An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/sia-digital/pibox

PiBox is a service hosting framework that allows .net devs to decorate their services with behaviours or functionality (think of plugins) while only using minimal configuration.

api aspnetcore dotnet dotnet-core dotnet-standard dotnet8 framework lib library logging metrics microservice net80 performance pibox plugins security tests tracing web

Last synced: 09 May 2025

https://github.com/elementsinteractive/sheriff

Sheriff is a tool to scan repositories and generate security reports.

dependency-scanning security security-audit security-tools vulnerability-scanner

Last synced: 12 Jan 2026

https://github.com/panga/jboss-security-extended

JBoss Security Extended

jboss security

Last synced: 01 Aug 2025

https://github.com/hcl-tech-software/appscan-sast-action

Integrate static security testing with HCL AppScan on Cloud using GitHub Actions

action appscan github github-actions sast scanning security security-automation security-scanner security-testing security-tools

Last synced: 31 Aug 2025

https://github.com/quenty/dns-drone-project

Drone simulation of adhoc networks in Roblox for Data and Network Security class at UNL

adhoc-networks drone lua roblox security

Last synced: 02 Aug 2025

https://github.com/solun-pm/solun

Solun is a service that allows you to share files, text and sending emails with end-to-end encryption, without having to worry about your privacy.

docker end-to-end-encryption mongodb nextjs privacy security

Last synced: 15 Jun 2025

https://github.com/melardev/xeytanboost-rat

WORK IN PROGRESS. RAT written in C++ using Boost Libraries

asio backdoor boost cpp desktop malware networking rat remote-administration-tool security sockets trojan

Last synced: 13 Apr 2025

https://github.com/eftec/securityonemysql

It is a library

mysql php php7 security

Last synced: 07 Mar 2026

https://github.com/ninoseki/simplewhatweb

Simplified ver. of WhatWeb

pentesting security

Last synced: 19 Jul 2025

https://github.com/rix4uni/linkinspector

linkinspector is a fast command-line tool for inspecting URLs and retrieving HTTP status codes, content lengths, and content types. It supports filtering and matching responses, and can process URLs from stdin or files.

bug-bounty bugbounty bugbountytips hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools threat-intelligence

Last synced: 17 Feb 2026

https://github.com/jpmcb/pwnkit-go

Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go

cybersecurity infosec security

Last synced: 09 Aug 2025

https://github.com/krishealty/worm

Worm is an Android post exploitation Framework to gain remote access of any Android device by exploiting Android Debug Bridge.

cybersecurity hacking hacking-tools information-gathering kali-linux osint-framework osint-tool penetration-testing pentesting python python3 security vulnerability vulnerability-scanners

Last synced: 14 Apr 2025

https://github.com/safinsingh/midnight

🔧 An extensible Linux security auditing tool

cybersecurity docker go golang linux security

Last synced: 09 Mar 2026

https://github.com/bocaletto-luca/super-info

Super Info is a comprehensive, text-based utility for system administrators on Ubuntu and other Debian-based distributions. It provides essential security, monitoring and system checks via a custom ASCII interface with colors (when supported). By Bocaletto Luca

bash cli debian linux security shell-script sysadmin system-info system-monitoring ubuntu

Last synced: 18 Jun 2025

https://github.com/mychewcents/e2e-encryption

An npm module to allow for easier E2E encryption and decryption. Works on 'tweetnacl' npm package.

e2e-encryption encryption encryption-decryption encryption-tool end-to-end-encryption npm npm-package privacy privacy-protection security

Last synced: 17 Jan 2026

https://github.com/csm-actions/approve-pr-action

GitHub Action to approve pull requests securely

github-actions oss security

Last synced: 13 May 2025

https://github.com/javiorfo/go-microservice

API Rest, Tracing, Auditory, Swagger and Keycloak

api fiber go golang gorm-orm keycloak microservice security tracing web

Last synced: 02 Jan 2026

https://github.com/extwiii/cybersecurity-university.of.maryland

Cybersecurity Specialization - Cybersecurity Fundamentals. Construction of Secure Systems - Coursera

cyber-security cybersecurity maryland security

Last synced: 03 Feb 2026

https://github.com/jpts/coredns-enum

Discover K8s Services & Pods through DNS Records in CoreDNS

coredns enumeration kubernetes networking security

Last synced: 12 May 2025

https://github.com/authress/authress-local

Local running version of an Authorization API in a container

api authentication authorization authress container offline sdk security

Last synced: 13 May 2025

https://github.com/lilydjwg/httpseverywhereuserrules

My personal HTTPSEverywhere rules

configuration firefox https security

Last synced: 04 Feb 2026

https://github.com/ztalbot2000/zerofile

Simple command line tool that fill a file with binary zeroes, then removes it.

