
Last synced: 20 Oct 2025
https://github.com/YinHangCode/homebridge-mi-gateway-security
XiaoMi Gateway Security plugin for HomeBridge.
aqara gateway homebridge homebridge-plugin security xiaomi
Last synced: 01 Apr 2025
https://github.com/NodeSecure/vulnera
Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).
audit nodesecure npm security vuln vulnerabilities
Last synced: 30 Aug 2025
https://github.com/rocketshipapps/hardenedpaste
[Retired] Hardened Paste is a browser extension that prevents the “pastejacking” exploit.
bash chrome chrome-extension documentation frontend html javascript json security shell
Last synced: 24 Apr 2025
https://github.com/yaroslaff/evalidate
Safe and fast evaluation of untrusted user-supplied python expressions
eval evaluate evaluation expression python python3 safe sandbox secure security validate
Last synced: 06 Apr 2025
https://github.com/sasanlabs/owasp-zap-jwt-addon
OWASP ZAP addon for finding vulnerabilities in JWT Implementations
fuzzer hacktoberfest jwt jwt-scanner owasp scanning security security-tools zap-extension zaproxy
Last synced: 21 Sep 2025
https://github.com/ivan-sincek/chad
Search Google Dorks like Chad. / Broken link hijacking tool.
broken-link-takeover bug-bounty crawler ethical-hacking google google-dorking google-dorks offensive-security penetration-testing playwright python red-team-engagement scraper search-engine security social-media social-media-takeover threat-hunting threat-intelligence web-penetration-testing
Last synced: 10 Mar 2026
https://github.com/sysdiglabs/k8s-security-configwatch
Git action to generate security lint report for Kubernetes workload YAML files on PR
Last synced: 13 Jul 2025
https://github.com/erlendellingsen/digitalocean-developer-firewall
Tool for developers to easily configure firewalls and gain access to their servers when using DigitalOcean cloud firewalls.
digitalocean digitalocean-droplets digitalocean-firewall droplets firewall firewall-management nodejs security server server-management
Last synced: 13 May 2025
https://github.com/circl/imap-proxy
Modular IMAP proxy (including PyCIRCLeanMail and MISP forward modules)
circlean imap imap-protocol imap-proxy proxy security
Last synced: 04 Jul 2025
https://github.com/attumm/maat
Validation and transformation library powered by recursive descent validation algorithm. Made to be extended for any kind of project.
dictionary fast json-schema nested-structures parser security serialization types validation validator
Last synced: 09 Apr 2025
https://github.com/SalehLardhi/google-dorks-toolkit
GoogleDorks Toolkit is a powerful automated tool for google dorks, designed for pentration tester, ethical hackers and bug hunters to detect harmful security vulnerabilities using Google Dorks techniques. It has methods to bypass google captcha and search in a list of any possible program in wild.
bypass-google cybersecurity dorking-tool ghdb google google-captcha google-dork google-dorks google-hacking-database google-scraping googledork googledorks googlehacking googlesearch hackgoogle hacking python scraper security
Last synced: 01 Apr 2025
https://github.com/cybersight-security/osint-toolkit
This repository serves as a comprehensive catalog for tools and websites useful in Open Source Intelligence (OSINT) investigations.
good-first-bug good-first-contribution good-first-issue good-first-issues good-first-pr good-first-pr-first-contribution good-first-project good-first-prs good-practices osint osint-reconnaissance osint-resources osint-tool osint-toolkit osint-tools research security security-audit security-tools thatsinewave
Last synced: 08 Mar 2026
https://github.com/r3dxpl0it/CVE-2018-4407
IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security
Last synced: 22 Apr 2025
https://github.com/duaraghav8/solparse
Solidity Parser for Solium
abstract-syntax-tree ast blockchain decentralized ethereum parse pegjs security smart-contracts solidity solium
Last synced: 17 Mar 2025
https://github.com/vacuumlabs/cardano-ctf
A game where Cardano developers and enthusiasts can try to exploit purposely vulnerable smart contracts and learn about the most common security issues and how to prevent them.
cardano ctf decentralized-finance security smart-contracts vulnerabilities
Last synced: 12 Apr 2025
https://github.com/namecoin/electrum-nmc
Namecoin port of Electrum Bitcoin client.
anticensorship blockchain civil-liberties cryptocurrency cryptography decentralized electrum free-speech hacktoberfest human-rights internet-freedom namecoin namecoin-wallet p2p privacy python security
Last synced: 30 Apr 2025
https://github.com/rrd108/nuxt-api-shield
Nuxt API Rate Limiter / Brute Force Protection
nuxt nuxt-module rate-limiter security
Last synced: 10 Apr 2025
https://github.com/en14c/erebus
Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
c elf elf-binaries elf64 linux linux-system-programming process-injection proof-of-concept security virus x64-assembly
Last synced: 09 Jul 2025
https://github.com/nekmo/pip-rating
Check the health of your project's requirements and get a score for each dependency.
