An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/erlendellingsen/digitalocean-developer-firewall

Tool for developers to easily configure firewalls and gain access to their servers when using DigitalOcean cloud firewalls.

digitalocean digitalocean-droplets digitalocean-firewall droplets firewall firewall-management nodejs security server server-management

Last synced: 13 May 2025

https://github.com/circl/imap-proxy

Modular IMAP proxy (including PyCIRCLeanMail and MISP forward modules)

circlean imap imap-protocol imap-proxy proxy security

Last synced: 04 Jul 2025

https://github.com/spatie/email-concealer-cli

CLI tool for concealing e-mails in a file by replacing their domain

cli developer-tools email obfuscation security tool

Last synced: 22 Apr 2025

https://github.com/sysdiglabs/k8s-security-configwatch

Git action to generate security lint report for Kubernetes workload YAML files on PR

git-workflow k8s security

Last synced: 13 Jul 2025

https://github.com/noraj/miniss

Displays a list of open listening sockets. It is a minimal alternative to ss or netstat.

crystal crystal-shard crystal-shards ctf ctf-tools cyber cybersecurity hacking hacking-tool network pentest pentesting security security-tools shard shards socket tool

Last synced: 07 Oct 2025

https://github.com/kickstarter/ruby-homograph-detector

🕵️‍♀️🕵️‍♂️ Ruby gem for determining whether a given URL is considered an IDN homograph attack

homograph-attack idn-homograph-attack security unicode

Last synced: 20 Oct 2025

https://github.com/r3dxpl0it/CVE-2018-4407

IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]

attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security

Last synced: 22 Apr 2025

https://github.com/oisf/suricata-intel-index

Suricata rule and intel index

ids intel ips nsm rules security signatures suricata

Last synced: 31 Jan 2026

https://github.com/SalehLardhi/google-dorks-toolkit

GoogleDorks Toolkit is a powerful automated tool for google dorks, designed for pentration tester, ethical hackers and bug hunters to detect harmful security vulnerabilities using Google Dorks techniques. It has methods to bypass google captcha and search in a list of any possible program in wild.

bypass-google cybersecurity dorking-tool ghdb google google-captcha google-dork google-dorks google-hacking-database google-scraping googledork googledorks googlehacking googlesearch hackgoogle hacking python scraper security

Last synced: 01 Apr 2025

https://github.com/snapt/traefik-nova-plugin

Traefik plugin to proxy requests to Snapt Nova for evaluation against the WAF.

security snapt traefik-plugin

Last synced: 15 Jan 2026

https://github.com/nextcloud/end_to_end_encryption_rfc

🔒 Specification for end-to-end encryption used by Nextcloud sync & mobile apps

encryption encryption-rfc end-to-end-encryption nextcloud nextcloud-sync security

Last synced: 15 Jun 2025

https://github.com/leondz/lm_risk_cards

Risks and targets for assessing LLMs & LLM vulnerabilities

llm llm-security red-teaming security vulnerability

Last synced: 01 Jul 2025

https://github.com/gamemann/packet-flooder

A packet flooding/generating program I made that supports TCP, UDP, and ICMP packets. Includes functionality to change characteristics per packet and is also multithreaded.

c denial-of-service dos dos-attack fast flood flooding multithreading network packet packet-flood packet-flooder packet-generator packetflood pcktflood pcktgen pentest pentest-tool pentesting security

Last synced: 18 Mar 2025

https://github.com/permify/targe

Open-source CLI for managing IAM (Identity and Access Management) operations with AI assistance.

authorization aws awscli azure cloud gcp iam security

Last synced: 14 Jun 2025

https://github.com/padosoft/laravel-composer-security

Laravel command to test security vulnerabilities in your composer files.

composer laravel laravel-command laravel-package security

Last synced: 23 Apr 2025

https://github.com/attumm/maat

Validation and transformation library powered by recursive descent validation algorithm. Made to be extended for any kind of project.

dictionary fast json-schema nested-structures parser security serialization types validation validator

Last synced: 09 Apr 2025

https://github.com/jonpulsifer/dnsmon-go

A golang DNS monitor inspired by https://github.com/gamelinux/passivedns

dns golang gopacket monitoring prometheus security security-tools

Last synced: 23 Aug 2025

https://github.com/YinHangCode/homebridge-mi-gateway-security

XiaoMi Gateway Security plugin for HomeBridge.