clean clear data disk erase fill reset security wipe zero

Last synced: 26 Aug 2025

https://github.com/middlewares/recaptcha

PSR-15 middleware to use Google reCAPTCHA for spam prevention

http middleware prevention psr-15 recaptcha security

Last synced: 06 May 2025

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/notoriousrebel/social_media_shamer

Breaches happen all the time, it would be a shame if people used those credentials for their social media accounts.

python3 redteam security

Last synced: 11 Apr 2025

https://github.com/lombiq/orchard-login-as-anybody

Orchard module for site owners to be able to log in as any user.

orchard orchard-cms orchard-core orchard-module security

Last synced: 17 Aug 2025

https://github.com/lukebaggett/ssh-credscan

A multi-factor SSH login scanner with support for password, public key, and google authenticator authentication.

google-authenticator multi-factor-authentication scanner security ssh ssh-client two-factor-authentication

Last synced: 22 Jul 2025

https://github.com/eqstlab/cve-2024-48914

Arbitrary File Read and DoS in vendure-ecommerce exploit

cve exploit poc proof-of-concept security typescript vulnerability

Last synced: 27 Jul 2025

https://github.com/bocaletto-luca/systemauditdashboard

SystemAuditDashboard is a centralized Linux system monitoring dashboard implemented in Python using Tkinter. It provides a real-time overview of key system information including: Kernel Version Operating System Details Logged-in User Number of Active Processes Number of Open Ports Load Average (1 min, 5 min, 15 min) Available Memory (in MB)...

admin-tool bocaletto-luca gui linux python security security-tool system-audit system-audit-dashboard system-tool tkinter

Last synced: 17 Sep 2025

https://github.com/x13a/pschk

Check for suspicious processes on macOS

macos osx security swift

Last synced: 02 Jul 2025

https://github.com/kumuluz/kumuluzee-jwt-auth

KumuluzEE JWT Authentication extension provides role based access control microservice endpoints using OpenID Connect and JSON Web Tokens.

authentication cloud-native java javaee jwt jwt-authentication jwt-token kumuluzee microservices openid-connect rbac rest security

Last synced: 06 Apr 2025

https://github.com/bocaletto-luca/bug-github-farms-points

Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially

bocaletto-luca bug farms github github-bug hack hacking points security yaml

Last synced: 27 Apr 2026

https://github.com/miller79/spring-security-demo

Demonstrates how to use Spring Security with common production patterns.

java oauth2 security spring spring-boot spring-framework spring-security

Last synced: 01 Jul 2025

https://github.com/cihatsolak/net7-jwt-token

Main project is audience dependent on access to other api projects. I am providing information about the structure and architecture of the jwt token.

entity-framework-core jwt-token migration net7 nlayer-architecture security webapi

Last synced: 06 May 2025

https://github.com/muayyad-alsadi/oneway

a tool to drop privileges for docker entry-points

containers docker init-system jail privileges security

Last synced: 18 May 2026

https://github.com/umuttopalak/pass-cli

A secure command-line password manager with AES-256 encryption and sudo authentication

aes-256 cli command-line-tool cryptography keyring password-generator password-manager password-security python security

Last synced: 28 Jul 2025

https://github.com/infineon/pkcs11-optiga-tpm

OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide

pkcs11 raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/panther-labs/pysigma-backend-panther

pySigma Panther Backend

python security

Last synced: 12 Aug 2025

https://github.com/cyberark/escape-the-cloud

Web Application for CyberArk Cloud Escape Room CTF challenge

aws challenge cloud conjbot-skip conjbot-skip-vulnrreport ctf security

Last synced: 03 May 2025

https://github.com/haikelfazzani/otp

🔐 Zero dependencies Deno/Bun/Node/Browser module for TOTP and HOTP generator based on RFC 6238 and RFC 4226 🗝️