dependencies hacktoberfest pip python rating requirements security security-audit security-tools vulnerabilities
Last synced: 13 Dec 2025
https://github.com/the-mcgrail-foundation/mimedefang
MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter or manipulate your mail.
antispam email filter perl security smtp
Last synced: 01 Jul 2025
https://github.com/khaosdoctor/enigmajs
Full implementation of the 1944 German cryptographic machine in TypeScript with a nice UI
cipher cryptography enigma enigma-cipher enigma-js enigma-machine enigma-simulator javascript security typescript vue
Last synced: 29 Apr 2025
https://github.com/geekmasher/securitree.nvim
SecuriTree - Security Research Tool
Last synced: 06 Mar 2026
https://github.com/Keeper-Security/keeper-sdk-dotnet
.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.
commander dotnet password-manager passwords powershell security
Last synced: 05 May 2025
https://github.com/VerSprite/alpnpass
This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic again and send it to the target of your choice. Unlike most SSL stripping solutions this tool will negotiate ALPN and preserve the negotiated protocol all the way to the target.
alpn mitm mitmproxy security security-tools ssl tls
Last synced: 11 Jul 2025
https://github.com/techgaun/plug_secex
Plug that adds various HTTP Headers to make Phoenix/Elixir app more secure
elixir hex hex-downloads http-headers phoenix plug plug-secex security
Last synced: 13 Jun 2025
https://github.com/univ-of-utah-marriott-library-apple/disable_sip
This script is used in the recovery partition to automatically disable SIP.
bash mac macadmin macadmins security system-integrity-protection
Last synced: 10 Apr 2025
https://github.com/0xInfection/PewSWITCH
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers
Last synced: 11 Jul 2025
https://github.com/keeper-security/keeper-sdk-dotnet
.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.
commander dotnet password-manager passwords powershell security
Last synced: 05 Apr 2025
https://github.com/junkurihara/lecture-security_engineering
Slide decks and sample codes for a lecture of "Security Engineering", which are composed in terms of how to choose and deploy appropriate standardization security technologies in information systems.
lecture lecture-slides security university-course
Last synced: 14 Apr 2025
https://github.com/bobek/masscan_as_a_service
masscan as a service
audit bare-metal cloud containers git-scraping masscan phabricator security security-scanner security-tools sre
Last synced: 25 Jan 2026
https://github.com/jenkinsci/azure-ad-plugin
Authentication and Authorization with Azure AD
azure hacktoberfest security user
Last synced: 06 Apr 2025
https://github.com/asggo/spf
Parse SPF record and determine if client IP is allowed to send email.
dns go golang security sender-policy-framework spf spf-record
Last synced: 03 Feb 2026
https://github.com/shelld3v/flydns
Related subdomains finder
bug-bounty bugbounty hacking infosec network-security osint pentest pentesting recon reconnaissance security subdomains subdomains-discovery
Last synced: 22 Mar 2025
https://github.com/javiercasares/wpvulnerability
Plugin WPVulnerability for WordPress. https://wordpress.org/plugins/wpvulnerability/
php security vulnerability wordpress wordpress-plugin
Last synced: 13 Jun 2025
https://github.com/ariary/tacos
🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)
ctf golang infosec interactive pentest pentest-tool reverse-shell security socat
Last synced: 26 Apr 2025
https://github.com/lubux/ecelgamal
Additive homomorphic EC-ElGamal
c cryptography homomorphic-encryption java secure-computation security
Last synced: 12 Oct 2025
https://github.com/arall/vulnerabilities
Examples of different vulnerabilities, in a variety of languages, shapes and sizes.
dast sast security vulnerabilities vulnerability vulnerable vulnerable-app vulnerable-application
Last synced: 22 Jan 2026
https://github.com/grahamhelton/spoofpoint
Spoofpoint is a domain monitoring tool that allows you to generate a list of domains that are 1 character off of your domain (grahamhelton.com turns into -> grahamheIton.com ((The L is a capital I )), check a list of domains you already have, or check as single domain.
domain domain-monitoring security
Last synced: 22 Jan 2026
https://github.com/hunters-org/hunter-kit
Hunter-Kit is a cross platform security toolkit and framework that can automate most of the pentesting engagement from the recon to reporting phase
attacks autmation frameworks pentesting-tools reconnaissance security security-tools toolkit
Last synced: 12 Mar 2026
https://github.com/anthonysgro/geospoof
Browser extension to spoof your geolocation, timezone, and prevent WebRTC IP leaks.
