An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/aquasecurity/katacoda-scenarios

Katacoda scenarios for Aqua's open source projects

examples kubernetes security starbuard tracee trivy

Last synced: 13 Oct 2025

https://github.com/divinemonk/hackers_n_devs

Collective resources for HACKERS and DEVELOPERS

dev developer github github-repos hackers repo security

Last synced: 09 Oct 2025

https://github.com/viadee/secdevops

Security DevOps: Vollautomatisches Securitytesting in der Build Pipeline

ci do docker gradle java jenkins pipeline security security-devops security-tools

Last synced: 19 Apr 2026

https://github.com/hhruszka/secrethunter

secretshunter is a penetration testing tool that uses regular expressions to search a filesystem for secrets (logins, passwords, API keys, hashes, ssh keys etc.).

scaning secrets secrets-detection security

Last synced: 14 Jan 2026

https://github.com/macmod/bloodhelpers

A simple set of JQ scripts to gather important info from BloodHound dumps and store them in greppable CSV files.

active-directory bloodhound csv infosec jq script security security-tools

Last synced: 09 Feb 2026

https://github.com/soapbucket/mcptest

The test suite your MCP server is missing. Tool, resource, agent-loop, schema-drift, compliance, and security tests against any Model Context Protocol server, in CI on every commit. One YAML suite, deterministic cassette replay, multi-model comparison, and LLM-judge evals. Rust, Apache-2.0.

agent-testing ai-agents anthropic compliance conformance developer-tools evals llm llm-as-a-judge llm-as-a-jury llm-evaluation llm-testing mcp mcp-testing openai security test-automation testing

Last synced: 26 Jun 2026

https://github.com/aadrianleo/python-login-system

Login system application is use for login page for desktop application it registers the users id and password and use it for logging in to the system.

login python security

Last synced: 03 May 2026

https://github.com/lasseh/nginx-conf

Production-ready nginx configuration with HTTP/3, security hardening, and performance optimization. Enterprise-grade setup for modern web deployments.

api-gateway configuration devops docker http3 kubernetes nginx performance production reverse-proxy security server ssl sysadmin tls web-server

Last synced: 30 Jan 2026

https://github.com/grimdork/awsec

Store secrets in AWS Parameter Store.

aws cli cross-platform secrets security security-tools

Last synced: 01 Apr 2026

https://github.com/brandonfl/discord-virustotal-bot

Discord bot using VirusTotal API to check if the content of messages sent by discord users is safe

discord discord-bot security virustotal

Last synced: 17 Apr 2026

https://github.com/dineshkrishna9999/firsttoknow

🔔 Stop being the last to know. AI agent that tracks YOUR stack and briefs you like a CTO.

ai ai-agent automation cli cve-scanner developer-tools hacker-news llm npm pypi python security tech-news vulnerability-scanner

Last synced: 05 Apr 2026

https://github.com/luckman212/dstat

CLI tool to query the screen sleep or lock status

displays macos screen security shell-scripting utility

Last synced: 16 Oct 2025

https://github.com/wbnns/meng

Analyzes the security and potential risks of Ethereum tokens using the GoPlus Token Security API and Rug Pull Detection API

analysis base cryptocurrency due-diligence ethereum evm goplus op-stack risk security token tokenomics

Last synced: 27 Oct 2025

https://github.com/zj-dreamly/dreamly

java工具集合,整合了web开发常用组件

develop java jwt mail queue security springboot swagger tool

Last synced: 18 Feb 2026

https://github.com/jwplayer/github-vul

:octocat: Enable GitHub vulnerability alerts for all repositories

github security security-fix vulnerability-alerts vulnerability-management

Last synced: 24 Apr 2026

https://github.com/paratron/next-server-session

Functions to handle serverside session data and csrf tokens

csrf-tokens nextjs react security serverside-sessions session-lifetime

Last synced: 26 Feb 2026

https://github.com/junzhengca/gitscanner

Automatically clone and scan all public GitHub repositories for a given organization.

github hacking pentesting recon scanner security

Last synced: 21 Jan 2026

https://github.com/astrohelm/isolation

How often do you see libraries which mutates global variables. Or how often do you check libraries actions 🥸 ?This library prevents unexpected behavior and global pollution.

