An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/dataplat/dbadisa

🦅 DISA STIG automation module for SQL Server

automation disa powershell security sqlserver stig

Last synced: 04 Apr 2025

https://github.com/hovancik/bsdsec

deadsimple BSD Security Advisories and Announcements

advisories announcements bsd dragonfly freebsd midnightbsd netbsd openbsd pfsense security

Last synced: 13 Apr 2025

https://github.com/heutelbeck/sapl-demos

Demo, tutorial, and benchmarks for the SAPL policy engine

access-control authorization benchmark demo examples java policies sapl security spring spring-security tutorial

Last synced: 27 Feb 2026

https://github.com/brickmakersgmbh/aspsecurityheaders

A small package for ASP.Net (Core) to automatically configure secure HTTP-Headers

asp-net asp-net-core brickmakers csharp csp dotnet dotnet-core hsts http-headers https security security-headers

Last synced: 24 Apr 2025

https://github.com/ukhomeoffice/policy-admission

Kubernetes admission controller

admission-controllers kubernetes security

Last synced: 08 Apr 2025

https://github.com/esadcetiner/secure-nginx-config

Fast and Secure by default Nginx configuration template

cis-benchmark cis-hardening https nginx ocsp-stapling security ssl tls

Last synced: 26 Apr 2025

https://github.com/alexylon/ferrocrypt

FerroCrypt is a pure Rust library, CLI, and desktop application for encrypting and decrypting files and directories using password-based or key-pair-based encryption.

cli cryptography decryption encryption file-encryption gui hybrid-encryption rust rust-lang rustlang security security-tools slint symmetric-encryption

Last synced: 24 May 2026

https://github.com/veeqtoh/secure-code

A Laravel package for generating and managing n-digit random secure codes for your app.

access-control door-controller laravel php security

Last synced: 07 Sep 2025

https://github.com/jojonas/db_nmap

Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.

metasploit metasploit-framework networks nmap security

Last synced: 14 Jan 2026

https://github.com/slippyex/data-guardian

Tiny, zero-dependencies, package which tries to mask sensitive data in arbitrary collections (map, set), errors, objects and strings.

auditing covering logging masking security sensitive-data sensitivity telemetry tracing

Last synced: 12 May 2025

https://github.com/infineon/remote-attestation-optiga-tpm

Setup and operation guide for OPTIGA™ TPM backed remote attestation on a Linux system

raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/charlesaverill/deffs

Distributed, Encrypted, Fractured File System - A custom distributed file system written in C with FUSE

filesystem fuse linux security

Last synced: 24 Jul 2025

https://github.com/mirego/absinthe_security

AbsintheSecurity provides utilities to improve the security posture of APIs built with Absinthe GraphQL.

absinthe absinthe-graphql elixir elixir-lang security

Last synced: 14 Aug 2025

https://github.com/coinfabrik/scout-actions

Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. This GitHub Action allows you to incorporate Scout's analysis into every Pull Request.

audit auditing blockchain ink rust security smart-contract soroban static-analysis vulnerability-detection

Last synced: 30 Jun 2025

https://github.com/infertux/sysechk

System Security Checker is a bundle of small shell scripts to assess your computer security.

cve cve-scanning security security-checker shell

Last synced: 26 Oct 2025

https://github.com/gousaiyang/pickleassem

A simple pickle assembler to make handcrafting pickle bytecode easier.

assembler bytecode ctf exploit pickle security security-tools

Last synced: 13 Apr 2025

https://github.com/apal21/target-blank-vulnerabilities-features

Examples of some features and the vulnerabilities that can exploit any webpage if target="_blank" is used without rel="noopener"

css html javascript security vulnerability

Last synced: 14 Apr 2025

https://github.com/bitsofinfo/testssl.sh-alerts

Alerting engine (slack etc) for testssl.sh JSON result output files

alerting alerts certificates continuous-integration security slack ssl testssl

Last synced: 13 Apr 2025

https://github.com/y-miyazaki/terraform-aws-base

Initially set base configuration created by Terraform.

aws metrics monitoring security terraform terraform-aws

Last synced: 17 Jan 2026

https://github.com/tink-crypto/tink-go-gcpkms

Extension to Tink Go that provides Google Cloud KMS integration

crypto cryptography gcp-kms go golang golang-library google-cloud-kms security tink

