An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/brannondorsey/attacker-personas

🏴‍☠️ Use attacker personas to improve your threat modeling and cybersecurity practices

advice cybersecurity infosec security threat-modeling

Last synced: 18 Feb 2026

https://github.com/snyk/rpm-parser

Produce a list of dependencies from an RPM database file

dependencies packages parser rpm security snyk

Last synced: 08 May 2025

https://github.com/oslabs-beta/testsudo

A one-stop testing suite offering a range of frontend, backend, and security metrics for your projects.

backend bearer frontend lighthouse measured optimization performance-testing security testing-tools

Last synced: 30 Apr 2025

https://github.com/louib/nix2sbom

nix2sbom extracts the CycloneDX and SPDX SBOM (Software Bill of Materials) from a Nix derivation

cyclonedx github-actions nix nixos purl sbom sbom-generator security software-bill-of-materials spdx supply-chain supply-chain-security

Last synced: 24 Mar 2025

https://github.com/nsonaniya2010/sanfinder

It finds Subject Alternative Names for a given list of domains

bug-bounty bug-hunting bugbounty infosec madeinindia security security-tools

Last synced: 14 Apr 2025

https://github.com/withsecurelabs/shadowhammer

Tools related to 'shadowhammer' attack, https://securelist.com/operation-shadowhammer/89992

countercept malware security

Last synced: 25 Jun 2025

https://github.com/rhargreaves/knock-knock

Port knocking implementation in eBPF

ebpf security

Last synced: 29 Aug 2025

https://github.com/silur/zerotwo

State of the art authentication scheme with the strength of a Klaxxosaur

2fa authentication crendentials cryptography login security

Last synced: 16 Apr 2025

https://github.com/saveourtool/osv4k

Kotlin and Java serialization schema for OSV

java kotlin osv security

Last synced: 23 Apr 2025

https://github.com/bocaletto-luca/ip-port-scanner

The IP Port Scanner software is a Python application based on Tkinter that allows users to scan IP addresses and ports within a local network. This application provides an intuitive user interface for performing IP scans and checking the status of open or closed ports on a specific host.

cybersecurity desktop-application gui ip-scanner ip-scanning network-scanning network-security open-source python security tkinter

Last synced: 05 Jan 2026

https://github.com/sjinks/roundcube_recaptcha

Adds reCAPTCHA to the RoundCube login form

captcha login recaptcha roundcube-plugin security

Last synced: 07 Mar 2026

https://github.com/rafigk2v9c/APKdevastate

Advanced analysis software for APK payloads created by RATs.

aapt android apk apktool remoteaccesstrojan reverse-engineering security

Last synced: 25 Dec 2025

https://github.com/latchset/tang-operator

An Openshift/K8S operator to manage NBDE Tang Servers

encryption-decryption kubernetes nbde network-disk openshift operator security tang

Last synced: 29 Jun 2025

https://github.com/mini-ware/file-locker

Keep your files obfuscated by locking them with XOR encryption

cli encryption hacking linux password security shell xor

Last synced: 03 Oct 2025

https://github.com/elastic/llm-detection-proxy

A proxy tool for detecting and logging LLM queries to Elasticsearch.

elastic enrichment flask kibana llm proxy security

Last synced: 13 Jul 2025

https://github.com/riimu/kit-securerandom

Library for leveraging secure random generators

php php-library random-generation security uuid

Last synced: 25 Jul 2025

https://github.com/ribafs/laravel-acl

ACL to laravel 9 applications

access acl laravel package security

Last synced: 03 Sep 2025

https://github.com/drizzlerisk/armyworm

Armyworm是一款用于研究和测试的Internet Explorer密码输入控件粘虫防护能力的测试程序

activex armyworm bank ocx pentest security trojan

Last synced: 16 May 2025

https://github.com/scipag/phputilities

PHPUtilities provides various utility scripts.

commands exploitation penetration-testing php security shell

Last synced: 05 Oct 2025

https://github.com/lovasoa/pyformat-challenge

Python format string vulnerability exploitation challenge

challenge format format-string-attack python security

Last synced: 24 Mar 2025

https://github.com/sfr-development/wondersuite-ai-bug-bounty

AI-Powered Offensive Security Research Engine - desktop-native security testing platform with native MCP integration. 90 tools, MITM proxy, stealth browser, autonomous AI agent. Built on Tauri + Rust + React.