astrohelm container context dependency-injection isolation javascript loader nodejs pollution-control realm realms runner sandbox script script-loader security v8 vm wrapper zero-dependencies

Last synced: 09 Apr 2026

https://github.com/netcode/oauthgoat

Vulnerable dockerized environment designed to test OAuth vulnerabilities

oauth-client oauth2 oauth2-server security security-labs vulnerability

Last synced: 14 Feb 2026

https://github.com/fxboy/fanxing-security-spring-boot-starter

fanxing-security-spring-boot-starter 是 一个精简版的安全框架。它专注于权限校验与安全方面,并不考虑用户的登录状态,支持多角色多权限的权限校验,多个接口实现开发者自定义操作

authentication-tokenauthentication permission-verification security verification

Last synced: 24 Jan 2026

https://github.com/timgrossmann/securitycat

Conent and PoC of my security testing automation thesis

policy security security-rat security-tools thesis

Last synced: 16 Feb 2026

https://github.com/alvinwan/motiosecure

toy security platform with motion detection implementation for cheap, low-quality camera lens

desktop ios mac mobile motion-detection python security swift

Last synced: 01 May 2026

https://github.com/johnny-morrice/sensephreak

Sensephreak: Single-exe outgoing port block scanner for the web

golang network security

Last synced: 12 Oct 2025

https://github.com/dinanathdash/envault

Auditable .env secret manager featuring aggressive CLI safeguards and GitHub JIT access.

cli developer-tools devsecops dotenv jit-access secret-manager secrets-management security

Last synced: 20 Apr 2026

https://github.com/wgtechlabs/container-build-flow-action

Intelligent docker container build automation for modern development workflows.

docker ghcr security workflow-automation

Last synced: 28 Feb 2026

https://github.com/mozilla-services/audit-filter

Filter for npm audit results

audit npm security

Last synced: 11 Oct 2025

https://github.com/cy7su/cysu

Modern educational platform built with Flask, featuring enterprise-grade security, automated CI/CD, and beautiful Material Design UI. Deploy in 30 seconds with Docker or run locally with Python 3.11+.

authentication bootstrap ci-cd docker educational-platform enterprise-grade flask github-actions material-design modern-ui production-ready python python3 responsive-design security sqlalchemy sqlite telegrambot web-application

Last synced: 28 Feb 2026

https://github.com/joocer/fides

Fides - helping you keep secrets secret

action information-leakage passwords scanner security

Last synced: 12 Oct 2025

https://github.com/turbot/steampipe-mod-terraform-oci-compliance

Run compliance and security controls to detect Terraform OCI resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

compliance hacktoberfest oci oracle-cloud oracle-cloud-infrastructure powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 12 Feb 2026

https://github.com/chalbersma/manowar

Jellyfish opensourced, a tool for profiling servers.

security

Last synced: 22 Jan 2026

https://github.com/dredozubov/hazmat

macOS containment for AI agents — user isolation, kernel sandbox, pf firewall, DNS blocklist, backup/rollback. TLA+ verified.

ai-agents claude-code cli containment developer-tools formal-verification go macos pf-firewall sandbox seatbelt security tla-plus

Last synced: 10 Apr 2026

https://github.com/edunatalec/encrypt-env

Generate encrypted files to secure sensitive configuration data. Encrypt YAML files and streamline the protection of sensitive information in Flutter applications.

encryption environment security

Last synced: 23 Feb 2026

https://github.com/nystudio107/craft-twig-sandbox

Allows you to easily create a sandboxed Twig environment where you can control what tags, filters, functions, and object methods/properties are allowed

craftcms sandbox security twig

Last synced: 14 Jul 2025

https://github.com/protosec-research/tree-of-ast

Tree-of-AST: Python Security Analysis framework inspired by ToT (Tree-of-Thoughts) of Deliberate Code analysing states using ToT-based ways.

ai gpt-4 ml python security security-audit security-tools source-to-sink static-code-analysis tree-of-thoughts