2fa browser bun cryptography deno hotp nodejs one-time-password otp rfc-6238 rfc4226 security totp web-crypto web-cryptography-api

Last synced: 13 May 2025

https://github.com/federicoceratto/desktop-security-assistant

Help desktop users improve their security

debian gui python security ui

Last synced: 20 Sep 2025

https://github.com/retirenet/packages

JSON files containing vulnerable packages

dotnet-core dotnetcore security

Last synced: 21 Sep 2025

https://github.com/vdlp/oc-csrf-plugin

Adds CSRF protection to October CMS frontend.

csrf october-cms october-plugin octobercms php security

Last synced: 12 Apr 2025

https://github.com/certwatch-app/cw-agent

SSL/TLS certificate monitoring agent for Kubernetes and on-prem infrastructure. Scan certificates, detect expiration, validate chains, and sync to CertWatch cloud.

certificate cli cloud-native devops golang kubernetes monitoring security sre ssl tls

Last synced: 13 Jan 2026

https://github.com/jul10l1r4/identificador-cve-2018-11759

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing

Last synced: 16 May 2025

https://github.com/bonedaddy/postables-solidity-modules

Collection of reusable contracts and libraries I use in contracts I write.

blockchain contracts cryptocurrency ethereum libraries modules openzeppelin safemath security solidity upgradeable utilities

Last synced: 12 May 2025

https://github.com/fodinabor/esposecsignauth

Module for EspoCRM that uses SecSign for Two-Factor Authentication.

2fa espocrm security

Last synced: 01 Aug 2025

https://github.com/sindecker/pentest-playbook

The Penetration Testing Playbook — Beginner to Intermediate Field Guide. 359 pages, 731 code examples, 37+ compliance frameworks. Read free on GitHub.

active-directory beginner bug-bounty burp-suite ctf cybersecurity ethical-hacking hacking infosec oscp oscp-prep owasp penetration-testing pentest red-team security security-tools web-security

Last synced: 18 Apr 2026

https://github.com/kerberjg/chillinode

Node.js-based captive portal system for Linux

captive-portal linux network-management nodejs openwrt security

Last synced: 11 Apr 2025

https://github.com/narrowspark/automatic-security-audit

[READ ONLY] :warning: A composer plugin that checks if your application has known security vulnerabilities.

audit automatic composer composer-plugin narrowspark-automatic security security-advisories

Last synced: 13 Jan 2026

https://github.com/adrianmoisey/sitescanners

A few services that scan websites and return useful information.

hacktoberfest http2 ipv6 readme security ssl webdev

Last synced: 16 Jan 2026

https://github.com/jbruchon/php_secure_auth

Secure user login/authentication template for PHP web applications

authentication pdo pdo-mysql php security

Last synced: 13 May 2025

https://github.com/hleliofficiel/exaaiagent

ExaAiAgent — Advanced AI-powered penetration testing framework with Docker sandbox, multi-agent workflows, and 50+ integrated cybersecurity tools.

ai-agent bug-bounty cybersecurity hacking llm pentesting prompt-injection python security vulnerability-scanner

Last synced: 01 Apr 2026

https://github.com/geeknik/jwt-scanner

A tool for detecting JWT algorithm confusion vulnerabilities in web applications

bugbounty confusion infosec jwt scanner security

Last synced: 23 Jun 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/vaibhavpandeyvpz/phuck

Single-file shell to f__k vulnerable PHP servers, solely for educational and research purposes. Powered by Bootstrap and React.js, features a file browser and browser based, SSH like terminal.

administraction file-manager hacking security shell ssh sysadmin terminal

Last synced: 24 Apr 2025

https://github.com/marcreichel/password-exposed-rule

Laravel Validation rule to check that a password hasn't been exposed

data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation

Last synced: 13 Jan 2026

https://github.com/bongochong/waspscanner

A Basic Scanner for Vulnerabilities Related to HiddenWasp Malware on GNU/Linux

anti-malware bash hidden-wasp hiddenwasp script security shellscript

Last synced: 08 Apr 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/olliecheng/passwordbreachchecker

