An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/hcl-tech-software/appscan-gocd-plugin

Plugin for integrating HCL AppScan on Cloud (ASoC) scanning into GoCD pipelines

appscan security

Last synced: 28 Jan 2026

https://github.com/yasindce1998/barzakh

A controlled, white-hat UEFI bootkit simulation environment for academic research and defensive detection engineering.

bootkit c defensive-security kernel kernel-module malware offensive-security python rootkit security uefi uefi-boot uefi-development

Last synced: 21 Jun 2026

https://github.com/gyulyvgc/crosswall

Cross-platform interface to built-in firewalls

firewall firewall-management network-programming networking rust security

Last synced: 01 Mar 2026

https://github.com/sqreen/devise_sqreener_tutorial

A tutorial for helping filter potentially malicious users from signing up for your Rails app.

devise rails security sqreen tutorial

Last synced: 12 May 2026

https://github.com/mitre/chef-cis-tomcat-hardening

(WIP) Chef recipe for hardening tomcat 8 to the CIS Tomcat Benchmark v1.0.1

chef hardening inspec mitre-corporation mitre-inspec mitre-saf security test-kitchen tomcat8

Last synced: 10 Jun 2026

https://github.com/turbot/flowpipe-mod-uptimerobot

UptimeRobot pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect UptimeRobot to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code orchestration pipelines security uptimerobot uptimerobot-api workflow workflow-automation workflow-engine

Last synced: 28 Feb 2026

https://github.com/braedon/kong-log-bridge

Transform Kong request logs and forward them to Elasticsearch.

elasticsearch kong logging privacy security

Last synced: 11 May 2026

https://github.com/target/strelka-docs

Autodocumentation for the Strelka System

cfc detection mkdocs mkdocs-material security target-cfc

Last synced: 28 Feb 2026

https://github.com/faryon93/swarmprom

Secure way to expose Prometheus HTTP handler in an Docker Swarm environment.

docker go metric prometheus security swarm

Last synced: 10 May 2026

https://github.com/matanryngler/deployshield

Claude Code plugin — production safety guardrails that block write/mutating operations on cloud, database, IaC, and deployment CLIs

aws claude-code claude-code-plugin cloud-safety guardrails kubernetes security terraform

Last synced: 17 Feb 2026

https://github.com/ugiordan/architecture-analyzer

Static analysis tool that extracts architecture data from Kubernetes repos, builds multi-language code property graphs (Go, Python, TS, Rust), and runs security/architecture queries with taint analysis

architecture code-property-graph golang kubernetes python sarif sbom security static-analysis

Last synced: 20 Jun 2026

https://github.com/jnm2/threshold

Paper backup requiring a chosen K of N pieces to decrypt. Useful for storing passwords, private keys for PGP or Bitcoin, recovery codes, secret instructions, and small files. Work in progress.

backup bitcoin cross-platform cryptography csharp digital dotnet-core encrypt paper password pgp print private-key redundancy secret-sharing security shamir threshold wallet

Last synced: 10 May 2026

https://github.com/sandy-sp/metadata-cleaner

Metadata Cleaner – A CLI tool to remove metadata from images, PDFs, DOCX, audio, and video files. Privacy-focused, fast, and open-source. Supports batch processing & standalone executables.

cli file-cleaner metadata metadata-removal open-source privacy python security

Last synced: 10 May 2026

https://github.com/macmod/cloudpersist

A collection of simple scripts to achieve persistence quick in cloud environments without generating too much noise.

aws azure cloud gcp infosec pentest persistence post-exploitation redteam security

Last synced: 09 May 2026

https://github.com/apolopena/yubikey-wsl-guides

Guides for successfully using YubiKey in WSL2 workflows

aiworkflows bots development documentation github linux macos opengpg piv security ssh windows wsl yubikey

Last synced: 28 Feb 2026

https://github.com/jerry-felipe/integrated-physical-security

Un Sistema de Seguridad Física Integral combina medidas como control de accesos, videovigilancia, alarmas, protección contra incendios, y personal de seguridad para proteger personas, bienes e instalaciones. Su objetivo es prevenir intrusiones y garantizar una respuesta rápida ante emergencias.

