An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/ryanbalfanz/rtspios

A Raspberry Pi distribution that turns your Pi in to an RTSP server (e.g. security camera)

camera custompios cvlc raspberry-pi-camera raspberrypi raspicam raspivid rtsp rtsp-server security vlc

Last synced: 24 Apr 2025

https://github.com/anthonyharrison/csaf

CSAF generator and validator

csaf devsecops sbom security vex vulnerabilities

Last synced: 12 Jun 2025

https://github.com/visualbean/hibp.net

A simple .NET wrapper for the HIBP (Have I been pwned?) Api

csharp haveibeenpwned hibp netcore nuget security

Last synced: 10 Oct 2025

https://github.com/aligent/magento2-bypass-2fa

Magento module allowing two-factor authentication (2FA) to be bypassed for development purposes.

development magento2 security

Last synced: 11 Apr 2025

https://github.com/dolmen-go/mylogin

Utilities for reading and writing MySQL' ~/.mylogin.cnf (encrypted MySQL client credentials storage)

credentials encryption golang-library mylogin mysql mysql-client security

Last synced: 12 Jun 2025

https://github.com/amadeusitgroup/starter-kit-for-internal-hacking-event

A kit to organize internal hacking events, improving product security and spreading security knowledge.

event fun security

Last synced: 13 Feb 2026

https://github.com/stijncaerts/doss

Development of Secure Software: course summary

security

Last synced: 22 Feb 2026

https://github.com/bonifield/splunk_on_security_onion

Splunk configs for Security Onion

bro forwarder onion security splunk sysmon zeek

Last synced: 14 Jun 2025

https://github.com/orijtech/tickeryzer

Check missing (*time.Ticker).Stop() call, which can cause resources leak.

golang security static-analysis

Last synced: 09 Feb 2026

https://github.com/zelon88/emotet_analysis-1

A quick & dirty look at an Emotet infection.

analysis botnet campaign emotet heodo malware-analysis opsec security trojan

Last synced: 09 Feb 2026

https://github.com/xolox/python-crypto-drive-manager

Unlock all your encrypted drives with one pass phrase

disk-encryption encryption linux luks mount python security

Last synced: 23 Apr 2025

https://github.com/alex2276564/telegramnotifier

PrestaShop module that sends customizable Telegram notifications for new orders, admin logins, and new customer registrations. Supports multiple chat recipients, message templates, and automatic update checks.

api automation ecommerce module notifications php prestashop security telegram

Last synced: 14 Oct 2025

https://github.com/aw-junaid/security-and-hacking

Explore ethical hacking and security: penetration testing, vulnerability scanning, and exploit development. Includes tools, scripts, and hands-on labs.

ethical-hacking exploit hacking penetration-testing security vulnerabilities vulnerability-scanners

Last synced: 08 Jan 2026

https://github.com/topscoder/subgomain

A high-performance tool for identifying domain takeovers with support for custom fingerprints and resolver lists.

bugbounty bugbounty-tool domain-takeover infosec infosectools security security-tools subdomain-takeover

Last synced: 04 Jul 2025

https://github.com/dajiaji/flask-paseto-extended

PASETO (Platform-Agnostic Security Token) for Flask applications.

flask flask-extension jose jwt paseto past python security token

Last synced: 23 Apr 2025

https://github.com/logchange/eir

🐛🗡️👩‍⚕️ eir is a tool to report system vulnerabilities 👩‍⚕️🗡️🐛

docker gitlab graalvm java micronaut report security security-tools vulnerabilities

Last synced: 05 Jul 2025

https://github.com/soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

dast penetration-testing security soos web-security

Last synced: 24 Feb 2026

https://github.com/donedeal0/deepvault

DeepVault allows you to store data in the browser with AES encryption.

aes aes-256 aes-gcm cryptography encryption encryption-decryption gcm local-storage localstorage security

Last synced: 07 Oct 2025

https://github.com/crashdump/covert

Covert is a deniable encryption software.

cli deniable-encryption encryption sdk security

Last synced: 16 Feb 2026

https://github.com/rohaquinlop/immunipy

A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust.

cli python python-library sca security vulnerability-detection vulnerability-scanners