Last synced: 04 Sep 2025

https://github.com/szgabsz91/oauth2-authorization-proxy-server-spring-boot

Library for easily securing REST API endpoints in a Spring Boot applications using the reactive Spring WebFlux stack

facebook google oauth2 security spring-boot

Last synced: 20 Feb 2026

https://github.com/spy86/owaspwebapplicationsecuritytestingchecklist

🛡️📝 OWASP Web Application Security Testing Checklist

application application-security checklist owasp security testing

Last synced: 11 Feb 2026

https://github.com/krishkumar/agentguard

Work safely with AI agents like Claude Code, Cursor, Kiro

agents ai-safety claude cli developer-tools kiro kiro-cli kiroween security

Last synced: 20 Jan 2026

https://github.com/grapheneos-archive/kernel_google_crosshatch_drivers_staging_qcacld-3.0

Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL Wi-Fi kernel driver sources.

android grapheneos security

Last synced: 04 Oct 2025

https://github.com/sjinks/ww-hide-wplogin

A WordPress plugin to hide wp-login.php and use a custom URL for logging in.

login plugin security wordpress wordpress-plugin

Last synced: 15 Oct 2025

https://github.com/hamidurrahman1/news-portal

A RESTful Webservice built with Spring Boot, Spring Security, Spring AOP, and H2. This is also for learning and practicing purposes only.

h2-database rest-api security spring-aop spring-boot spring-security

Last synced: 10 Aug 2025

https://github.com/mugomes/miantivirus

MiAntivirus is a graphical interface for ClamAV that allows you to scan your computer for viruses and easily update the virus definition database through a user-friendly interface.

antivirus clamav frontend fyne go golang linux security ubuntu

Last synced: 14 Feb 2026

https://github.com/seatonjiang/narsil-rockylinux

Security hardening tool for Rocky Linux

hardening rockylinux security

Last synced: 13 Apr 2025

https://github.com/yowainwright/intrinsic-dependencies

a simple utility ensuring invisible but required node dependencies aren't removed

ci dependencies performance security

Last synced: 22 Apr 2025

https://github.com/vt-alt/tripso

Трансляция меток безопасности CIPSO и ГОСТ Р 58256-2018 (RFC 1108 Astra)

cipso gost-58256-2018 ipso iptables kernel-module rfc1108 security

Last synced: 07 Apr 2025

https://github.com/solentlabs/har-capture

Capture and sanitize HAR (HTTP Archive) files with deep PII removal. Perfect for support diagnostics, security reviews, and test fixtures.

bug-reports devtools har http-archive pii playwright privacy python sanitization security support-tools zero-dependencies

Last synced: 02 Apr 2026

https://github.com/oqullcan/berry-privacy

BERRY-privacy is a PowerShell script designed to enhance your privacy by blocking telemetry fields and IP addresses.

automation firewall hosts network-security powershell privacy privacy-protection script security telemetry-blocking windows

Last synced: 15 Apr 2025

https://github.com/sylvainmouquet/pydantic2-settings-vault

A Pydantic v2 settings extension for secure configuration management using HashiCorp Vault OpenSource (OSS) and Enterprise

configuration enterprise hashicorp opensource pydantic python secrets-management security settings vault

Last synced: 02 Aug 2025

https://github.com/architecpoint/plesk-scripts

Standalone automation scripts for Plesk server management (Windows & Linux) — MySQL backups, WordPress cleanup, malware scanning, PCI-DSS header checks, and more. Self-updating bash scripts with PID locking and detailed logging.

automation backup bash linux malware-scanner mysql pci-dss plesk security shell-script windows wordpress

Last synced: 22 Jun 2026

https://github.com/alexrasch/virustotal-desktop-widget

VirusTotal Desktop Widget: A VirusTotal desktop widget for Windows that performs file scans and displays system information such as RAM and CPU usage. Note: An API key is required to use the VirusTotal API.

api desktop desktop-app dotnet-core security virustotal virustotal-api windowsforms

Last synced: 04 Jan 2026

https://github.com/chonkie-inc/littrs

🏖️🛡️ Keep your LLM's 💩 code where it belongs — in a sandbox.

