An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/abdullahkhawer/find-and-report-secrets-in-code

Security solution to find secrets in a git repository and report about them. It uses Gitleaks and some custom scripts to generate a JSON report for secrets found with only relevant information along with commit ids and commit authors. It can be used to update an Atlassian Confluence page and send an alert on Slack based on the findings.

atlassian-confluence bash confluence docker git github github-actions gitlab gitlab-ci gitleaks json linux macos python python3 secrets secrets-detection security shell slack

Last synced: 29 Oct 2025

https://github.com/chizhg/secureim

A secure Instant Message System.

python security socket

Last synced: 04 Apr 2025

https://github.com/j4n-e4t/deletr

Delete your online accounts with one click!

account-management hacktoberfest help-wanted privacy security

Last synced: 17 Jul 2025

https://github.com/hashgraph-online/hol-codex-plugin-scanner-action

Legacy compatibility GitHub Action slug for AI Plugin Scanner

codex github-action marketplace scanner security

Last synced: 17 Jun 2026

https://github.com/declan94/secret-share

A secret sharing tool based on Shamir's Secret Sharing algorithm implemented with pure Golang

golang secure secure-sharing security security-tools

Last synced: 17 Jan 2026

https://github.com/l4rm4nd/invoke-cis-benchmark-iis10

PowerShell Script to Automate CIS Benchmark Auditing for Microsoft IIS 10

auditing benchmark cis cis-benchmark controls hardening iis iis-server microsoft powershell security

Last synced: 01 Sep 2025

https://github.com/aerabi/hackdockerfest

Docker best practices created by the community

docker hacktoberfest security

Last synced: 10 Apr 2025

https://github.com/xxczaki/ing-autofill

[Works in 2024] Make password managers autofill work on the ING bank's website.

1password autofill bitwarden browser-extension chrome chrome-extension ing ing-bank masked-password password-manager security

Last synced: 11 Apr 2025

https://github.com/aghae/ejwt

Express JSON Web Token

express json json-web-token-express jwt security token

Last synced: 11 Jan 2026

https://github.com/cerbos/demo-python

Demo of using Cerbos with Python to check access to a holiday request system.

access-control cerbos policy python security

Last synced: 12 Apr 2025

https://github.com/tegridydev/multi-agent-secops-llm

This project is a multi-agent security framework that utilizes multiple LLM models to analyze and generate comprehensive security briefs.

ai llm local localllm ollama secops security

Last synced: 11 Jul 2025

https://github.com/thetallprogrammer/password-manager

Falkenberg's Password Manager is a secure, offline tool for managing and storing passwords locally. With strong encryption and customizable password generation, it ensures your data remains private and protected.

cpp cyber-security cybersecurity data-encryption gui-application local-storage offline-password-manager password-generator password-generator-cpp password-management password-manager password-security privacy qt qtcreator security software-security

Last synced: 29 Oct 2025

https://github.com/4thel00z/oneliners

Magic offsec/utility oneliners to make your red teaming/CTF/h4x0r life easier! 🤓

bash offsec oneline oneliner oneliners security sysadmin

Last synced: 30 Apr 2026

https://github.com/stormsinbrewing/savvy-devsecops

GitHub native DevSecOps CI/CD best practices include automated security testing, code analysis, and policy enforcement using GitHub Actions, coupled with secure IaC and container security measures. This entails managing secrets, enforcing access control, and implementing incident response and monitoring, all while fostering continuous learning.

aws build codeql dependab devops devsecops docker github github-actions kubernetes nodejs renovate sast security

Last synced: 01 Jun 2026

https://github.com/v-checha/openiframe

Build Iframe. Ignore X-Frame-Options, Content-Security-Policy, X-Content-Type-Options, X-Xss-Protection etc.

content-security-policy iframe iframe-api protection security security-policy x-content-security-policy x-content-type-options x-frame-options

Last synced: 13 Oct 2025

https://github.com/rayhanadev/replit-token-dump

Secrets that were found by the Replit Token Scanner are dumped here for revocation.

replit secret-scanning security

Last synced: 28 Jan 2026

https://github.com/appsechq/skill-scanner-test

Skill Scanner - An automated security scanning pipeline for AI agent SKILL.md and Agent plugins in popular public skills directories.

appsec security security-tools skills

Last synced: 04 Jun 2026

https://github.com/thresher-sh/thresher

OSS Projects are cool, vulnerabilities and threats arent. AI scan environment for scanning OSS projects for threats, malware, security issues.

ai ai-agents entropy malware malware-analysis scanning security supply-chain-security vulnerability