integrated physical security

Last synced: 11 Feb 2026

https://github.com/danielemery/keys

Static web app acting as a source of truth for public ssh keys, known hosts and pgp keys

keys security ssh

Last synced: 28 Feb 2026

https://github.com/fuko2935/gitglow

Premium AI-Powered Git & PR Automation CLI. Automates conventional commits, Pull Request summaries, and pre-commit security credentials scans.

ai cli conventional-commits git github-actions openai pull-request security typescript vitest

Last synced: 18 Jun 2026

https://github.com/n1k0r/xnf

XDP-based Network Filter

ebpf firewall linux network rust security xdp

Last synced: 09 May 2026

https://github.com/m3ssap0/wordpress_cve-2018-6389

Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.

cve-2018-6389 exploit security security-tools vulnerability vulnerability-scanners wordpress

Last synced: 08 May 2026

https://github.com/master-hax/compose-cloudhole

a multi-container application to run pi-hole with cloudflared DNS-over-HTTPS as the upstream resolver

ad-block ad-blocker dns dns-over-https dns-server dnsmasq docker docker-compose pi-hole pihole privacy security

Last synced: 08 May 2026

https://github.com/0xedward/neuralyzer

Chrome extension that wipes your sensitive data on the tab you are currently on

browser-extension chrome-extension chromium cookies fingerprinting javascript privacy security

Last synced: 07 May 2026

https://github.com/lp1dev/tinted-glass-webcam-notifier

Tinted glass notifies you whenever a software uses the webcam(s) on your computer

notifications notifier security webcam

Last synced: 17 Jun 2026

https://github.com/anthonyharrison/sbomdebt

Determine the technical debt for a Software Bill of Materials (SBOM)

cyclonedx devsecops sbom sbom-tool security spdx technical-debt

Last synced: 02 Feb 2026

https://github.com/authzed/multi-app-demo

A demo of a distributed centralized authorization system powered by SpiceDB across 3 apps: Email, Docs and Groups

authorization distributed-systems security spicedb zanzibar

Last synced: 23 Oct 2025

https://github.com/davidzajac1/iamscan

Checks code for needed AWS IAM Privileges

aws iam javascript python security shell-scripting

Last synced: 06 May 2026

https://github.com/turbot/flowpipe-mod-gcp

GCP pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect GCP to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod gcloud gcloud-cli gcp hacktoberfest integrations low-code orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 25 Feb 2026

https://github.com/kurtbuilds/simple2fa

Simple2FA is a simple and fast library to easily add two-factor authentication to your app. Bindings in Rust, Python, and Node.

2fa nodejs python rust security

Last synced: 05 May 2026

https://github.com/abeltavares/stocktracker

A Django-based web application for real-time stock tracking which uses a PostgreSQL database.

api authentication authorization backend backend-development database devops django finance finnhub python real-time security stock web-development

Last synced: 04 May 2026

https://github.com/meysam81/go-auth

Production-ready authentication library for Go with Basic Auth, JWT, WebAuthn/Passkeys, TOTP 2FA, and OAuth2/OIDC SSO (Google, GitHub, Microsoft, and 7+ providers). Storage-agnostic, framework-agnostic, SOC2/GDPR compliant audit logging.

audit-logging auth-library authentication bcrypt compliance golang golang-authentication golang-library jwt middleware oauth2 oidc passkeys passwordless security session-management sso totp two-factor-authentication webauthn

Last synced: 01 Mar 2026

https://github.com/andifalk/spring-security-ldap-demo

Demo for authenticating users with Spring Security and LDAP

authentication ldap ldap-server security spring-boot spring-data-ldap spring-security

Last synced: 16 Apr 2026

https://github.com/sarvsav/devsecops-with-docker-and-k8s

This repository will contain the material for training course on devsecops with docker 🐳 and k8s ☸️

devops docker golang k8s kubernetes security

Last synced: 04 May 2026

https://github.com/turbot/steampipe-plugin-duo

Use SQL to instantly query Duo resources. Open source CLI. No DB required.

backup etl hacktoberfest postgresql postgresql-fdw security sql sqlite steampipe steampipe-plugin zero-etl