Last synced: 17 Oct 2025

https://github.com/lehcode/soakp

Secure OpenAI interactions with confidence - safeguard your OpenAI API keys and boost your app security

chatgpt-api openai openai-api security

Last synced: 07 Oct 2025

https://github.com/neuralegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

appsec brightsec e2e pentesting qa security test testing typescript

Last synced: 17 Mar 2026

https://github.com/catalyst/patch-friend

Which of my hosts are affected by a security advisory?

debian python security security-advisories ubuntu

Last synced: 27 Apr 2025

https://github.com/boogy/iam-policy-validator

⚡ Stop IAM misconfigurations before they become breaches — Catch overprivileged permissions, dangerous wildcards, and policy errors before deployment.

aws iam security

Last synced: 12 Feb 2026

https://github.com/itinerisltd/itineris-disable-xml-rpc

Disable WordPress XML-RPC via actions and filters

security wordpress wordpress-plugin xml-rpc

Last synced: 20 Aug 2025

https://github.com/burakozcn01/certstream-server-rust

High-performance Certificate Transparency (CT) monitoring tool written in Rust. Real-time stream of newly issued SSL/TLS certificates from CT logs. Rust implementation of certstream-server with improved performance and memory efficiency.

certificate-transparency certstream ct-logs rust security threat-intelligence websocket x509

Last synced: 22 Feb 2026

https://github.com/bandarlabs/cveingest

Convert CVEs into LLMs friendly input with multi level crawling

audio cve llm security

Last synced: 03 Jul 2025

https://github.com/epappas/llmtrace

Zero-code LLM security & observability proxy. Real-time prompt injection detection, PII scanning, and cost control for OpenAI-compatible APIs. Built in Rust.

agentic ai-agents ai-infrastructure ai-security aiops chatgpt llm-inference llm-monitoring llm-security llm-security-compliance-prompt-injection llmops mlops observability openai pii-detection prompt-injection proxy rust security

Last synced: 19 Feb 2026

https://github.com/leklund/bauditor

run bundler-audit on a multiple repositories at once

bundler-audit ruby rubygems security

Last synced: 07 Jul 2025

https://github.com/eliasgranderubio/odin_eye

a tool for doing footprinting. This tool is an online modules subset of Odin Project shown by Elias Grande and Alejandro Ramos at RootedCon 2016 conference.

footprinting hacking-tool security

Last synced: 26 Mar 2025

https://github.com/dukebarman/android-bulletins-harvester

a simple utility for parsing Android security bulletins

android go security security-tools

Last synced: 14 Jan 2026

https://github.com/saadbazaz/crackhead

A simple, smart & distributed password-cracking algorithm

algorithm password-cracker security

Last synced: 13 Jun 2025

https://github.com/contributte/event-dispatcher-extra

:recycle: Nette-based Symfony events for application, presenter, form, latte, templates, security and many others.

application contributte event-dispatcher event-emitter events mvc nette nette-framework security

Last synced: 19 Jul 2025

https://github.com/jonlabelle/antildapinjection

A .NET library that provides protections against LDAP Injection.

active-directory csharp dotnet ldap ldap-encoder ldap-filter ldap-injection nuget-package sanitizer security

Last synced: 12 Jul 2025

https://github.com/ivanilves/docker-blackvpn

Runs BlackVPN client inside Docker (with OpenVPN)

anonymity network security testing vpn

Last synced: 11 Apr 2025

https://github.com/dhanushnehru/pdf-xss-checker

pdf-xss-checker is a Node.js tool designed to scan PDF files for potential Cross-Site Scripting (XSS) vulnerabilities. It analyzes embedded scripts, forms and suspicious content to help identify security risks in PDFs before they're distributed or displayed in browsers.

pdf pdf-document scanner security security-audit securitytools vulnerability xss xss-attacks xss-detection xss-filter xss-scanner xss-vulnerability

Last synced: 19 Jun 2025

https://github.com/ayemunhossain/python-for-security

This is a repository is about implementing security concept with python.

devsecops python python3 security

Last synced: 25 Jul 2025

https://github.com/xtonousou/cis-bench-centos8

CIS Benchmark v1.0.0 - Level 1 Server - CentOS 8 automation

assessment bash benchmark centos centos8 cis cis-benchmark hardening linux security

Last synced: 30 Oct 2025

https://github.com/dlion/go-ofile

Use this tool to search for a specific file type in a given domain.

dork go golang security

Last synced: 03 Jul 2025

https://github.com/krishealty/worm

Worm is an Android post exploitation Framework to gain remote access of any Android device by exploiting Android Debug Bridge.

