An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/aureq/cloud-maps.info

AWS Security Primer

audit aws cloud compliance map security

Last synced: 31 Oct 2025

https://github.com/bitexpert/sulu-securitytxt-bundle

Sulu Bundle to manage security.txt files

php security sulu sulu-bundle symfony

Last synced: 14 Apr 2025

https://github.com/sindecker/pentest-playbook

The Penetration Testing Playbook — Beginner to Intermediate Field Guide. 359 pages, 731 code examples, 37+ compliance frameworks. Read free on GitHub.

active-directory beginner bug-bounty burp-suite ctf cybersecurity ethical-hacking hacking infosec oscp oscp-prep owasp penetration-testing pentest red-team security security-tools web-security

Last synced: 18 Apr 2026

https://github.com/imagemlt/easyscanner

distributed cms fingerprint scanner using celery with redis

scanner security security-tools

Last synced: 13 Apr 2025

https://github.com/janloebel/nipca

Network IP Camera Application Programming Interface (NIPCA) - Client

client ip-camera ipcamera javascript nipca node security

Last synced: 15 Jul 2025

https://github.com/jonhadfield/ape

AWS account scanner

aws golang security

Last synced: 15 Jul 2025

https://github.com/hahwul/zaproxy-ruby

A Ruby Implementation and Library for Easy Utilization of ZAP API

ruby ruby-gem security zap zaproxy

Last synced: 12 May 2025

https://github.com/ntdls/sqlpwaudit

An easy to use and scalable SQL password recovery/audit tool.

auditing cracking passwords security sql threading

Last synced: 14 Apr 2025

https://github.com/sarathsp06/py2factor

Python two factor authenticator app for linux,experimental

2factor cli multifactor-authentication python security

Last synced: 28 Jul 2025

https://github.com/aran112000/nope-php

Nope! A lightweight tool for monitoring your log files and dynamically blocking nuisance or malicious IPs based on easy to define, dynamic rules which you control

anti-bot attack-prevention ban-hosts ban-management ips linux log-analyzer monitoring php php-cli rate-limiting security

Last synced: 22 Apr 2025

https://github.com/petemcw/ansible-role-hardening

Ansible role for basic server hardening

ansible ansible-role security

Last synced: 14 Apr 2025

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/Nearata/flarum-ext-twofactor

A Flarum extension. Allow your users to enable two factor authentication.

flarum flarum-extension security two-factor

Last synced: 28 Mar 2025

https://github.com/marcreichel/password-exposed-rule

Laravel Validation rule to check that a password hasn't been exposed

data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation

Last synced: 13 Jan 2026

https://github.com/mchmarny/sds-demo

Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain

demo devops gcp sds security supply-chain

Last synced: 05 Aug 2025

https://github.com/umuttopalak/pass-cli

A secure command-line password manager with AES-256 encryption and sudo authentication

aes-256 cli command-line-tool cryptography keyring password-generator password-manager password-security python security

Last synced: 28 Jul 2025

https://github.com/dzek69/html-safe-json

Small wrapper for JSON-stringify that makes result safe to embed directly into HTML `<script>` tag.

javascript json node security xss

Last synced: 22 Sep 2025

https://github.com/bonedaddy/postables-solidity-modules

Collection of reusable contracts and libraries I use in contracts I write.

blockchain contracts cryptocurrency ethereum libraries modules openzeppelin safemath security solidity upgradeable utilities

Last synced: 12 May 2025

https://github.com/kaansk/go-euvd

Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.

api-client cvss enisa epss european-union euvd go golang incident-response open-source oss security threat-intelligence vulnerability vulnerabilitymanagement

Last synced: 16 Jul 2025

https://github.com/bocaletto-luca/bug-github-farms-points

Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially

bocaletto-luca bug farms github github-bug hack hacking points security yaml

Last synced: 27 Apr 2026

https://github.com/federicoceratto/desktop-security-assistant

Help desktop users improve their security

debian gui python security ui

Last synced: 20 Sep 2025

https://github.com/reconmap/mobile-client

React-native based mobile client for Reconmap

android infosec mobile pentesting react-native security vulnerabilities

Last synced: 10 Sep 2025

https://github.com/haikelfazzani/otp

🔐 Zero dependencies Deno/Bun/Node/Browser module for TOTP and HOTP generator based on RFC 6238 and RFC 4226 🗝️

2fa browser bun cryptography deno hotp nodejs one-time-password otp rfc-6238 rfc4226 security totp web-crypto web-cryptography-api

Last synced: 13 May 2025

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/mjorgegulab/nestjs-cryptography

Secure NestJS cryptography module 🔐

cryptography javascript nest nestjs node security typescript

Last synced: 27 Jul 2025

https://github.com/infineon/pkcs11-optiga-tpm

OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide

pkcs11 raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/rideu/ndot

DNS over DoT relay. Designed for DHCP-configurable routers that supports custom DNS servers.