Last synced: 04 Apr 2026

https://github.com/petritbahtiri123/leakguard

Local-only Chrome extension that detects and redacts secrets before prompts are sent to AI chat tools.

ai browser-extension chatgpt chrome-extension dlp infosec privacy redaction security

Last synced: 10 May 2026

https://github.com/keywaysh/cli

Keyway CLI - Sync secrets with your team and infra

cli devtools secrets-management security

Last synced: 17 Mar 2026

https://github.com/radlab-dev-group/llm-router

LLM Router is a service that can be deployed on‑premises or in the cloud. It adds a layer between any application and the LLM provider. In real time it controls traffic, distributes a load among providers of a specific LLM, and enables analysis of outgoing requests from a security perspective (masking, anonymization, prohibited content).

automation cloud genai llm llm-balancing llm-gateway llm-gateway-system llm-router llm-router-models llm-router-plugins load-balancing local-llm local-llm-integration model-management on-prem pii prometheus rest-api security

Last synced: 14 May 2026

https://github.com/kukoboris/ubuntu-security-setup

Скрипт для автоматизированной настройки безопасности и оптимизации серверов Ubuntu

bash-script hardening security server-setup ubuntu

Last synced: 29 Apr 2026

https://github.com/e-zk/page

password manager using age for encryption

age encryption go password-manager secrets security

Last synced: 14 Jan 2026

https://github.com/koki-develop/aws-masking

🕶️ Enhance your security by auto-hiding sensitive information on AWS Management Console.

aws chrome-extension security

Last synced: 27 Oct 2025

https://github.com/sultaniman/allowed_hosts

Elixir plug to protect your APIs from Host header attacks

allowedhosts elixir header-attack plug security

Last synced: 04 Jun 2026

https://github.com/lemonyte/safe-exec

Deobfuscate and inspect code passed into exec() and eval()

cybersecurity deobfuscation deobfuscator eval exec malware-detection python security

Last synced: 12 Oct 2025

https://github.com/maldevel/misc

Miscellaneous scripts, code and other random stuff

hardening it linux miscellaneous security

Last synced: 16 Mar 2026

https://github.com/amkisko/grape_rails_logger.rb

Unified, Rails-compatible JSON request logging for Grape APIs with ActiveRecord timing, parameter filtering, and structured context.

activerecord grape logging monitoring rails security structured-logging

Last synced: 15 Apr 2026

https://github.com/fabianfrz/icaprb-server

An implementation of the ICAP server part in pure Ruby

content-adaptation icap icap-server proxy ruby security server

Last synced: 26 Oct 2025

https://github.com/wikid82/charon

A lightweight, user-friendly web interface for managing Caddy as a reverse proxy. It simplifies SSL management and host routing for self-hosters who want the power of Caddy without the manual configuration.

caddy crowdsec docker docker-compose homelab proxy-manager reverse-proxy security self-hosted sso tailscale waf web-ui

Last synced: 02 May 2026

https://github.com/elongl/ac

A game I researched, got arbitrary code execution on the game server.

code-execution exploitation security vulnerability

Last synced: 17 Oct 2025

https://github.com/danvixent/cryptany

A simple tool for encrypting/decrypting any sequence of bytes using a key

encryption golang security

Last synced: 08 Feb 2026

https://github.com/escoffier-labs/solos-cookbook

How one engineer runs a 24/7 multi-agent AI stack on bare metal. Opinionated. Dogfooded. Broken-and-fixed in production. Tested in service.

ai-agent best-practices devops hardening linux openclaw runbook security

Last synced: 11 Jun 2026

https://github.com/nckslvrmn/whisper

Simple service for one time secret (and file) sharing

aes-gcm-256 container cryptography docker encryption golang scrypt secret-management security

Last synced: 16 Mar 2026

https://github.com/bocaletto-luca/pysecscope

PySecScope Author: Bocaletto Luca PySecScope is a comprehensive Linux enumeration tool with a Tkinter-based graphical user interface. Inspired by LinEnum, this tool gathers system, user, network, and service information, along with detailed security checks, and generates reports in multiple formats (Text, JSON, CSV). English and Italian languages.

admin-tool bocaletto-luca information-services linenum-expired linux multilanguage network pysecscope python real-time reports scan-modules security security-tools system-tools tkinter

Last synced: 25 Oct 2025

https://github.com/raj-tyagi/nmap-ip-scanner-gui

This repository hosts Python code for an advanced IP scanning tool with a user-friendly graphical interface. Built using the nmap library, it provides efficient network scanning options including Ping Scan, Quick Scan, and Intense Scan, making it ideal for network administrators and cybersecurity professionals.