cybersecurity hacking hacking-tools information-gathering kali-linux osint-framework osint-tool penetration-testing pentesting python python3 security vulnerability vulnerability-scanners

Last synced: 14 Apr 2025

https://github.com/offsh/offsh

Xonsh-powered pentesting framework.

pentesting security wazuh xonsh xxh

Last synced: 12 Mar 2025

https://github.com/padok-team/security-vault-credential-broker

Code to deploy a PoC of an implementation of Vault as a credential broker for Boundary, with a PostgreSQL database as target.

boundary security vault

Last synced: 26 Dec 2025

https://github.com/lreimer/secure-devex22

Demo repository for my talk at the Heise Developer Experience 2022 conference.

checkov clean-code code-quality devsecops docker kubernetes lint security security-tools snyk sonarqube static-analysis terraform tilt trivy zap-api

Last synced: 02 Aug 2025

https://github.com/veil-services/veil-go

The sensitive data firewall for AI. Detect and mask PII (Emails, Credit Cards, CPFs) locally with zero-latency before sending prompts to LLMs. Thread-safe & Production ready.

cybersecurity dlp golang llm openai pii-masking privacy security

Last synced: 13 Jan 2026

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/csm-actions/approve-pr-action

GitHub Action to approve pull requests securely

github-actions oss security

Last synced: 13 May 2025

https://github.com/rustlanges/rlarndg

RustLangES Actually Random Generator

cryptography generator random security

Last synced: 31 Jul 2025

https://github.com/arturmiller/adversarial_ml_ctf

This repository is a CTF challenge, showing a security flaw in most (all?) common artificial neural networks. They are vulnerable for adversarial images.

adversarial challenge ctf docker flask machine-learning optimization python security website

Last synced: 18 Apr 2025

https://github.com/simeononsecurity/Apache-Web-Server-Hardening

An collection of example configurations and scripts to aid administrators in configuring a hardened Apache Web Server

apache encryption hardening security ssl-certificates

Last synced: 17 Aug 2025

https://github.com/nathanjepson/wdac-framework

Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.

application-control applicationcontrol defender enterprise-security operation-system-security powershell powershell-script security sqlite sqlite-database wdac windows windows-defender windows-defender-application-control windowsdefender winrm zero-trust

Last synced: 21 Jun 2025

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/gatomod/path_trav

🤨🔎 A simple path traversal checker made with Rust. Useful for APIs that serve dynamic files.

fs path path-traversal rust security

Last synced: 13 Apr 2025

https://github.com/casbin/mux-authz

gorilla/mux's RBAC & ABAC Authorization middleware based on Casbin

abac acl authz casbin gorilla-mux middleware mux plugin rbac security

Last synced: 22 Apr 2025

https://github.com/jpmcb/pwnkit-go

Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go

cybersecurity infosec security

Last synced: 09 Aug 2025

https://github.com/aw-junaid/golang-web-security

Secure Golang web app with best practices: authentication, authorization, input validation, CSRF protection, and secure headers. Example code for secure development.

golang penetration-testing security websecurity

Last synced: 14 Apr 2025

https://github.com/houssemdellai/kubernetes-allowed-registries-policy

Demoing whitelisting Container Registries in Kubernetes using OPA/Gatekeeper policy.

aks-kubernetes-cluster container-registry container-security policy security

Last synced: 03 Jan 2026

https://github.com/bytehide/cli

Dotnetsafer CLI is a console tool that allows you to protect your .NET developments, integrates different products and services to keep your code safe.

analyzer dotnet netcore obfuscation owasp protection security security-tools vulnerability

Last synced: 27 Jun 2025

https://github.com/lanshuns/wintorproxy

A batch script that enabling Tor and Privoxy as a SOCKS5 proxy, providing enhanced privacy and anonymity for internet traffic.

batch privacy proxy security socks tor

Last synced: 25 Feb 2026

https://github.com/octogonapus/registryscanner

Scans Julia registries for possible malicious behavior and misconfigurations.

julia security

Last synced: 28 Jun 2025

https://github.com/mahmudnibir/hiddenmessage

⚕️ HiddenMessage is a Python script that uses LSB steganography to hide and extract secret text in images. It encrypts the message with AES before embedding, ensuring both privacy and invisibility.