Last synced: 03 May 2026

https://github.com/eaceto/swiftysimplekeychain

A wrapper (written only in Swift) to make it really easy to deal with iOS, macOS, watchOS and Linux Keychain and store your user's credentials securely.

ios linux macos security swift swift5 watchos

Last synced: 03 May 2026

https://github.com/gusenov/nist-sp-800-95-web-portals

Требования стандарта NIST 800-95 к обеспечению безопасности web-порталов.

identity-provider information-security nist saml security service-provider soa sso web-portal ws-security

Last synced: 19 Mar 2026

https://github.com/alessiomaffeis/scanx

ScanX (Scanner for OS X) is a Cocoa framework for automating static analysis and evaluation workflows

analysis assessment automated-analysis evaluation framework macos scanning security

Last synced: 03 May 2026

https://github.com/piecioshka/warsawjs-workshop-40-security

⛩️ WarsawJS Workshop #40 — 🔐Security

security warsawjs workshop

Last synced: 03 Mar 2026

https://github.com/davidyen1124/totp-website

🔐 A completely over-engineered React playground for generating 6-digit numbers every 30 seconds. Because apparently we need 47 dependencies to count to 6. Features: TOTP generation, QR codes, and existential dread.

authentication demo javascript over-engineered playground qr-code react security tailwindcss time-based-otp totp two-factor-auth vite web-development

Last synced: 02 May 2026

https://github.com/jokk-itu/authserver-framework

The AuthServer IdP framework. OAuth and OIDC at scale, secure by default.

csharp dotnet identity idp jwt oauth2 oidc openid openid-connect openidconnect security

Last synced: 16 Jun 2026

https://github.com/protdos/privatechatold

A highly secure end-to-end encrypted chat for everyone that has higher security standards than military

anonymity anonymous chat encryption kivy privacy private-chat python python3 security socket tor tor-browser whatsapp

Last synced: 16 Apr 2026

https://github.com/escape-technologies/escape-rules

A community-driven list of custom Escape rules. Test your API security with rules that automatically adapt for you.

api-security api-security-testing escape-custom-rules-templates escape-rules security vulnerability-detection

Last synced: 19 Mar 2026

https://github.com/0xyg3n/claude-c2

AI-Powered Command & Control Framework using Claude's Model Context Protocol (MCP)

c2 claude command-and-control implant mcp offensive-security penetration-testing rat red-team security

Last synced: 16 Apr 2026

https://github.com/embetrix/satobox

Satobox is an open-source Yocto-based, privacy-focused and secure bitcoin full node solution designed for embedded linux devices.

anonymity bitcoin bitcoin-node bitcoin-wallet cryptocurrency cryptography embedded hardware-wallet linux raspberry-pi security toronionproxy wallets yocto yocto-layer

Last synced: 18 Apr 2026

https://github.com/sakiib/integrate-vault-with-microservices-in-k8s

This project aims at demonstrating & providing a guideline on using Vault to manage DB credentials for microservices in K8s.

database dynamiccredential kubernetes microservices security vault

Last synced: 01 May 2026

https://github.com/print3m/securitree

https://securitree.xyz - deep dive into cybersec with well-structured notes.

ad-security cheatsheet cybersecurity cybersecurity-education guidebook it-security notes pentesting red-team security tree-structure

Last synced: 23 Jan 2026

https://github.com/aliasgarsogiawala/chatgpt-lock

A Chrome extension that locks individual ChatGPT chats with unique passwords. Built with Manifest V3, Vercel Serverless API, and MongoDB Atlas for cloud-based sync and security.

browser-extension chat-locker chatgpt chrom-extension cloud-sync javascript manifest-v3 mongodb openai password-protection security serverless vercel

Last synced: 01 May 2026

https://github.com/sailreal/wipey

Android app for wiping data or reboot after x failed logins

android-application security wipe-files

Last synced: 01 May 2026

https://github.com/zcloud-ws/secure-templates

Secure Templates is a tool to render templates using go-templates and load data values from secrets engine.