Last synced: 12 Jan 2026

https://github.com/gcmurphy/osv

Rust implementation of ossf osv specification

rust security vulnerability-scanners

Last synced: 11 Mar 2026

https://github.com/toshke/aws-keys-sectool

Command line to list and IP whitelist active AWS credentials

access-control aws security security-tools

Last synced: 14 Dec 2025

https://github.com/X0RBYT3/OSINT-Tools

An Online Collection of Open Source Intelligence Tools

css html osint repository security security-audit security-scan security-tools

Last synced: 12 Jul 2025

https://github.com/mrtc0/cxray

Tracing security events in container with BPF

bcc bpf container devsecops ebpf security trace

Last synced: 08 Mar 2026

https://github.com/redhat-actions/crda

Scan your project's dependencies with Code Ready Dependency Analytics

crda github-actions sarif-report security security-analysis security-automation

Last synced: 26 Jun 2025

https://github.com/devgateway/ansible-ldap-auth

Configure LDAP authentication & authorization with parametrized user/host/project lookups

ansible ansible-role ldap ldap-authentication ldap-server linux nss pam security ssh ssh-server

Last synced: 23 Jul 2025

https://github.com/dxc-0/respect-my-internet

Opensnitch / LittleSnitch - No-Gafam (blocklist for facebook, google, microsoft, amazon, huawei, tencent, apple, xiaomi ...) - aggressive privacy and protection (trackers, spywares, malwares, cti feeds, malicious ips, phishing...) - 99% in adsblockers tests !

anonymity blocklist firewall firewall-configuration firewall-rules netfilter nftables-rules no-amazon no-apple no-batx no-facebook no-gafam no-microsoft open-source opensnitch privacy-protection privacy-tools respect-privacy script security

Last synced: 16 May 2025

https://github.com/MathiasRenner/optimize-ubuntu

Optimize Ubuntu for usability, security, privacy and stability

linux privacy reliability security ubuntu

Last synced: 07 Sep 2025

https://github.com/labd/python-param-store

Python module to store secrets in secret stores

aws python security

Last synced: 30 Aug 2025

https://github.com/Cymmetria/micros_honeypot

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.

deception honeypot micros oracle security security-tools security-vulnerability vulnerability

Last synced: 27 Mar 2025

https://github.com/cyb3rmx/badpig

A compilation of snort rules for detecting malware traffic.

intrusion-detection malware-detection network-security security snort snort-rules

Last synced: 02 Jan 2026

https://github.com/chamodanethra/biometric_signature

Hardware-backed biometric authentication for Flutter. Create cryptographic signatures using device biometrics with keys stored in Secure Enclave/StrongBox/Windows Hello.

android biometric-authentication cryptography flutter ios macos secure-enclave security strongbox windows windows-hello

Last synced: 01 Apr 2026

https://github.com/andresriancho/aws-backup

AWS Backup implementation in terraform

aws backup security terraform

Last synced: 10 Apr 2025

https://github.com/jasondrawdy/amaterasu

Lightweight licensing library for .NET applications which allows the managing of licenses via web based scripts and on-the-fly code compilation.

amaterasu antebyte code-generation compiler cryptography csharp dotnet dynamic encryption hacking library license license-management memory-management networking on-the-fly scripting security web windows

Last synced: 22 Apr 2025

https://github.com/varunon9/fakelock

An android app for extra privacy. It will protect selected apps by adding a lock screen above them until correct password is entered. (Not complete, In active development process. PRs are welcomed)

android android-custom-lockscreen android-protect-apps privacy security

Last synced: 14 Mar 2026

https://github.com/securestackco/actions-log4j

A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

devsecops github-actions java java-vulnerability java8 jre log4j log4j-rce log4j2 log4js log4shell scanning security security-automation security-tools software-composition-analysis static-analysis vulnerabilities vulnerability-assessment vulnerability-scanner

Last synced: 30 Jul 2025

https://github.com/tylerchr/pwnedpass

Package pwnedpass is a Go package for querying a local instance of Troy Hunt's Pwned Passwords database.

golang haveibeenpwned hibp offline pwnedpasswords security selfhosted

Last synced: 14 Jan 2026

https://github.com/zb3/tiandy-research

This repository contains the results of my August 2020 research of Tiandy's IPC/NVR firmware. I found two vulnerabilities that could be used to remotely recover the administrator password and gain root access to the device.