ai-agent bug-bounty burp-suite-alternative desktop-app llm-tools mcp mitm-proxy model-context-protocol offensive-security pentesting react rust security security-tools tauri typescript vulnerability-scanner web-security

Last synced: 30 May 2026

https://github.com/robertdebock/ansible-role-ca

Install and configure a certificate authority on your system.

ansible authority ca certificate molecule openssl playbook security tox

Last synced: 09 Mar 2026

https://github.com/m1guelpf/laravel-ssl

A Laravel package to enforce HTTPS

enforce laravel package security ssl

Last synced: 13 May 2025

https://github.com/tawfik-s/spring-security-tasks-solution

Master Spring Security by practice. spring security tasks and solutions. you can find tasks description at the README file. freely use, modify, and distribute the code.

bycrypt csrf github-oauth2 google-oauth2 java jwt jwt-authentication method-level-authorization method-level-security oauth oauth2 oauth2-client preauthorize security spring spring-boot spring-security spring-security-oauth2 tasks

Last synced: 30 Jun 2025

https://github.com/operatorequals/gitsign-action

Verify Sigstore Gitsign commit signatures

cicd pgp security signatures sigstore

Last synced: 16 Jan 2026

https://github.com/kahalewai/agbac

AGent Based Access Control (AGBAC) is is an open, vendor-neutral security specification that defines how AI agents securely perform actions on behalf of humans using existing IAM technologies

access-control agent agentic agents ai ai-agent artificial-intelligence auth-n auth-z authentication authorization dual-subject enterprise iam innovation llm security technology zero-trust

Last synced: 29 May 2026

https://github.com/theteleporter/xuneix

A link rotator for enhanced admin panel security. Dynamic URLs, expiring tokens, customizable rotation. Easy setup with Shadcn UI & Tailwind CSS. Integrates with Vercel KV.

authentication link-rotator nextjs open-source security shadcn-ui

Last synced: 24 Mar 2025

https://github.com/xewdy444/netgrave

A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)

camera exploit netwave security vulnerability

Last synced: 11 Mar 2026

https://github.com/billyJoePiano/TenaPull

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk

java nessus security splunk

Last synced: 11 Jul 2025

https://github.com/DevanshRaghav75/bugbounty-dorks

Google dorks for bug bounty hunting

bugbounty google-dorks security

Last synced: 10 Mar 2025

https://github.com/dyne/redroom

Zenroom crypto module for Redis

crypto cryptography password redis redis-module security

Last synced: 16 Jul 2025

https://github.com/reverseapple/analysissuite

Utilities for reverse engineering Apple binaries

apple binary-analysis research reverse-engineering security tools

Last synced: 09 Apr 2025

https://github.com/evansims/openfga-php

Stop writing authorization logic. Start asking questions. OpenFGA high performance relationship-based access control for PHP.

abac authorization entitlements fga fine-grained-access-control fine-grained-authorization openfga pbac permissions php rbac rebac sdk security zanzibar

Last synced: 20 Sep 2025

https://github.com/tigera-solutions/azure-hub-spoke-aks-egress-gateways

[Azure AKS Blueprint] Learn how to deploy Azure Hub-Spoke VNETs with AKS and Calico Egress Gateways

aks azure calico egress egress-gateway microsoft-azure security tigera

Last synced: 17 Aug 2025

https://github.com/infisical/k8-kms-plugin

Infisical KMS plugin for Kubernetes

encryption kubernetes security

Last synced: 04 Apr 2025

https://github.com/osirislab/fork-sentry

GitHub Action for detecting and alerting on suspicious forks of your repository

github-actions security

Last synced: 18 Jul 2025

https://github.com/saptaks/saikoro

Diceware GUI: An easy way for non-tech people to get diceware passphrases

diceware gui-application passphrase security

Last synced: 24 Apr 2025

https://github.com/drawing-captcha/drawing-captcha-app

Drawing Captcha is an innovative software that enhances security and promotes brand awareness by requiring users to complete interactive drawing tasks to pass the verification process. (Website comes soon)

captcha drawing js nodejs open-source security solving

Last synced: 25 Jul 2025

https://github.com/inexio/cve-alert-manager

Collect security alerts from different sources and provide a normalized API to query

cve golang security security-vulnerability

Last synced: 09 Mar 2026

https://github.com/ebkalderon/bastille

Process sandboxing library written in Rust

cross-platform namespace rust sandbox security

Last synced: 23 Apr 2025

https://github.com/pixielabs/whisper-key

Send & receive secure messages in the browser.