aqara gateway homebridge homebridge-plugin security xiaomi

Last synced: 01 Apr 2025

https://github.com/ayesh/statelesscsrf

Secret-key based state-less CSRF token generator and validator for PHP 7. State-less means you do not have to store the CSRF token in session or database.

csrf netsec php php7 security stateless token token-authetication

Last synced: 06 Nov 2025

https://github.com/junkurihara/lecture-security_engineering

Slide decks and sample codes for a lecture of "Security Engineering", which are composed in terms of how to choose and deploy appropriate standardization security technologies in information systems.

lecture lecture-slides security university-course

Last synced: 14 Apr 2025

https://github.com/pwelch/virustotal_api

Ruby Gem for VirusTotal API

malware-analysis ruby security

Last synced: 15 Apr 2025

https://github.com/fabaff/fsl-test-bench

FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.

ansible fedora fedora-security-lab pentesting playground security vulnerable

Last synced: 15 Apr 2025

https://github.com/wolfssl/wolfssh-examples

Example applications using the wolfSSH Library.

embedded esp32 esp8266 examples getting-started iot security ssh ssh-examples wolfssh wolfssl

Last synced: 23 Aug 2025

https://github.com/sefinek/malicious-ip-addresses

A list of malicious IP addresses associated with botnets, cyberattacks, and the generation of artificial traffic on websites. Useful for network administrators and security companies to block threats and protect against DDoS attacks.

botnets cybersecurity ddos ddos-protection firewall google-adsense ip-list list malicious malicious-ips malicious-url malicious-url-detection network-monitoring protection security security-tools threat-detection traffic-analysis

Last synced: 25 Jul 2025

https://github.com/te-k/commands-for-sec

Useful commands for infosec

infosec security tips tldr

Last synced: 02 Feb 2026

https://github.com/gnat/csrf-starlette-fastapi

Dead simple CSRF security middleware for Starlette ⭐ and FastAPI ⚡

async csrf fastapi htmx hyperscript python security starlette web

Last synced: 15 Apr 2025

https://github.com/ariary/tacos

🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)

ctf golang infosec interactive pentest pentest-tool reverse-shell security socat

Last synced: 26 Apr 2025

https://github.com/anthonysgro/geospoof

Browser extension to spoof your geolocation, timezone, and prevent WebRTC IP leaks.

browser firefox gecko geolocation privacy security spoof spoofing spoofing-detection timezone vpn

Last synced: 27 May 2026

https://github.com/claude-world/claude-skill-antivirus

Security scanner for Claude Code Skills — 9 engines detect malicious patterns, data exfiltration, dangerous ops across 71K+ skills

claude-code claude-code-skills malware-detection nodejs npm scanner security

Last synced: 03 Apr 2026

https://github.com/apeleghq/lot

Sandbox for isolating ECMAScript code

browser csp deno ecmascript iframe isolation nodejs sandbox security vm webworker worker

Last synced: 08 May 2025

https://github.com/delight-im/htaccess

.htaccess with reasonable defaults for most sites

apache apache2 htaccess security server

Last synced: 28 Jan 2026

https://github.com/Te-k/commands-for-sec

Useful commands for infosec

infosec security tips tldr

Last synced: 11 Mar 2025

https://github.com/arall/vulnerabilities

Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

dast sast security vulnerabilities vulnerability vulnerable vulnerable-app vulnerable-application

Last synced: 22 Jan 2026

https://github.com/grafana/bugbounty

Grafana Labs bug bounty

bounty bug bugbounty grafana rewards security

Last synced: 19 Oct 2025

https://github.com/grahamhelton/spoofpoint

Spoofpoint is a domain monitoring tool that allows you to generate a list of domains that are 1 character off of your domain (grahamhelton.com turns into -> grahamheIton.com ((The L is a capital I )), check a list of domains you already have, or check as single domain.

domain domain-monitoring security

Last synced: 22 Jan 2026

https://github.com/theupdateframework/taps

TUF Augmentation Proposals (TAPs)

security software update

Last synced: 25 Feb 2026

https://github.com/the-mcgrail-foundation/mimedefang

MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter or manipulate your mail.

antispam email filter perl security smtp

Last synced: 01 Jul 2025

https://github.com/0xInfection/PewSWITCH

A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers

Last synced: 11 Jul 2025

https://github.com/geekmasher/securitree.nvim

SecuriTree - Security Research Tool

neovim security

Last synced: 06 Mar 2026

https://github.com/khaosdoctor/enigmajs

Full implementation of the 1944 German cryptographic machine in TypeScript with a nice UI

cipher cryptography enigma enigma-cipher enigma-js enigma-machine enigma-simulator javascript security typescript vue

