An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/zelon88/emotet_analysis-1

A quick & dirty look at an Emotet infection.

analysis botnet campaign emotet heodo malware-analysis opsec security trojan

Last synced: 09 Feb 2026

https://github.com/wravoc/goaccess-openbsd

OpenBSD theme for GoAccess Web Log analyzer with prompted ASN database download matching a pre-configured conf which excludes Web Monitoring services and also generates HTML reports.

analytics asn asn-lookup geoip http-requests log logs openbsd security security-tools

Last synced: 24 Oct 2025

https://github.com/apache/santuario-cpp

Mirror of Apache Santuario C++

c java library santuario security xml

Last synced: 10 Jan 2026

https://github.com/openwall/owl

Openwall GNU/*/Linux (Owl) is a small security-enhanced Linux distribution for servers. Owl has effectively reached its end-of-life, but its legacy lives on in a few other distributions (most notably, ALT Linux) and upstream projects. This is a tentative export of the Owl CVS repository into Git, which will possibly be redone later.

hardening linux security userland

Last synced: 09 Apr 2025

https://github.com/robertdebock/ansible-role-investigate

Install and configure investigation tools on your system.

ansible investigate molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/sea-n/nctu-109b-comp-sec

109 Spring - Computer Security Capstone

homework nctu security

Last synced: 24 Apr 2025

https://github.com/patrickfav/bkdf

BCrypt based key derivation function to improve BCrypt as a cryptographic primitive for password hashing and key derivation

bcrypt cryptography hkdf java kdf password security

Last synced: 09 Apr 2025

https://github.com/darxisr/cryline-v3.0

Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes only. The author is't responsible for your actions.

aes-encryption assembly cplusplus dotnet encryption malware programming ransomware security source-code windows

Last synced: 16 Aug 2025

https://github.com/nimdy/selks-install-from-source

How to install SELKS in Azure and AWS cloud services and pretty much anywhere with a internet connection

aws azure elasticsearch how-to kibana logstash monitoring network nsm security suricata

Last synced: 11 Mar 2026

https://github.com/hxsecurity/dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.

applicationsecuritymonitoring devsecops django dongtai dongtai-iast security

Last synced: 26 Apr 2025

https://github.com/hqarroum/open-sniffer

:nose: A POSIX utility used to read and dissect network packets.

security sniffer

Last synced: 19 Apr 2025

https://github.com/atbashee/atbash-octopus

Atbash Octopus version; declarative permission based Java EE Security

declarative java javaee javafx microprofile octopus permissions security

Last synced: 06 Jul 2025

https://github.com/sjinks/wp-login-logger

WordPress plugin to log login attempts

login security session session-management wordpress-plugin

Last synced: 10 Apr 2025

https://github.com/eyevinn/node-cat

Node library for generating and validating Common Access Tokens (CTA-5007)

cat commonaccesstoken contentprotection cwt security

Last synced: 06 Oct 2025

https://github.com/codeconut-ltd/wordpress-plugin-default-config

WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.

composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings

Last synced: 08 Oct 2025

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026

https://github.com/rulilg/litic

JS library to perform technical SEO and best practices analysis to your projects.

accessibility best-practices security seo technical-seo web-development

Last synced: 13 Oct 2025

https://github.com/kumuluz/kumuluzee-security

KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.

cloud-native java javaee kumuluzee microservices oauth2 openid-connect security

Last synced: 17 Oct 2025

https://github.com/netlify/plugin-csp-nonce

Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.

csp netlify security

Last synced: 26 Oct 2025

https://github.com/cs-joy/blockchain_exploration

All about of Blockchain Technology - Especially about Data Privacy and Security

blockchain-technology cia data-privacy security

Last synced: 06 Feb 2026

https://github.com/dragonbe/poc-webapp-vault

A proof-of-concept to connect a PHP web application to a MySQL database using credentials provided by Hashicorp Vault

database mysql php proof-of-concept security vault webapp

Last synced: 16 Mar 2026

https://github.com/ddrimus/http-threat-blocklist

A daily-updated blocklist of IP addresses involved in malicious HTTP attacks that bypassed multiple security layers. Ideal for protecting web servers against probing, exploits, and bot traffic.