cryptography messaging security

Last synced: 20 Jun 2025

https://github.com/artem-smotrakov/java-dns-tunneling

Here is an example which shows an idea how DNS tunneling can be implemented in Java.

dns-tunneling java java-dns security

Last synced: 16 Jul 2025

https://github.com/mkmik/getsum

Abuse the gosum database to store verifiable hashes about any binary file

go hack security transparency

Last synced: 17 Aug 2025

https://github.com/toshke/aws-waf-demo-workshop

Workshop for demonstrating AWS WAF usage

api apigateway aws aws-waf cloud loadtesting security serverless workshop

Last synced: 07 Apr 2025

https://github.com/timkuijsten/node-mongo-escape

Escape variables to prevent NoSQL injection in MongoDB

mongodb security

Last synced: 01 Aug 2025

https://github.com/craigmayhew/usbcleanser

Scripts to turn a debian based OS into an automated USB wiper

python raspberrypi security thumb-drive usb-drive

Last synced: 25 Oct 2025

https://github.com/go-to-k/image-scanner-with-trivy

The AWS CDK Construct library to allow you to scan a container image during CDK deployment layer with Trivy.

aws aws-cdk aws-cdk-construct cdk container security trivy

Last synced: 27 Feb 2026

https://github.com/khalidelboray/zap-api-raku

A Raku module for the OWASP ZAP API.

owasp raku raku-module security web-security zaproxy

Last synced: 01 Apr 2026

https://github.com/italomaia/uri-faker

See how fonts can be used to create fake URIs

fonts html jquery pentest phishing security semantic-ui uri usability

Last synced: 28 Oct 2025

https://github.com/crodjer/biip

Strip out PII before Sending Data

cli pii privacy prompt-engineering prompt-toolkit rust security

Last synced: 25 Apr 2026

https://github.com/ubernostrum/django-flashpolicies

Flash cross-domain policies for Django.

django flash python security

Last synced: 26 Oct 2025

https://github.com/labex-labs/comptia-linux-plus-training-labs

Learn Linux system administration through hands-on labs, covering command-line, file management, user administration, security, networking, and maintenance. Perfect for CompTIA Linux+ certification prep.

bash certification command-line comptia course hands-on hands-on-labs labex labs linux linux-administration linux-commands lpic networking practice-labs programming security shell-scripting sysadmin system-maintenance

Last synced: 17 Jun 2026

https://github.com/r3dhulk/bad-usb

bad usb also known as rubber ducky is a usb device to hack your target when you are in device's physical access

attack hacking security security-tools usb

Last synced: 13 Jun 2026

https://github.com/celenityy/dove

Dove is a suite of configurations & advanced modifications for Mozilla Thunderbird, designed to put the user first - with a focus on privacy, security, freedom, & usability.

anti-tracking email gecko hardened hardening mozilla privacy private secure security settings thunderbird tracking user-js userjs

Last synced: 25 Feb 2026

https://github.com/traycho/micronaut-security-attributes

Micronaut security attributes - secure your endpoints by validating authentication attribute using micronaut-security and a bit more. Library is not limited to any specific authentication method and is expected to work with supported authentication methods from micronaut.

attributes aws claims jwt jwt-authentication jwt-token lambda ldap-authentication micronaut security serverless tokens validation

Last synced: 11 Jan 2026

https://github.com/umutcamliyurt/i2p-browser

A web browser for accessing I2P network anonymously and securely

anonymity i2p-browser privacy security web-browser

Last synced: 14 May 2025

https://github.com/dsha256/token-go

JWT & PASETO Implementation of the Token Based Authentication

go golang jwt-tokens paseto-tokens security token-based-authentication

Last synced: 26 Jun 2025

https://github.com/maymeow/php-encrypt

🔏PHP library for creating and signing Certificates, text encryption and decryption.