secret secrets security security-tools template templates

Last synced: 04 Mar 2026

https://github.com/presidentbeef/rails-security-history

History of security in the Ruby on Rails web framework

rails ruby ruby-on-rails security

Last synced: 30 Apr 2026

https://github.com/mpdenisov/laravel_admin_module

Rhinoda Admin Module. Role management and creating CRUD controllers

admin-panel auth crud laravel-5-package laravel-framework permissions security

Last synced: 12 Feb 2026

https://github.com/blaumaus/writing-secure-javascript

A presentation that covers common and uncommon security vulnerabilities in JS, their real life & code examples and prevention techniques

hacking javascript security

Last synced: 10 Feb 2026

https://github.com/spirizeon/nixos-maxxing

Config using dendritic patterns with security hardening, NVIDIA GPU support, and a customized desktop environment.

modularization nixos nvidia-gpu security

Last synced: 02 May 2026

https://github.com/michaelborn/passifier

A CFML wrapper for the ZXCVBN4J library to calculate password strength

cfml coldbox-modules passwords security

Last synced: 04 Mar 2026

https://github.com/mohammedmehdio/caesarjaw

CaesearJaw 🔐 is a Caesar Cipher Bash Script that allows you to encrypt, decrypt, find a shift key, and brute-force decrypt a given text using the Caesar Cipher.

bash bash-script caesar caesar-cipher caesar-cipher-algorithm communication cryptography cyber-security cybersecurity hacking hacking-tool key security tool tools

Last synced: 29 Apr 2026

https://github.com/d4rklynk/pyfo

PYFO (Put Your Fedora On) is a post-install script for upstream version of fedora

fedora fedora-workstation hardened-malloc kernel-hardening linux-hardened post-install post-installation security setup

Last synced: 04 Mar 2026

https://github.com/euginfrancis/esp32_jwt_auth

A library for implementing JSON Web Token (JWT) authentication on the ESP32 microcontroller. This project enables secure user authentication for IoT applications, offering easy integration, robust JWT handling, and support for secure data transmission.

authentication-protocols cross-platform-compatibility esp-idf-framework esp32 iot jwt open-source-contribution real-world-use-cases security tutorial-and-learning-resource

Last synced: 29 Apr 2026

https://github.com/erikyo/browser-test

A JavaScript script to perform basic browser security checks.

browser security security-tools

Last synced: 25 Jun 2026

https://github.com/superagent-ai/brin-github

A GitHub App that automatically scans pull requests for security threats and evaluates contributor trust profiles

agents contributor-security llm-security prompt-injection security

Last synced: 28 Apr 2026

https://github.com/chocholl/xdp_furpf

Pretty fast XDP-based URPF implementation that leverages hierarchical data structures to perform high-speed packet filtering with rate limiting support.

arp-poisoning arp-spoofing cloud-networking ebpf kernel ndp-poisoning ndp-spoofing network-policy networking rate-limiting security spoofing-attack urpf virtual-machine xdp

Last synced: 01 Apr 2026

https://github.com/ohemilyy/lunarshell

A modern, elegant, and secure shell environment that transforms your Linux terminal experience with smart configurations, enhanced security, and beautiful customizations. Powered by Starship prompt and compatible with Ubuntu, Enterprise Linux, and Arch Linux.

linux optimized optimized-shell security shell shell-script shelll starship

Last synced: 28 Apr 2026

https://github.com/tomsegura2/folder-firewall-blocker

Blocks all filetypes in folders from accessing the internet on Windows

desktop-app firewall network-control privacy pyqt python sandbox security windows

Last synced: 08 Jun 2026

https://github.com/arpahls/gatekeeper

Mission-critical access gatekeeper using face verification and emotion-risk policy checks.

access-control arpa biometrics deepface emotion-analysis face-verification mission-critical opencv python security tensorflow

Last synced: 08 Jun 2026

https://github.com/copyleftdev/copyleftdev

Systems-level software engineer building security tools, developer infrastructure, and AI-native systems in Rust, Go, and Zig. 560+ open source repositories.

ai-tools cli developer-tools devtools distributed-systems golang mcp model-context-protocol nim offensive-security open-source osint python red-team rust security systems-programming typescript web-fuzzer zig

Last synced: 04 Mar 2026

https://github.com/a3020/composer_security

concrete5 package (8.1+) that installs a job to automatically check your composer.json file(s!) for vulnerabilities

add-on composer concrete5 security

Last synced: 14 Jun 2026

https://github.com/dkosmari/lssecrets

Show the contents of the secret keyring.