blocklist cybersecurity firewall malware security threat-intelligence

Last synced: 31 Jan 2026

https://github.com/actalog/mongodump

🍃 GitHub Action for creating a binary export of a database's contents

actions backup database github-actions mongodb mongodump security

Last synced: 27 Feb 2026

https://github.com/0xhunterr/hack_map

A Collection of InfoSec Mind Maps

ejpt-notes ejpt-study mindmap security

Last synced: 14 Feb 2026

https://github.com/divd-nl/cna-bot

GitHub action to validate and submit CVE entries using cvelib, cvelint and cve service.

cve security

Last synced: 01 Mar 2026

https://github.com/cipher-fox/nestjs-cryptography

Secure NestJS cryptography module 🔐

cryptography javascript nest nestjs node security typescript

Last synced: 25 Apr 2026

https://github.com/jef/gh-audit-org-keys

🔑 Provides list of public SSH keys of an organization

github-api john-the-ripper openssl security ssh

Last synced: 03 Apr 2026

https://github.com/liberzon/claude-hooks

Smart PreToolUse hook for Claude Code — decomposes compound bash commands and checks each sub-command against allow/deny permission patterns

bash claude-code claude-hooks cli security

Last synced: 20 Apr 2026

https://github.com/tn3w/ipblocklist

Aggregated IP/ASN threat intel. ~20 MB mmap DB + ~5 MB netset blocklist.

ip-address ip-blocklist ip-lookup python security threat-intelligence

Last synced: 04 Jun 2026

https://github.com/getarcis/arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss

Last synced: 06 Jun 2026

https://github.com/jamiesonio/defectdojo-mcp

An experimental ModelContextProtocol server connecting LLMs to DefectDojo for AI-powered security workflows. Enables natural language interaction with vulnerability data, simplifies security analysis, and automates reporting through a lightweight middleware integration.

appsec defectdojo devsecops fastmcp mcp security security-automation

Last synced: 01 May 2026

https://github.com/picobaz/nexusbrute

NexusBrute: A modular Node.js brute-force login tester for ethical security audits. Simulate password attacks with smart patterns, auto-CSRF handling, and CSV logging. Harden your systems—use with permission only!

bruteforce cybersecurity ethical-hacking login-tester nodejs password-audit penetration-testing security web-security

Last synced: 06 Jan 2026

https://github.com/muqsit/2fa

[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.

2fa mfa pmmp pocketmine-mp security

Last synced: 05 Aug 2025

https://github.com/fodinabor/esposecsignauth

Module for EspoCRM that uses SecSign for Two-Factor Authentication.

2fa espocrm security

Last synced: 01 Aug 2025

https://github.com/jpts/coredns-enum

Discover K8s Services & Pods through DNS Records in CoreDNS

coredns enumeration kubernetes networking security

Last synced: 12 May 2025

https://github.com/rideu/ndot

DNS over DoT relay. Designed for DHCP-configurable routers that supports custom DNS servers.

csharp dns dns-over-tls rfc1035 rfc7858 security security-tools

Last synced: 15 Jul 2025

https://github.com/lombiq/orchard-login-as-anybody

Orchard module for site owners to be able to log in as any user.

orchard orchard-cms orchard-core orchard-module security

Last synced: 17 Aug 2025

https://github.com/grottopress/samba

Single Sign On authentication for Lucky framework

authentication crystal lucky-framework oauth2 security sso

Last synced: 22 Apr 2025

https://github.com/TheAmazingPT/passman

A dmenu frontend for password-store (Pass: The Standard Unix Password Manager)

bash dmenu linux manager pass password password-store security unix

Last synced: 22 Apr 2025

https://github.com/albertito/kxd

[mirror] Key exchange daemon

encryption-key go-application key-management security

Last synced: 02 Aug 2025

https://github.com/ricco386/cyber502x-computer-forensics

RITx: CYBER502x Computer Forensics - Personal study notes

mooc security study-notes

Last synced: 17 Mar 2026

https://github.com/geniuszly/CVE-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/jwhitt3r/SIEMEz