browser firefox gecko geolocation privacy security spoof spoofing spoofing-detection timezone vpn
Last synced: 27 May 2026
https://github.com/fabaff/fsl-test-bench
FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.
ansible fedora fedora-security-lab pentesting playground security vulnerable
Last synced: 15 Apr 2025
https://github.com/wolfssl/wolfssh-examples
Example applications using the wolfSSH Library.
embedded esp32 esp8266 examples getting-started iot security ssh ssh-examples wolfssh wolfssl
Last synced: 23 Aug 2025
https://github.com/rverton/gxss
Blind XSS service alerting over slack or email
blind-xss exfiltration pentesting security xss
Last synced: 09 Mar 2026
https://github.com/gnat/csrf-starlette-fastapi
Dead simple CSRF security middleware for Starlette ⭐ and FastAPI ⚡
async csrf fastapi htmx hyperscript python security starlette web
Last synced: 15 Apr 2025
https://github.com/sefinek/malicious-ip-addresses
A list of malicious IP addresses associated with botnets, cyberattacks, and the generation of artificial traffic on websites. Useful for network administrators and security companies to block threats and protect against DDoS attacks.
botnets cybersecurity ddos ddos-protection firewall google-adsense ip-list list malicious malicious-ips malicious-url malicious-url-detection network-monitoring protection security security-tools threat-detection traffic-analysis
Last synced: 25 Jul 2025
https://github.com/datadog/nginx-datadog
Enhance NGINX Observability and Security with Datadog's Module
apm appsec datadog nginx observability security tracing
Last synced: 06 Feb 2026
https://github.com/theupdateframework/taps
TUF Augmentation Proposals (TAPs)
Last synced: 25 Feb 2026
https://github.com/yusuf-daglioglu/mitmproxy_redirector
Redirect your web browser to your any enviroment
http local-development man-in-the-middle mitmproxy productivity proxy security ssl websocket
Last synced: 15 Apr 2025
https://github.com/optum/cloudig
Cloud governance reports from native services in a clear and readable digest
athena audit aws aws-config aws-iam aws-phd cloud cloudtrail compliance ecr-scan go governance inspector least-privilege reporting security trusted-advisor well-architected
Last synced: 14 Apr 2025
https://github.com/pwelch/virustotal_api
Ruby Gem for VirusTotal API
malware-analysis ruby security
Last synced: 15 Apr 2025
https://github.com/claude-world/claude-skill-antivirus
Security scanner for Claude Code Skills — 9 engines detect malicious patterns, data exfiltration, dangerous ops across 71K+ skills
claude-code claude-code-skills malware-detection nodejs npm scanner security
Last synced: 03 Apr 2026
https://github.com/bmedicke/quantum_cryptography
demonstration of quantum cryptography 🐈 🔐 , one-time pad communication via BB84. repo for our IT Security Master project
alice bb84-protocol beam-splitter bob cryptography docker docker-compose hardware jupyter-notebooks lasers master mcs mqtt photons quantum quantum-cryptography rabbitmq security theory thorlabs
Last synced: 02 Apr 2025
https://github.com/wolfssl/osp
wolfSSL Open Source project ports
apache cryptography freeradius git hostapd krb5 nginx openssh openssl-alternative python qt security stunnel wolfssl
Last synced: 08 May 2025
https://github.com/va1da5/manual-source-code-review
Regex patterns for manual application source code review
bugs oswe oswe-prep regex-pattern review security web-300
Last synced: 03 Feb 2026
https://github.com/tink-crypto/tink-tinkey
Utility that allows generating and manipulating Tink keysets
crypto cryptography java key-management security
Last synced: 27 Jan 2026
https://github.com/rikyz90/shibaclaw
🛡️ Self-hosted AI agent with 5-layer prompt injection protection. Multi-channel, parallel agents, MCP, Docker-ready, LLM-agnostic.
agent-framework ai-agent ai-agents chatbot docker hardened-agent llm matrix mcp multi-agent ollama open-source openai openrouter prompt-injection python security self-hosted telegram-bot ultra-light
Last synced: 17 May 2026
https://github.com/d4vinci/paste2web
A python3 script that uses cl1p website to send and receive secret messages
chat cl1p-website messages python3-script secret security
Last synced: 25 Jul 2025
https://github.com/alulsh/intro-to-security-for-developers
An introduction to security for developers.