Last synced: 29 Apr 2025

https://github.com/rrd108/nuxt-api-shield

Nuxt API Rate Limiter / Brute Force Protection

nuxt nuxt-module rate-limiter security

Last synced: 10 Apr 2025

https://github.com/en14c/erebus

Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster

c elf elf-binaries elf64 linux linux-system-programming process-injection proof-of-concept security virus x64-assembly

Last synced: 09 Jul 2025

https://github.com/vacuumlabs/cardano-ctf

A game where Cardano developers and enthusiasts can try to exploit purposely vulnerable smart contracts and learn about the most common security issues and how to prevent them.

cardano ctf decentralized-finance security smart-contracts vulnerabilities

Last synced: 12 Apr 2025

https://github.com/techgaun/plug_secex

Plug that adds various HTTP Headers to make Phoenix/Elixir app more secure

elixir hex hex-downloads http-headers phoenix plug plug-secex security

Last synced: 13 Jun 2025

https://github.com/VerSprite/alpnpass

This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic again and send it to the target of your choice. Unlike most SSL stripping solutions this tool will negotiate ALPN and preserve the negotiated protocol all the way to the target.

alpn mitm mitmproxy security security-tools ssl tls

Last synced: 11 Jul 2025

https://github.com/keeper-security/keeper-sdk-dotnet

.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.

commander dotnet password-manager passwords powershell security

Last synced: 05 Apr 2025

https://github.com/univ-of-utah-marriott-library-apple/disable_sip

This script is used in the recovery partition to automatically disable SIP.

bash mac macadmin macadmins security system-integrity-protection

Last synced: 10 Apr 2025

https://github.com/nekmo/pip-rating

Check the health of your project's requirements and get a score for each dependency.

dependencies hacktoberfest pip python rating requirements security security-audit security-tools vulnerabilities

Last synced: 13 Dec 2025

https://github.com/Keeper-Security/keeper-sdk-dotnet

.Net and PowerShell version of Keeper Commander, a CLI and SDK interface for the Keeper Security platform.

commander dotnet password-manager passwords powershell security

Last synced: 05 May 2025

https://github.com/asggo/spf

Parse SPF record and determine if client IP is allowed to send email.

dns go golang security sender-policy-framework spf spf-record

Last synced: 03 Feb 2026

https://github.com/jenkinsci/azure-ad-plugin

Authentication and Authorization with Azure AD

azure hacktoberfest security user

Last synced: 06 Apr 2025

https://github.com/rverton/gxss

Blind XSS service alerting over slack or email

blind-xss exfiltration pentesting security xss

Last synced: 09 Mar 2026

https://github.com/bmedicke/quantum_cryptography

demonstration of quantum cryptography 🐈 🔐 , one-time pad communication via BB84. repo for our IT Security Master project

alice bb84-protocol beam-splitter bob cryptography docker docker-compose hardware jupyter-notebooks lasers master mcs mqtt photons quantum quantum-cryptography rabbitmq security theory thorlabs

Last synced: 02 Apr 2025

https://github.com/javiercasares/wpvulnerability

Plugin WPVulnerability for WordPress. https://wordpress.org/plugins/wpvulnerability/

php security vulnerability wordpress wordpress-plugin

Last synced: 13 Jun 2025

https://github.com/hunters-org/hunter-kit

Hunter-Kit is a cross platform security toolkit and framework that can automate most of the pentesting engagement from the recon to reporting phase

attacks autmation frameworks pentesting-tools reconnaissance security security-tools toolkit

Last synced: 12 Mar 2026

https://github.com/datadog/nginx-datadog

Enhance NGINX Observability and Security with Datadog's Module

apm appsec datadog nginx observability security tracing

Last synced: 06 Feb 2026

https://github.com/endorama/2ami

Your easy 2FA companion that keep the secrets secret.

cli google-authenticator hacktoberfest keychain keyring secrets secure security totp two-factor