ip-address nmap python security tkinter

Last synced: 02 Mar 2026

https://github.com/pandarudra/ecrypto

Secure folder encryption with modern cryptography (XChaCha20-Poly1305 + Argon2id)

cli clitool decryption ecrypto encryption go golang security

Last synced: 21 Jan 2026

https://github.com/hammackj/kekkan

Kekkan is a parser for NIST Version 2 CVE and CPE XML files.

nvd2 ruby security xml-parser

Last synced: 17 Mar 2026

https://github.com/federicoceratto/nim-libu2f

FIDO U2F server-side and client-side library for Nim

authentication fido nim nim-lang security u2f

Last synced: 03 Oct 2025

https://github.com/reconmap/command-line-tools

Reconmap CLI and agent command line tools

cli golang hacking hacktoberfest pentesting security

Last synced: 28 Apr 2025

https://github.com/guardrailsio/docker-security-checker

Dockerized version of security-checker

devsecops php security security-tools

Last synced: 19 Apr 2025

https://github.com/andstor/verified-smart-contracts-audit

:bug: Verified smart contract dataset with vulnerability labeling

dataset ethereum etherscan huggingface language-modeling security smart-contracts text-generation

Last synced: 19 Sep 2025

https://github.com/the-viper-one/invoke-vncauth

PowerShell script to enumerate for and identify VNC servers that do not require authentication. Supports Active Directory target acquisition and CIDR notations.

hacking powershell security vnc

Last synced: 16 Mar 2026

https://github.com/atao/shodan2db

🔌 Shodan export to SQLite database and generate an HTML report.

analysis converter cve export osint python-class python3 report reporting security shodan shodan-python sqlite vulnerability

Last synced: 10 Jun 2025

https://github.com/shemul/dns-over-tls

A DNS over TLS proxy that accepts simple (conventional) DNS requests and proxy it to a DNS servers running with DNS over TLS (DoT)

dns dns-over-tls docker golang security

Last synced: 18 Jan 2026

https://github.com/fsmaxb/correcthorsebatterystaple

Create easy to remember passwords from a list of words. See XKCD 936.

correcthorsebatterystaple html javascript password-generator security

Last synced: 11 Apr 2025

https://github.com/rollerworks/split-token

Split Tokens: Token-Based Authentication Protocol without Side-Channels

authentication crypto php rollerworks security sodium split-token token

Last synced: 15 Apr 2025

https://github.com/php-casbin/medoo-adapter

Medoo Adapter for PHP-Casbin, Casbin is a powerful and efficient open-source access control library.

abac access-control acl casbin medoo permissions rbac restful security

Last synced: 12 May 2025

https://github.com/circl/odfcleaner

Python module to cleanup ODF files.

cleanup-odf-files odf odfcleaner security

Last synced: 07 Mar 2026

https://github.com/hiwepy/security-cas-spring-boot-starter

Spring Security 整合 Cas 登录

cas security spring-boot

Last synced: 16 Aug 2025

https://github.com/jcsec-security/smart-contract-audits

List of some of the published smart contract audits in which I have participated in the past.

audit security smart-contracts

Last synced: 07 Apr 2025

https://github.com/standardnotes/brakeman-action

Runs Brakeman against a repository's source code to find security vulnerabilities, using GitHub actions.

brakeman rails review ruby security static-code-analysis

Last synced: 25 Aug 2025

https://github.com/maandree/passcheck

Passphrase strength evaluator

password-checker security

Last synced: 24 Feb 2025

https://github.com/andrea11/openv

openv a tool to automatically load secrets from .env files using 1password CLI under the hood

1password secrets security

Last synced: 08 Aug 2025

https://github.com/jaayperez/keysoft

Crypto Js secure, dynamic password creator application that uses cryptographic algorithms with Node.js, Express 4, and Heroku cloud deployment.

crypto cryptographic-algorithms expressjs generator heroku nodejs password password-generator random-password security tool tools

Last synced: 23 Mar 2025

https://github.com/trishankatdatadog/tuf-on-a-plane

Allegedly, a minimal, Pythonic TUF client can be written on a long flight. This was written after that flight, but hey, it's a shot.

security tuf updates

Last synced: 14 Apr 2025

https://github.com/tijme/blog-v2

My blog about cyber security, hacking, software engineering and much more.