A small unofficial extension to check passwords you type in against the database at HaveIBeenPwned (Chrome only for now)

browser-extension chrome-extension extension password-security security

Last synced: 26 Jun 2025

https://github.com/gentoo/gentoo-apparmor-profiles

[ORIGIN] AppArmor profiles just for Gentoo

apparmor hacktoberfest security

Last synced: 01 Feb 2026

https://github.com/zuazo/encrypted_attributes-cookbook

Chef cookbook to install and load chef-encrypted-attributes gem.

chef cookbook credentials devops encrypted-attributes encryption gcm keys passwords pki plugin secrets security

Last synced: 13 Apr 2025

https://github.com/dzek69/html-safe-json

Small wrapper for JSON-stringify that makes result safe to embed directly into HTML `<script>` tag.

javascript json node security xss

Last synced: 22 Sep 2025

https://github.com/jonhadfield/ape

AWS account scanner

aws golang security

Last synced: 15 Jul 2025

https://github.com/hitsz-ids/dbmasker

DBMasker 是一个针对主流数据库系统的 Java 开源项目,旨在提供统一且安全的访问接口。

data data-security database mask sdk security

Last synced: 26 Apr 2025

https://github.com/sap-samples/btp-sac-forecast

This scenario is primarily intended to empower data driven decisions through analytics forecast using SAP Analytics Cloud, BTP extension application and SAP Build Work Zone, standard edition.

cloud-foundry sample sample-code sap-analytics-cloud sap-btp sap-build-work-zone-standard-edition sap-cap sap-hana-cloud security story

Last synced: 06 Feb 2026

https://github.com/volkansah/minigrex

MiniGreX will be designed with security in mind, and the code will be written to minimize the risk of SQL injection attacks and other security vulnerabilities. To ensure maximum security, we recommend keeping the CMS up-to-date with the latest security patches and using strong passwords for all user accounts.

authentication cms cms-backend cms-framework codeigniter content-management content-management-system hacker mariadb mysql php pod posgresql prepared-statements security security-audit security-tools user-interface usermanagement xss-filter

Last synced: 12 Apr 2025

https://github.com/patrickfav/bkdf

BCrypt based key derivation function to improve BCrypt as a cryptographic primitive for password hashing and key derivation

bcrypt cryptography hkdf java kdf password security

Last synced: 09 Apr 2025

https://github.com/smoren/url-security-manager-php

Class for building, parsing, signing, signature checking, encrypting and decrypting URLs

encryption security url-builder url-parser

Last synced: 15 Apr 2025

https://github.com/gowww/secure

🔑 Security utilities, CSP, HPKP, HSTS and other security wins

csp go golang good-practices hpkp hsts http https policy secure security ssl

Last synced: 01 Mar 2026

https://github.com/lambda2/breezer

🔒 Lock your Gemfile dependencies to safe versions

ci gemfile ruby security

Last synced: 18 Jan 2026

https://github.com/patricktulskie/concuss

Throw a bunch of headers at a web app and see what sticks

malformed-headers pentest ruby security security-auto security-tools testing webapp-security

Last synced: 28 Apr 2025

https://github.com/robertdebock/ansible-role-investigate

Install and configure investigation tools on your system.

ansible investigate molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/picobaz/pybruteforge

PyBruteForge: A powerful Python brute-force login tester for ethical security audits. Forge attacks with smart password patterns and CSV logging via a modular API-driven design. Strengthen your defenses—test ethically!

bruteforce cybersecurity ethical-hacking login-tester password-audit penetration-testing python security web-security

Last synced: 23 Oct 2025

https://github.com/accrescent/console

The Accrescent console

android angular appstore security

Last synced: 05 Mar 2026

https://github.com/soulteary/stargate

A minimal ForwardAuth gateway for Traefik and Nginx that handles login sessions and request access control. / 面向 Traefik 和 Nginx 的极简 ForwardAuth 鉴权网关,负责会话与访问控制。

auth authentication authorization enjoy-with-stargate forwardauth gateway nginx reverse-proxy security sso traefik

Last synced: 11 Feb 2026

https://github.com/jef/gh-audit-org-keys

🔑 Provides list of public SSH keys of an organization

github-api john-the-ripper openssl security ssh

Last synced: 03 Apr 2026

https://github.com/zufardhiyaulhaq/asdf-trivy

Trivy plugin for the asdf version manager

asdf asdf-plugin security security-tools trivy

Last synced: 12 Apr 2025