full-disclosure security

Last synced: 17 Jan 2026

https://github.com/typisttech/wp-cloudflare-guard

Connecting WordPress with Cloudflare firewall, protect your WordPress site at DNS level. Automatically create firewall rules to block dangerous IPs

cloudflare firewall security wordpress wordpress-plugin

Last synced: 13 Jan 2026

https://github.com/duomarket/userless

A client and server side solution for zero knowledge authentication, in Go

authentication encryption golang openbazaar security

Last synced: 14 Jan 2026

https://github.com/avishayil/cf-signer

Tool for signing and verifying the integrity of CloudFormation templates

aws cloudformation integrity security signing

Last synced: 01 Apr 2025

https://github.com/bain3/f.bain

E2EE file uploading website

cryptography security storage website

Last synced: 04 Apr 2026

https://github.com/x0rbyt3/osint-tools

An Online Collection of Open Source Intelligence Tools

css html osint repository security security-audit security-scan security-tools

Last synced: 07 Aug 2025

https://github.com/jfrog/jfrog-skills

AI agent skills for the JFrog Platform. Search and download artifacts, query CVEs and exposures, check curation and compliance, trace builds, and more. Install in your AI coding agent and interact with JFrog through natural language.

ai-agent ai-skills artifact-managment artifactory cli devops devsecops jfrog security xray

Last synced: 26 Jun 2026

https://github.com/wakeful/veil

Verified Entity Identity Lock (Expose hidden trust paths in your AWS IAM setup before they become security risks.)

aws blue blue-team blue-team-tool blueteam blueteam-tools cybersecurity penetration-testing recon security security-auditing security-automation security-testing security-tools

Last synced: 30 Dec 2025

https://github.com/gacts/gitleaks

🚀 GitHub action for running gitleaks/gitleaks (no license key is required)

code-scanning github-actions gitleaks security

Last synced: 20 Mar 2025

https://github.com/muntashirakon/sun-security-android

Use the Android-private sun.security library

android-library keystore-provider security

Last synced: 13 Apr 2025

https://github.com/vincentkoc/ostemper

All in one script for hardening and applying common tweaks to Mac OS systems

apple macos macosx security security-hardening security-tools

Last synced: 11 Apr 2025

https://github.com/pcjbird/quicksecuritycode

A security or sms verify code input control. 一个安全码/短信验证码输入控件,支持4位或6位数字的安全码/短信验证码。

code input mobile phone security sms textfield verify

Last synced: 10 Apr 2025

https://github.com/parsiya/evil-electron

Backdoored Electron app.asar

electron security

Last synced: 11 Apr 2025

https://github.com/xenocoderce/netseal

A revamp of the good old NetSeal licensing system, with security !

dotnet license-management managed security

Last synced: 11 Apr 2025

https://github.com/cleantalk/php-usp

UniForce - Universal Security plugin and Firewall for websites

attack-defense firewall security waf

Last synced: 11 Apr 2025

https://github.com/tabmk/2fa-hotp-totp

Zero dependency HOTP/TOTP 2FA

2fa hotp otp security totp typescript

Last synced: 13 Apr 2025

https://github.com/topscoder/nuclei-zero-day

This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.

bugbounty infosec nuclei nuclei-templates security

Last synced: 06 Mar 2026

https://github.com/neosmart/lastpassto1password

A LastPass to 1Password converter.

1password lastpass security

Last synced: 10 Apr 2025

https://github.com/qnib/doxy

Docker unix-socket proxy to provide unharmful, read-only API calls

docker docker-engine golang security

Last synced: 14 Jan 2026

https://github.com/s4u/pgp-keys-map

PGP keys map to maven artifacts

hacktoberfest java maven-plugin pgp pgp-key security

Last synced: 11 Oct 2025

https://github.com/webreflection/csp

Because Security Matters, and Web libraries, tools, and projects, should be more informative about their state.

badge csp security

Last synced: 15 Feb 2026

https://github.com/lambdacasserole/hack-this

A collection of common web programming security mistakes.

education hacking php security sql-injection vulnerabilities

Last synced: 09 Feb 2026

https://github.com/alejandroesquivel/node-pastebin-scraper

Minimalistic Pastebin Scraper for Node.js. A way to scrape pastebin's recent paste feed without requiring a LIFETIME PRO account and using their API. A good tool for those that want to ensure that their accounts have not been compromised during a recent hack.