ai-agents bytecode llm pyo3 python rust sandbox security tool-use wasm

Last synced: 10 Mar 2026

https://github.com/davidmoremad/azure-security-templates

Useful templates of security policies, roles and runbooks to protect your Azure account

azure cloud-security security

Last synced: 24 Sep 2025

https://github.com/jfagoagas/kms-helper

Tool to encrypt/decrypt using AWS KMS with ease

aws hacktoberfest kms security

Last synced: 17 May 2026

https://github.com/kulkansecurity/mindthegap

A Python-based tool specifically designed for users to identify the "patch gap" in their Ubuntu release - the delay between the disclosure of a vulnerability and the patch release. By querying Ubuntu's CVE system, it provides a clearer picture of the current security standing of different Ubuntu versions.

cve patchgap security ubuntu

Last synced: 14 Mar 2025

https://github.com/influxdata/sedg

Tools for tracking security issues flexibly in version control

cve-tracking cve-triage security vulnerability-tracking

Last synced: 03 Feb 2026

https://github.com/artem-smotrakov/ql-fun

Examples of vulnerable code that can be detected by CodeQL queries.

codeql security semmle-ql

Last synced: 22 Apr 2025

https://github.com/masenf/tox-pin-deps

Run tox environments with strictly pinned dependencies (and no project or code changes).

python security testing tox

Last synced: 13 Mar 2025

https://github.com/lycanthropy3301/syncseed

An open-source, secure authentication module built using python. Uses a challenge-response system to authenticate users.

authentication contributions-welcome module open-source pip python python3 security

Last synced: 09 Apr 2026

https://github.com/raisiqueira/secure-nextjs-app

Demo of a secure Next.js application

frontend-security nextjs nextjs14 security

Last synced: 14 Feb 2026

https://github.com/debricked/vs-code-extension

A Visual Studio Code extension that integrates the Debricked CLI to provide security vulnerability scanning and license compliance directly within the editor.

auditing compliance dependency license productivity risk-mitigation scan security vulnerability-scanners

Last synced: 27 Jul 2025

https://github.com/vschwaberow/npwg

A Secure Password Generator Written in Rust

cryptography first-timers password password-generator security security-tools

Last synced: 03 Jan 2026

https://github.com/houseos/secure_control_protocol

Dart library for the secure-control-protocol

chacha20-poly1305 dart home-automation iot open-source security

Last synced: 26 Jul 2025

https://github.com/Otsmane-Ahmed/KEIP

Kernel-Enforced Install-Time Policies (KEIP): An eBPF/LSM based security tool that detects and blocks malicious network activity during pip install.Kernel-Enforced Install-Time Policies (KEIP): An eBPF/LSM based security tool that detects and blocks malicious network activity during pip install

cybersecurity ebpf linux lsm malware-analysis python security supply-chain-security

Last synced: 07 Apr 2026

https://github.com/docker/portcullis

A tiny Go library to detect and redact API tokens, cloud credentials, and other secret material in arbitrary text.

ai secrets-detection security

Last synced: 23 May 2026

https://github.com/hamedstack/hamedstack.aspnetcore.security

Enhance ASP.NET Core applications with a comprehensive security library, packed with essential utilities, dynamic permissions, API key management, and more.

apikey apikey-authentication asp-net-core aspnet-core aspnetcore authentication authorization csharp csharp-library dotnet dotnet-core dotnetcore dynamic-permission dynamic-permissions privacy privilege security utilities utility utility-library

Last synced: 15 Apr 2025

https://github.com/robertdebock/ansible-role-collectd

Install and configure collectd on your system.

ansible collectd molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/jonaslejon/apt10

APT / Cloud Hopper Yara rules

malware malware-analysis security security-incidents

Last synced: 25 Jan 2026

https://github.com/jkribeiro/drupal-composer-paranoia-acquia

Experimental Composer plugin to improve the security of composer-based Drupal projects by moving all PHP files out of docroot for Acquia environments.

composer drupal drupal-8 security

Last synced: 23 Jun 2025

https://github.com/hockeyinjune/check-security

checksec for Windows

security verification windows

Last synced: 18 May 2026

https://github.com/thedoggybrad/vt_web_check

(A REVERSE ENGINEERING) It allows you to check the security of a website. NO API keys are used in this project.

antivirus av-vendors google reverse-engineering safety security virustotal vt vtapi website