Last synced: 15 Mar 2026

https://github.com/itinerisltd/disallow-pwned-passwords

Disallow WordPress and WooCommerce users using pwned passwords

have-i-been-pwned hibp password security woocommerce wordpress-plugin

Last synced: 24 Apr 2025

https://github.com/luc10/zykgen

Zyxel VMG8823-B50B default WPA keygen

golang password reverse-engineering router security wifi wpa zyxel

Last synced: 04 Mar 2026

https://github.com/opensc/pam_p11

Authentication with PKCS#11 modules

authentication certificate opensc pam pgp security smartcard

Last synced: 26 Feb 2026

https://github.com/ulisesgascon/docker-seguro

📖 Docker Seguro por Ulises Gascón

docker ebook learning security spanish

Last synced: 05 May 2025

https://github.com/apriorit/access-app-data-android

A no-root solution to access Android app private data without root access. Browser history and instant messages example

android security

Last synced: 08 May 2025

https://github.com/thedoctor0/openvas-docker-lite

OpenVAS docker container with custom automation script.

docker nmap openvas scan security shell

Last synced: 12 Apr 2025

https://github.com/guardianproject/opencircle

Open-source Circle of 6 with improved security and privacy features. PLEASE NOTE: For the new Circulo app please visit: https://gitlab.com/circuloapp/circulo-android

community hotline mobile safety security support

Last synced: 22 Jun 2025

https://github.com/0xinfection/pewswitch

A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers

Last synced: 13 Apr 2025

https://github.com/sbaresearch/amlsec

Automated Security Risk Identification Using AutomationML-based Engineering Data

automationml cyber-physical-systems industrial-automation research risk-assessment security semantic-web

Last synced: 12 Jul 2025

https://github.com/ssstonebraker/log4j-scan-turbo

Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

bash kali log4j log4shell oscp oscp-tools osint pentesting security securty-tools shell

Last synced: 12 Jul 2025

https://github.com/sporkmonger/bulwark

Automated security decision making under uncertainty

bot-mitigation bulwark detection devsecops envoy security waap waf webassembly

Last synced: 19 Feb 2026

https://github.com/JakeRoggenbuck/regolith

A server-side TypeScript and JavaScript library immune to Regular Expression Denial of Service (ReDoS) attacks by using Rust and linear RegEx under the hood. Regolith has a linear worst case time complexity, compared to the default RegExp found in TypeScript and JavaScript, which has an exponential worst case.

javascript regex security typescript

Last synced: 17 Aug 2025

https://github.com/tethik/burn-after-reading

A service to share short term messages stored in memory.

cryptography python security

Last synced: 26 Jun 2025

https://github.com/dan-nolan/delegatecall-proxy-bug

An Exploit on the AAVE v2 Contract Vulnerability

security smart-contracts solidity

Last synced: 31 Aug 2025

https://github.com/rikyz90/shibaclaw

🛡️ Self-hosted AI agent with 5-layer prompt injection protection. Multi-channel, parallel agents, MCP, Docker-ready, LLM-agnostic.

agent-framework ai-agent ai-agents chatbot docker hardened-agent llm matrix mcp multi-agent ollama open-source openai openrouter prompt-injection python security self-hosted telegram-bot ultra-light

Last synced: 17 May 2026

https://github.com/parsiya/parsia-code

Contains random code and some of my older projects

code go python security

Last synced: 20 Apr 2026

https://github.com/rshipp/python-dshield

Pythonic interface to the Internet Storm Center / DShield API.

api-client dshield infosec isc library python sans security

Last synced: 15 Sep 2025

https://github.com/alulsh/intro-to-security-for-developers

An introduction to security for developers.

infosec security slides

Last synced: 20 Nov 2025

https://github.com/d2iq-archive/kubernetes-security-benchmark

A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources

cis cli cobra dcos golang ksphere kubernetes security

Last synced: 31 Mar 2025

https://github.com/tigran-sargsyan-w/self-signed-cert-toolkit

A toolkit for generating self-signed digital certificates for signing PDFs, emails, software, and other content using tools like JSignPdf or any software that supports PKCS#12.

cert-generation certificate cli-tool code-signing digital-signature document-signing email-signature encryption openssl p12 pdf pdf-signature pkcs12 privacy security self-signed smime ssl tls x509

Last synced: 29 May 2026

https://github.com/wssun/TiSE-CodeLM-Security

This repository provide the studies on the security of language models for code (CodeLMs).

adversarial-attacks adversarial-defense ai-security ai4se backdoor-attacks backdoor-defense code-intelligence language-model lm4code lm4se security

Last synced: 30 Aug 2025

https://github.com/1and1/compositejks

Load a custom Java Keystore into the SSL Context without replacing the system CA list.

cacert java-keystore security

Last synced: 05 Mar 2025