client leaks node-pastebin-scraper pastebin scraper security

Last synced: 13 Feb 2026

https://github.com/sigstore/sigstore-a2a

Sigstore A2A Agent Signing

agent cryptography security sigstore

Last synced: 22 Feb 2026

https://github.com/rek7/patchy

Automated Persistence and Lateral Movement using GCP Patch Management

cloud-native-se cloud-security gcp penetration-testing red-team security

Last synced: 26 Feb 2026

https://github.com/ibasebcast/ha-alarmdotcom

Modernized Alarm.com integration for Home Assistant with ongoing maintenance and fixes.

alarm-com alarmdotcom hacs hacs-integration home-assistant home-assistant-integration home-security homeassistant security

Last synced: 21 Apr 2026

https://github.com/rung/go-safecast

Go Library for safe type conversion to prevent integer overflow

go golang security

Last synced: 26 Jan 2026

https://github.com/costela/wile

Stripped down letsencrypt (ACME) client

acme certificate cli client python security ssl

Last synced: 09 Apr 2025

https://github.com/matthiastjong/shellgate

Self hosted secure gateway for AI agents. One token. Full control. Complete audit trail.

ai ai-agents api-gateway claude-code credential-management mcp mcp-server model-context-protocol open-source proxy security self-hosted ssh ssh-proxy

Last synced: 03 Jun 2026

https://github.com/arch3rpro/securityrss

A Collection of Security RSS Feeds OMPL 网络安全资讯RSS订阅源

cybersecurity opml rss-feed security

Last synced: 26 Jan 2026

https://github.com/jpetrucciani/bandit-check

github action to run the bandit security linter

action bandit github-action hacktoberfest lint python security

Last synced: 09 Oct 2025

https://github.com/lionheart/django-pwnedpasswords-validator

Django password validator that checks for passwords in known data breaches.

django django-passwords library password-validation password-validator passwords python python-library security

Last synced: 15 Sep 2025

https://github.com/mxschmitt/react-have-i-been-pwned

React component for: Have I Been Pwned?

hibp javascript passwords react security

Last synced: 19 Apr 2025

https://github.com/tenable/accurics-action

The Accurics GitHub Action scans Infrastructure as Code files checked into the respository to help ensure that cloud resources are secure and compliant from creation.

cicd devops security

Last synced: 15 Apr 2025

https://github.com/mythkiven/mkappleopensourcedownload

Apple opensource source image,download source code from Apple's website.

apple corefoundation developer dyld foundation gcc ios kit lldb llvm open security

Last synced: 18 Mar 2025

https://github.com/skosachiov/remediations-gendbuntu

The main goal of this project is the configuration and control of various types of devices operating in a corporate environment. Information security is the main direction of development. Roles have default settings that can be dynamically overridden using "inventories" folder rules based on subnet, host group (organizational unit or branch), OS.

ansible automation centos compliance debian group-policy laps linux redhat remote-assistance sccm security security-audit security-automation ubuntu

Last synced: 15 May 2025

https://github.com/jnaulty/multi-yubikey-helper

Same Subkeys, Many Yubikeys...

gpg hsm security yubikey

Last synced: 13 Aug 2025

https://github.com/psenger/jersey2-security-jwt

Jersey 2 with JWT Token Security

jersey2 jwt jwt-token security

Last synced: 14 Apr 2025

https://github.com/krisnova/.net

Compiled Works: Computer Science, Engineering, Analysis, Research

analysis computer-science kernel linux research security

Last synced: 14 Apr 2025

https://github.com/chinmina/chinmina-bridge

Allows Buildkite agents to use ephemeral GitHub tokens to authenticate their interactions. Avoids deploy keys and long-lived PATs.

buildkite github github-app oidc security

Last synced: 27 May 2026

https://github.com/roboflow/rickblocker

Audio visual mitigation of Rickrolls using computer vision.

april-fools computer-vision rickroll roboflow security

Last synced: 21 Jun 2025

https://github.com/zelon88/workstation_usb_monitor

Know whenever a domain user plugs in a USB storage device. Log & email when storage devices get attached to your network.

admin-tools administration email-notifications gpo monitor notifications security security-automation security-tools sendmail storage storage-devices storage-monitor usb usb-monitor vbs

Last synced: 07 Jan 2026

https://github.com/madhuakula/hacked-emails

Command line hacked-emails

go golang hacked-emails infosec security

Last synced: 11 Aug 2025