Last synced: 05 Jan 2026

https://github.com/ollionorg/automated-azure-sandbox-setup

🚀 Automate your Azure sandbox environments effortlessly! This repo provides tools for setting up and tearing down Azure sandboxes using GitHub Actions, ensuring efficient resource utilization and cost management. Perfect for PoCs, interviews, workshops, and more! 🛠️⏲️💡

azure cloud-playground cloud-security playground sandbox security

Last synced: 14 Apr 2025

https://github.com/bnomei/kirby3-htmlpurifier

Static class method, Uniform-Guard and Field-Method to filter your "dirty" HTML inputs to "clean" HTML.

filter form headless html htmlawed input kirby3 kirby3-cms kirby3-plugin kql kses safe sanitize security striptags submit uniform xss

Last synced: 13 Mar 2025

https://github.com/lazorfuzz/eye-of-providence

A web app made with react, redux, redux-saga, and bundled with webpack. Served on Express and stores data with neDB. Displays a grid list of cams found with the Shodan API.

api express iot nedb react redux redux-saga security shodan

Last synced: 08 Apr 2026

https://github.com/silinternational/ssp-base

Base Docker image for simpleSAMLphp

hub idp security simplesamlphp

Last synced: 05 Jul 2025

https://github.com/nouralmulhem/cipher-sphere

🕵️‍♀️ an implementation of the Dell Hackathon game steganography

deep-learning eagles foxes machine-learning problem-solving riddles security staganography trigger-word-detection

Last synced: 12 May 2025

https://github.com/marcjulian/pyoram

Crypto tool written in python which stores files on a cloud storage and disguises the access of the files

cloud-storage oram privacy python security

Last synced: 31 Mar 2025

https://github.com/pushkar-anand/folder-encrypter

Encrypts your Folders

encryption security

Last synced: 09 Sep 2025

https://github.com/skorotkiewicz/is-password-secure

Check password security using Ollama API

ai ollama password safety security typescript

Last synced: 23 Jul 2025

https://github.com/geolffreym/jwtauth

Django JWT auth middleware

api django jwt jwt-authentication python python-3 security

Last synced: 17 May 2026

https://github.com/cihatsolak/netcore-security

How we take precautions against attacks from malicious users is exemplified. Net core projects have default security measures. We can use the IDataprotector interface to encrypt data. We must also be protected against xss attacks such as Reflected or Stored. For this, we must pay attention to the use of Html.Raw().

cors cross-site-scripting dataprotection hsts https-client ipcontrol secret-management security

Last synced: 20 Jul 2025

https://github.com/nozaq/terraform-aws-parked-domain-baseline

A terraform module to set up DNS records to harden the parked(unused) domain using AWS Route53.

aws devops dns domain email-security hardening security security-hardening terraform terraform-module

Last synced: 17 Jul 2025

https://github.com/isovalent/cilium-up-and-running

This repository contains manifests, scripts, and configurations referenced in the O'Reilly book Cilium Up and Running. These resources are intended to help readers experiment with Cilium features, reproduce demonstrations, and deepen their understanding of Kubernetes networking, security, and observability.

cilium ebpf kubernetes networking observability security

Last synced: 17 Jul 2025

https://github.com/destan0098/ipshow

This tool checks and show domains IP to you

ip security security-tools tcp-ip

Last synced: 03 Mar 2025

https://github.com/eriksjolund/empty-argv-segfault-check

Test if an executable segfaults when started with an empty argv. The script may be used as a vulnerability-scanner to find setuid executables having buggy code (but it will probably not find any direct security vulnerabilities).

security segfault setuid vulnerability-scanners

Last synced: 06 Apr 2025

https://github.com/kkernick/antimony

Sandbox Applications

bubblewrap linux sandbox seccomp security

Last synced: 02 Jul 2026

https://github.com/kicksecure/apparmor-profile-thunderbird

AppArmor profile for Thunderbird - https://www.kicksecure.com/wiki/AppArmor - for better security (hardening).

apparmor debian security thunderbird

Last synced: 19 Apr 2025

https://github.com/dedene/claw-wrap

A secure credential proxy for CLI tools. Executes tools with secrets on behalf of sandboxed processes - credentials never enter the sandbox.

cli openclaw proxy security

Last synced: 21 Feb 2026