certificates encryption hacktoberfest hacktoberfest2020 library openssl php security

Last synced: 19 Apr 2025

https://github.com/go-to-k/ecr-scan-verifier

The AWS CDK Construct that blocks deployments to ECS, Lambda, and other services when ECR Image Scanning detects vulnerabilities, and optionally verifies container image signatures.

aws aws-cdk aws-cdk-construct aws-ecr awscdk cdk container security

Last synced: 22 May 2026

https://github.com/neospl0it/discord-rat

A powerful Discord RAT for remote control & monitoring. Capture screenshots, grab passwords, evade detection.

discord discord-bot discord-rat grabber-password grabber-token python rat remote-access-trojan remoteaccesstrojan security

Last synced: 22 Apr 2025

https://github.com/leopechnicki/im_robot

Reverse-CAPTCHA for AI agents — verify bots, not humans. Multi-framework (React, Vue, Svelte, Web Components). Zero dependencies. TypeScript.

ai-agent authentication bot-verification captcha react reverse-captcha security svelte typescript vue web-components zero-dependencies

Last synced: 22 May 2026

https://github.com/qaware/cloudid-showcase

Cloud Native Identity Management Showcase.

cloud-native java jsa kubernetes security spiffe spire vault

Last synced: 08 Apr 2025

https://github.com/cipherstash/cipherstash-proxy-playground

A playground to experiment with CipherStash and our data security capabilities.

aws-dynamodb data-security dynamodb encryption postgres postgresql searchable-encryption security security-tools

Last synced: 07 May 2025

https://github.com/imranismail/cloudcreds

Secure access to your organization's AWS accounts for both programmatic and console use-case via federated identity and short-lived credentials

aws federated-identity google oauth oidc security

Last synced: 22 Apr 2025

https://github.com/ivision-research/inzure

Azure security configuration automation tool and library

automation azure security vulnerability-detection

Last synced: 23 Jul 2025

https://github.com/c0m4r/paranoya

Simple IOC and YARA scanner for Linux®

malware-detector paranoya python security security-tool yara yara-scanner

Last synced: 25 Jul 2025

https://github.com/itemic/rotacsufbo

did u know the name of the repo is obfuscator backwards?

android android-security javaparser mobile-security obfuscate obfuscation obufscator proguard security

Last synced: 26 Jun 2025

https://github.com/vartzy/nodejs-owasp-api-security

NodeJS API Guide with addressing top 10 OWASP security risk on API development.

cheatsheet cybersecurity cybersecurity-education cybersecurity-tool owasp rest-api security

Last synced: 11 Apr 2025

https://github.com/mrcl0wnlab/new-ip-tor

This module that makes it easy to reboot IP Tor network

hacking python security security-tools tor

Last synced: 18 Jul 2025

https://github.com/sebastienrousseau/password-generator-pro

A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords 🦀

cross-platform cross-platform-app passphrase-generator password-generator password-generator-pro rust security tauri tauri-app

Last synced: 21 Aug 2025

https://github.com/samerfarida/secure-bash-macos-ebook

A hands-on Bash scripting guide for macOS administrators and security engineers. Learn to automate, secure, and master macOS with real-world examples.

bash macos security

Last synced: 13 Jan 2026

https://github.com/davemolk/dorking

advanced searching for bing, brave, duck duck go, and yahoo

bug-bounty bugbounty dorking go golang infosec osint pentesting pentesting-tools recon research search search-engine security

Last synced: 14 Jul 2025

https://github.com/sircryptic/poc

Proof-of-Concept Exploits Based On Known CVE's

cve cybersecurity educational proof-of-concept security

Last synced: 14 Apr 2025

https://github.com/andreygrechin/umbr_api

umbr_api is Cisco Umbrella APIs wrapper and command-line utility. With help of umbr_api you can add new sites and URL to the customer's blocked site list, remove or show current entries from cli in seconds.

cisco opendns security umbrella

Last synced: 27 Aug 2025

https://github.com/jonhadfield/subtocheck

subdomain takeover checker

go golang scanner security subdomain takeover

Last synced: 15 Jul 2025

https://github.com/littlenewton/ucas_exploit_practice

中国科学院大学,《漏洞利用与攻防实践》,霍玮

security ucas

Last synced: 27 Jul 2025