data-hiding digital-forensics encoding encryption encryption-decryption image-processing lsb message-hiding password pil python security steganography

Last synced: 21 Jul 2025

https://github.com/geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/melardev/xeytanboost-rat

WORK IN PROGRESS. RAT written in C++ using Boost Libraries

asio backdoor boost cpp desktop malware networking rat remote-administration-tool security sockets trojan

Last synced: 13 Apr 2025

https://github.com/infineon/ek-based-onboarding-optiga-tpm

Guide for Setting Up and Operating Device Onboarding with OPTIGA™ TPM Endorsement Key (EK)

raspberry-pi security tpm2

Last synced: 11 Jul 2025

https://github.com/rattleycooper/warble

Steganography tool that can embed files into the pixel data of images, or the data chunk of a wav file.

obfuscation pentesting security steganography

Last synced: 31 Aug 2025

https://github.com/mrheinen/lophiid

A distributed honeypot for monitoring large scale web attacks

grpc-go honeypot intrusion-detection security threat-detection threat-hunting threat-intelligence

Last synced: 23 Jun 2025

https://github.com/sjinks/setcap-static

A statically linked lightweight version of setcap(8) to use in `scratch` images

capabilities linux-capabilities scratch-image security security-tools setcap

Last synced: 10 Apr 2025

https://github.com/restorm-labs/nuxt-restream

Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.

firebase firebase-storage nuxt nuxt-module nuxt3 security vue3

Last synced: 09 Oct 2025

https://github.com/99999g/ak47

AK47 是一款跨平台的漏洞利用与安全评估工具 | AK47 is a cross-platform vulnerability exploitation and security assessment tool

expr mcp pentest redteam security skills wails

Last synced: 10 Apr 2026

https://github.com/radoslaw-sz/guardio

The most flexible control plane for AI Agent systems

ai ai-agent ai-agents control-plane framework guard mcp security

Last synced: 01 Apr 2026

https://github.com/venkatas/vikramaditya

Autonomous VAPT platform. Give it a target (FQDN, IP, CIDR) — it hunts, it reports. Inspired by the Obsidian Order.

ai-security autonomous-agent bash bug-bounty penetration-testing python recon security vapt vulnerability-scanner

Last synced: 30 Apr 2026

https://github.com/bmedicke/reed

notes about 🔍 Reverse Engineering and 🔥 Exploit Development

debugging exploit-development reverse-engineering security

Last synced: 09 Oct 2025

https://github.com/carlocorradini/graphql-auth-directive

GraphQL @auth directive that protects resources from unauthenticated and unauthorized access

auth authentication authorization graphql nodejs security typescript

Last synced: 16 Feb 2026

https://github.com/jessechale/halehound-cyd

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

bluetooth cc1101 cheap-yellow-display cyd esp32 esp32-diy hacking nrf24l01 offensive-security pentest security security-tools subghz wifi

Last synced: 12 Mar 2026

https://github.com/patricktulskie/dfang

Defang IOCs, written in rust

defang ioc refang security security-tools

Last synced: 28 Apr 2025

https://github.com/ucsahinn/codex-chef

Codex Chef: Windows-first Codex setup kit with agents, skills, MCP connectors, safe installers, validation gates, and multilingual docs.

agent-skills ai-agents automation codex codex-chef codex-cli developer-tools mcp model-context-protocol openai powershell security setup starter-template windows

Last synced: 17 Jun 2026

https://github.com/samouraiworld/sec-guidebook

The Ultimate Security Guide Book for new-cryptorich friends

exploits good-practices privacy protection security wallet

Last synced: 27 Jan 2026

https://github.com/bisonai/flutter-machine-learning-security

Protect your Machine Learning model in your Flutter application.

edge-machine-learning encoder-decoder mobile-ai security xor-cipher

Last synced: 18 Oct 2025

https://github.com/prompt-armor/prompt-armor

Open-source prompt injection detector — 5 layers, 91.7% F1, ~27ms, offline, Apache 2.0

ai-safety anomaly-detection cli faiss jailbreak llm llm-security mcp nlp offline onnx prompt-injection prompt-security python security

Last synced: 03 Jun 2026

https://github.com/alphasoc/graylog-alphasoc

A content pack to render AlphaSOC alerts within Graylog

graylog-content-pack intrusion-detection malware-analysis monitoring security

Last synced: 01 Mar 2026