blog cyber hacking jekyll programming redteam security tiber

Last synced: 12 Aug 2025

https://github.com/pgilad/csp-builder

A builder tool to help generate Content Security Policies in a type-safe way

builder content-security-policy csp generator hacktoberfest pika security typescript web

Last synced: 08 Mar 2026

https://github.com/johnshajiang/pyssldemo

Simple demonstrations on Python ssl module

certificate python security ssl tls

Last synced: 02 Jul 2025

https://github.com/alisaduncan/angular-owasp-secure-coding

Code for Pluralsight course "Secure Coding with OWASP in Angular"

angular security

Last synced: 30 Oct 2025

https://github.com/mjmccans/docker-socket-proxy

Docker socket proxy using Nginx for security.

docker docker-compose proxy security

Last synced: 23 May 2026

https://github.com/gunjan5/shift-left-security

Shift Left ⬅️ (Preventive) Security 🔐 for Containers/Kubernetes 📦

ci ci-cd cloud containers devops kubernetes security security-tools

Last synced: 17 Aug 2025

https://github.com/devolvdev/devolv-actions

GitHub Action wrapper for Devolv — modular DevOps CLI for IAM drift detection, validation, and security.

aws cloud-automation compliance drift-detection github-actions iam-devsecops infrastructure policy-validation security

Last synced: 14 Jul 2025

https://github.com/hahwul/buildpack-zap-daemon

zap(zed attack proxy) daemon mode buildpack of heroku

bugbounty hacking heroku-buildpack security zap

Last synced: 19 Apr 2025

https://github.com/sgofferj/sipblocklist

List of IP addresses which attacked my SIP IP PBX in the last 30 days

blocklist blocklist-data firewall-rules security

Last synced: 09 Mar 2026

https://github.com/jonzeolla/lab-internetofinsecurity

An introductory lab to IOT device security.

information-security infosec iot iot-security lab security

Last synced: 09 Mar 2026

https://github.com/celenityy/better-vanadium

My recommendations for the ultimate configuration of the Vanadium web browser to maximize privacy, security, and usability. :)

ads android android-application anti-fingerprinting anti-tracking aosp aosp-android chromium chromium-browser divested grapheneos hardened hardening mulch privacy privacy-protection security security-hardening tracking vanadium

Last synced: 04 Aug 2025

https://github.com/youhaveme9/ctfinfo

Mobile app for CTF information, resources and updates, build in flutter

ctf dart flutter security

Last synced: 14 Sep 2025

https://github.com/zejiran/computational-infrastructure

Collection of projects made on a computational infrastructure course at Universidad de los Andes

clustering concurrency java security uniandes virtualization

Last synced: 15 Mar 2025

https://github.com/l0wk3y-iaan/hunting-with-l0wk3y

This repository documents my path from cybersecurity enthusiast to a skilled bug bounty hunter. Here, I share the tools, resources, techniques, and real-world insights I've gathered along the way, aimed at uncovering vulnerabilities and improving application security.

bounty bug-bounty bugbounty cheatsheet enumeration hacking methodology penetration-testing pentest redteam security vulnerability web-application web-penetration-testing

Last synced: 13 Sep 2025

https://github.com/anonvm/openvpn-installer

Automate your OpenVPN server setup on Debian, Ubuntu, Fedora, CentOS, or Arch Linux with this easy-to-use installer

almalinux anonymous arch-linux bulletproof centos debian encryption fedora installer linux network openvpn privacy security ubuntu vpn wireguard

Last synced: 08 Oct 2025

https://github.com/codingchili/sidechannel-timing-tool

Small tool for measuring system latency during string comparison.

network proof-of-concept security side-channel

Last synced: 06 Apr 2025

https://github.com/robertdebock/ansible-role-spamassassin

Install and configure spamassassin on your system.

ansible installer molecule package playbook security spamassassin tox

Last synced: 24 Apr 2025

https://github.com/travisty-/pscloudbleed

Cross references sites with a list of domains possibly affected by the 2017 "CloudBleed" HTTPS traffic leak.

cloudbleed cloudflare https powershell security

Last synced: 22 Jun 2025

https://github.com/jkawamoto/ambassadors

Yet another Ambassador pattern over SSH

ambassador connection docker secure security

Last synced: 15 Apr 2025

https://github.com/plabick/actions-secret-decoder

Decode secrets extracted with the GitHub Secret Extractor action

github-actions secrets security

Last synced: 31 Jul 2025

https://github.com/p0n1/curated-web3-security-feeds

RSS Aggregator for curated web3 security resources.

aggregator feeds security smart-contracts web3

Last synced: 10 Mar 2026