A open-source Django Security Incident and Event Management System

django incident-response python python3 security siem

Last synced: 12 Jul 2025

https://github.com/hackardox/openv

openv a tool to automatically load secrets from .env files using 1password CLI under the hood

1password secrets security

Last synced: 29 Aug 2025

https://github.com/cwshugg/gurthang

[Masters Thesis] A connection-multiplexing web server fuzzing harness for AFL++.

afl aflplusplus fuzzing networking security systems-programming

Last synced: 19 Apr 2025

https://github.com/infineon/pkcs11-optiga-tpm

OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide

pkcs11 raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/authress/authress-local

Local running version of an Authorization API in a container

api authentication authorization authress container offline sdk security

Last synced: 13 May 2025

https://github.com/dzek69/html-safe-json

Small wrapper for JSON-stringify that makes result safe to embed directly into HTML `<script>` tag.

javascript json node security xss

Last synced: 22 Sep 2025

https://github.com/middlewares/recaptcha

PSR-15 middleware to use Google reCAPTCHA for spam prevention

http middleware prevention psr-15 recaptcha security

Last synced: 06 May 2025

https://github.com/ibreakthecloud/redactrus

Go package for redacting sensitive info in Logrus logs.

golang hacktoberfest logging logrus redact security

Last synced: 23 Mar 2025

https://github.com/t94j0/polymorphic_compression_malware

Warning, this is malware. Don't do something stupid with it

hacking malware security

Last synced: 07 Mar 2026

https://github.com/soufantech/arx

Arx is an access control library for Node.js apps, strongly focused on efficiency, type safety and overall composability.

access-control authorisation permissions policy security

Last synced: 12 Apr 2025

https://github.com/sattyamjjain/agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 194 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.

ai-agent ai-agent-security ai-safety ai-security claude-code github-action mcp mcp-security owasp sarif scanner security security-scanner static-analysis supply-chain-security tool-poisoning

Last synced: 23 May 2026

https://github.com/skyzyx/engineering-for-site-reliability

Overall map of topics to cover for my “Engineering for Site Reliability” blog series.

ci-cd cicd devops docker security site-reliability site-reliability-engineering sre terraform

Last synced: 25 Mar 2025

https://github.com/darwintantuco/eslint-plugin-require-form-method

Disallow form tags without explicit method attribute

eslint eslint-plugin eslintplugin security

Last synced: 24 Apr 2025

https://github.com/gentoo/gentoo-apparmor-profiles

[ORIGIN] AppArmor profiles just for Gentoo

apparmor hacktoberfest security

Last synced: 01 Feb 2026

https://github.com/bitdefender/hvmi-blog

A place where the HVMI team writes about memory introspection and other fun stuff.

hypervisor introspection reverse-engineering security virtualization virtualization-based-security

Last synced: 15 Apr 2025

https://github.com/sindecker/pentest-playbook

The Penetration Testing Playbook — Beginner to Intermediate Field Guide. 359 pages, 731 code examples, 37+ compliance frameworks. Read free on GitHub.

active-directory beginner bug-bounty burp-suite ctf cybersecurity ethical-hacking hacking infosec oscp oscp-prep owasp penetration-testing pentest red-team security security-tools web-security

Last synced: 18 Apr 2026

https://github.com/exabrial/javax-security-cdi-extension

A CDI Portable Extension for Java EE 7 (and maybe 8) that allows you to use @RolesAllowed on CDI Beans and their Methods

cdi cdi-extension interceptors java java-ee-7 role-based-access-control security

Last synced: 11 Jan 2026

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/arunanshub/pycryptor

Pure Python High Performance File Encryption Software

encryption encryption-tool file-vault locker security

Last synced: 22 Apr 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/mchmarny/sds-demo

Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain

demo devops gcp sds security supply-chain

Last synced: 05 Aug 2025

https://github.com/jul10l1r4/identificador-cve-2018-11759

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing

Last synced: 16 May 2025

https://github.com/lirantal/security-report

Report a security vulnerability

nodejs npm npx security

Last synced: 21 Apr 2025

https://github.com/jonzeolla/lab-wifisecurity

A lab illustrating how some basic wifi hacking tools work.

information-security infosec lab security wifi-security

Last synced: 13 May 2025

https://github.com/bongochong/waspscanner

A Basic Scanner for Vulnerabilities Related to HiddenWasp Malware on GNU/Linux

anti-malware bash hidden-wasp hiddenwasp script security shellscript

Last synced: 08 Apr 2025

https://github.com/tigera-solutions/cc-aks-zero-trust-workshop

In this AKS-focused security workshop, you will work with Calico and Microsoft Azure experts to learn how to implement zero-trust security for workloads to reduce the attack surface of applications running on AKS. This 90-minute hands-on lab comes with your own Calico Cloud environment and a sample app environment.

aks azure cc regismartins security workshop

Last synced: 10 Aug 2025

https://github.com/certwatch-app/cw-agent

SSL/TLS certificate monitoring agent for Kubernetes and on-prem infrastructure. Scan certificates, detect expiration, validate chains, and sync to CertWatch cloud.

certificate cli cloud-native devops golang kubernetes monitoring security sre ssl tls

Last synced: 13 Jan 2026

https://github.com/elnappo/bro-log-parser

Simple logfile parser for Bro IDS

bro bro-ids logfile-parser python3 security

Last synced: 09 Mar 2026

https://github.com/xkcoding/magic-starter-secure-demo

magic-starter-secure 极简的权限控制框架的 demo

demo jwt magic-starter security spring-boot-2 spring-boot-starter xkcoding

Last synced: 09 Mar 2026

https://github.com/homebrew/homebrew-brew-vulns

🔓 A Homebrew subcommand that checks installed packages for vulnerabilities

brew homebrew security vulnerability-scanners

Last synced: 05 Feb 2026

https://github.com/ebrasha/abdal-security-headers

Abdal Security Headers is a powerful WordPress plugin that enhances your website's security through HTTP security headers. It provides an easy-to-use interface for managing security policies and protecting against common web vulnerabilities.

abdal abdal-security-group ebrahim-shafiei ebrasha hsts security security-headers wordpress wordpress-plugin wp

Last synced: 26 Jan 2026

https://github.com/kolteq/validating-admission-policies-pss

Kubernetes Pod Security Standards implemented using Kubernetes Validating Admission Policies. Support of Enforce Baseline and Restricted profiles natively with configurable policy exclusions.

compliance kubeapt kubernetes pod-security pod-security-admission security validating-admission-policy

Last synced: 04 Feb 2026

https://github.com/z3ntl3/ddos-denier

DDOS-Denier is a tool designed to evaluate incoming server attacks based on CPU load and automatically take countermeasures. Intended for Cloudflare websites.

api bot cloudflare ddos security

Last synced: 16 Aug 2025

https://github.com/fivexl/terraform-aws-ssl-checker

Simple SSL check and expiring certificates reminder with additional DNS check and host availability check.

heartbleed lambda security ssl terraform terraform-module tls tls-certificate-checker tls-scan tls13

Last synced: 09 Apr 2025

https://github.com/volkansah/minigrex

MiniGreX will be designed with security in mind, and the code will be written to minimize the risk of SQL injection attacks and other security vulnerabilities. To ensure maximum security, we recommend keeping the CMS up-to-date with the latest security patches and using strong passwords for all user accounts.

authentication cms cms-backend cms-framework codeigniter content-management content-management-system hacker mariadb mysql php pod posgresql prepared-statements security security-audit security-tools user-interface usermanagement xss-filter

Last synced: 12 Apr 2025

https://github.com/sr-lab/pin-bank

Numeric PINs counted and sorted by frequency as they occur in the RockYou dataset.

analysis frequency list password pin security

Last synced: 03 Mar 2026