Last synced: 20 Nov 2025
https://github.com/luc10/zykgen
Zyxel VMG8823-B50B default WPA keygen
golang password reverse-engineering router security wifi wpa zyxel
Last synced: 04 Mar 2026
https://github.com/alaz/legitbot
🤔 Is this Web request from a real search engine🕷 or from an impersonating agent 🕵️♀️?
bot detect-crawlers fake googlebot impersonation protection ruby ruby-gem search-engine security
Last synced: 25 Apr 2026
https://github.com/endorama/2ami
Your easy 2FA companion that keep the secrets secret.
cli google-authenticator hacktoberfest keychain keyring secrets secure security totp two-factor
Last synced: 15 Mar 2026
https://github.com/simeononsecurity/Windows-Hardening-CTF
A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.
automation ctf ctf-tools hardening security windows
Last synced: 17 Aug 2025
https://github.com/d2iq-archive/kubernetes-security-benchmark
A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources
cis cli cobra dcos golang ksphere kubernetes security
Last synced: 31 Mar 2025
https://github.com/dan-nolan/delegatecall-proxy-bug
An Exploit on the AAVE v2 Contract Vulnerability
security smart-contracts solidity
Last synced: 31 Aug 2025
https://github.com/kevcui/cehv10studyguideplusplus
:notebook: CEHv10 Study Guide++
ceh cehv10 certified-ethical-hacker ec-council ethical-hacking ethicalhacking infosec penetration-testing pentest pentesting security studies
Last synced: 13 Feb 2026
https://github.com/rshipp/python-dshield
Pythonic interface to the Internet Storm Center / DShield API.
api-client dshield infosec isc library python sans security
Last synced: 15 Sep 2025
https://github.com/tigran-sargsyan-w/self-signed-cert-toolkit
A toolkit for generating self-signed digital certificates for signing PDFs, emails, software, and other content using tools like JSignPdf or any software that supports PKCS#12.
cert-generation certificate cli-tool code-signing digital-signature document-signing email-signature encryption openssl p12 pdf pdf-signature pkcs12 privacy security self-signed smime ssl tls x509
Last synced: 29 May 2026
https://github.com/perfectlysoft/perfect-crypto
Cryptographic Operations
crypto cryptography security server-side-swift ssl swift
Last synced: 05 May 2025
https://github.com/deepal/node-dukpt
Node JS Library for Derived Unique Key Per Transaction (DUKPT) Encryption 💳🔑🛡
aes decryption dukpt dukpt-encryption encryption javascript node-dukpt nodejs payments security
Last synced: 15 Oct 2025
https://github.com/simeononsecurity/windows-hardening-ctf
A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.
automation ctf ctf-tools hardening security windows
Last synced: 15 Apr 2025
https://github.com/anon-exploiter/ine-dl
Python script to download INE courses including labs, exercises, quizzes, slides, and, videos!
Last synced: 03 Oct 2025
https://github.com/WiPi-Hunter/PiUser
👨💻🕵🏻👩💻 Analyze user behavior against fake access points📡
access-point attacker blueteam corporations fake pentesting probe-requests redteam security user wifi
Last synced: 07 Apr 2025
https://github.com/wssun/TiSE-CodeLM-Security
This repository provide the studies on the security of language models for code (CodeLMs).
adversarial-attacks adversarial-defense ai-security ai4se backdoor-attacks backdoor-defense code-intelligence language-model lm4code lm4se security
Last synced: 30 Aug 2025
https://github.com/sporkmonger/bulwark
Automated security decision making under uncertainty
bot-mitigation bulwark detection devsecops envoy security waap waf webassembly
Last synced: 19 Feb 2026
https://github.com/1and1/compositejks
Load a custom Java Keystore into the SSL Context without replacing the system CA list.
Last synced: 05 Mar 2025
https://github.com/damienbod/azurefunctionssecurity
Azure Functions Security
api aspnet-core azure azure-functions security serverless
Last synced: 15 Apr 2025
https://github.com/hazcod/security-slacker
Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.
crowdstrike one security slack spotlight workspace ws1
Last synced: 19 Apr 2025
https://github.com/wagov/wasocshared
WA Cyber Security Unit (DGOV Technical) site
Last synced: 17 Aug 2025
https://github.com/alcideio/pipeline
Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration
aks argo argocd azure circleci eks github-action gitlab-ci gke google-cloud-build jenkins kubernetes security security-audit travis travis-ci vulnerability-scanner
Last synced: 16 Apr 2025
https://github.com/JakeRoggenbuck/regolith
A server-side TypeScript and JavaScript library immune to Regular Expression Denial of Service (ReDoS) attacks by using Rust and linear RegEx under the hood. Regolith has a linear worst case time complexity, compared to the default RegExp found in TypeScript and JavaScript, which has an exponential worst case.
javascript regex security typescript
Last synced: 17 Aug 2025
https://github.com/parsiya/parsia-code
Contains random code and some of my older projects
Last synced: 20 Apr 2026
https://github.com/itinerisltd/disallow-pwned-passwords
Disallow WordPress and WooCommerce users using pwned passwords
have-i-been-pwned hibp password security woocommerce wordpress-plugin
Last synced: 24 Apr 2025