cpp cpp20 glibmm keyring libsecret linux secret-service security utility

Last synced: 28 Apr 2026

https://github.com/raghavagps/guidewd

GuideWD: Guide for web development

security sitemap sitemap-generator webserver

Last synced: 28 Jun 2026

https://github.com/thepredictivedev/biopaywebapp

Minimal biometric payment web app prototype with basic HTML front end.

authentication biometrics html payments security webapp

Last synced: 10 Feb 2026

https://github.com/nealrs/pwned

An Alexa Skill that checks your Amazon email against the HaveIBeenPwned database

alexa-skills-kit flask infosec python security

Last synced: 16 Apr 2026

https://github.com/speakeasy-sdks/symops-go

A Go SDK for accessing the Symops API

authorisation iac infrastructure production-code security sym symops

Last synced: 19 Mar 2026

https://github.com/ldclakmal/ballerina-oauth1.0a

Ballerina OAuth1.0a is an RFC 5849 standards-compliant library for Ballerina.

authorization ballerina ballerina-lang oauth oauth1 oauth1a security swan-lake

Last synced: 12 Feb 2026

https://github.com/johnnyshankman/npm-compromise-scanner

Scan a directory tree for npm packages compromised in a supply-chain incident, given a CSV of affected packages.

cli dependency-scanner malware-detection nodejs npm security security-tools shai-hulud supply-chain-attack supply-chain-security

Last synced: 02 Jun 2026

https://github.com/manfred-mueller/unblockfile

UnblockFile is a simple app to unblock files that have been downloaded from the Internet. It can be registered to the context menu of files or folders in the windows™ explorer®. It has been written with the help of ChatGPT™.

chatgpt explorer filemanager security windows

Last synced: 16 Apr 2026

https://github.com/desmondsanctity/cve-2022-2274

OpenSSL-src Heap Memory Corruption with RSA Private Key Operation : CVE-2022-2274

advisory security vulnerabilities vulnerability-assessment

Last synced: 19 Mar 2026

https://github.com/liberxue/wis

《 What Is Security》 Software reverse engineering is the best way to learn architecture and design

security wechat

Last synced: 19 Mar 2026

https://github.com/turbot/flowpipe-mod-aws-cis

Run pipelines to detect and correct AWS resources that are non-compliant with CIS benchmarks.

aws cis compliance flowpipe flowpipe-mod low-code security

Last synced: 16 Apr 2026

https://github.com/aaron3312/proyectodronunity

🚁Security multi-agent system simulating prison surveillance with autonomous drones, cameras & guards. Features real-time monitoring, threat detection & automated response capabilities.

alerts cameras detection drones flask modeling monitoring multiagent patrolling python security simulation surveillance tc2008b unity yolov5 yolov8

Last synced: 13 Feb 2026

https://github.com/turbot/flowpipe-mod-urlscan

URLScan.io pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect URLScan.io to the people, systems and data that matters.

automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code orchestration pipelines security urlscan urlscan-api urlscan-io workflow workflow-automation workflow-engine

Last synced: 19 Mar 2026

https://github.com/turbot/flowpipe-mod-abuseipdb

AbuseIPDB pipeline library for the Flowpipe cloud scripting engine. Automation and workflows to connect AbuseIPDB to the people, systems and data that matters.

abuseipdb abuseipdb-api automation cloud devops flowpipe flowpipe-mod hacktoberfest integrations low-code orchestration pipelines security workflow workflow-automation workflow-engine

Last synced: 19 Mar 2026

https://github.com/nicpwns/oscp

Commands, scripts, and resources that helped me prep to pass the Offensive Security Certified Professional (OSCP) exam.

certification oscp penetration-testing pentesting security

Last synced: 19 Mar 2026

https://github.com/anqorithm/headscale-k0s-vpn

A local demo that runs a Kubernetes cluster behind a self-hosted VPN. Your apps are only accessible through the encrypted VPN mesh invisible to the outside world.

headscale k0s k8s security vpn wireguard

Last synced: 02 Jun 2026