csharp dns dns-over-tls rfc1035 rfc7858 security security-tools

Last synced: 15 Jul 2025

https://github.com/swedishmike/dmarcparser

A quick and dirty implementation to get DMARC reports into Splunk for further analysis

dmarc dmarc-reports email python security spam-prevention splunk splunk-sdk

Last synced: 08 May 2025

https://github.com/nilportugues/php-uuid

Use this class to encapsulate the latest and more secure Uuid versions

composer php php7 secure security uuid uuid-generator uuid4 uuid5

Last synced: 14 Jul 2025

https://github.com/boxyhq/jackson-cerbos

This is an example application that demonstrates how to use Cerbos with SAML Jackson

access-control authorization cerbos policy saml-authentication security

Last synced: 01 Aug 2025

https://github.com/jmaczan/ktotu

Identify devices in your network and monitor it against intruders

linux monitoring netsec netsecurity network network-monitoring network-security python security

Last synced: 02 Aug 2025

https://github.com/rabbit-company/passwordgenerator-js

Password generator implemented in JavaScript (ES6).

generator password security strength

Last synced: 13 Jul 2025

https://github.com/ufukty/ovpn-auth

Simple to use, easy to deploy 2FA login for OpenVPN servers

authentication golang openvpn password security totp two-factor-authentication

Last synced: 17 Jan 2026

https://github.com/elliotwutingfeng/aegis-backup-decryptor

CLI tool to decrypt backup files exported from the Aegis Authenticator app. This application is neither affiliated with Beem Development nor Aegis Authenticator.

2fa aes aes-gcm android backup cryptography cybersecurity decryption encrypt encrypted encryption linux macos openssl otp privacy scrypt security totp windows

Last synced: 29 Apr 2025

https://github.com/eqstlab/cve-2024-48914

Arbitrary File Read and DoS in vendure-ecommerce exploit

cve exploit poc proof-of-concept security typescript vulnerability

Last synced: 27 Jul 2025

https://github.com/arunanshub/pycryptor

Pure Python High Performance File Encryption Software

encryption encryption-tool file-vault locker security

Last synced: 22 Apr 2025

https://github.com/exabrial/javax-security-cdi-extension

A CDI Portable Extension for Java EE 7 (and maybe 8) that allows you to use @RolesAllowed on CDI Beans and their Methods

cdi cdi-extension interceptors java java-ee-7 role-based-access-control security

Last synced: 11 Jan 2026

https://github.com/yhs0602/logbluetoothapi

Logs android bluetooth api calls of apps using xposed framework, to learn how to avoid java.lang.IOException: connect() failed; socket might closed or timeout; read ret: -1

benchmarking reverse-engineering security security-tools xposed-framework

Last synced: 24 Jul 2025

https://github.com/lukebaggett/ssh-credscan

A multi-factor SSH login scanner with support for password, public key, and google authenticator authentication.

google-authenticator multi-factor-authentication scanner security ssh ssh-client two-factor-authentication

Last synced: 22 Jul 2025

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/sakryukov/storage-free-pass

Storage-Free Pass is a generator of highly secure passwords based on cryptographic hash and master password, which should be memorized; no password storage is involved

authentication criptographic-hash cryptography css html javascript security

Last synced: 07 May 2025

https://github.com/aw-junaid/android-security

Explore Android security: secure app development, reverse engineering, vulnerability testing, and best practices for data protection and encryption.

android android-rat androidsecurity hacking hacking-tool security vulnerabilities

Last synced: 01 Jul 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/john-b-yang/course-dev

Personal repository of teaching material

databases pedagogy security software-development

Last synced: 15 Jun 2025

https://github.com/ms2138/cameraviewer

Add/View Dahua security camera video streams

camera dahua dahua-cameras onvif onvif-camera security swift uikit xcode

Last synced: 04 May 2025

https://github.com/winnpixie/log4noshell

A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 ("Log4Shell").

apache cve log4j patch security vulnerability

Last synced: 11 Jul 2025

https://github.com/cihatsolak/net7-jwt-token

Main project is audience dependent on access to other api projects. I am providing information about the structure and architecture of the jwt token.

entity-framework-core jwt-token migration net7 nlayer-architecture security webapi

Last synced: 06 May 2025

https://github.com/tankerhq/sdk-python

Tanker Python SDK - mirror of https://gitlab.com/TankerHQ/sdk-python

cryptography encryption end-to-end privacy python sdk security tanker

Last synced: 09 Sep 2025

https://github.com/kerberjg/chillinode

Node.js-based captive portal system for Linux

captive-portal linux network-management nodejs openwrt security

Last synced: 11 Apr 2025

https://github.com/globaleaks/globaleaks-eph-fs

An ephemeral ChaCha20-encrypted filesystem implementation using fusepy and cryptography suitable for privacy-sensitive applications, such as whistleblowing platforms.

chacha20 cryptography fuse-filesystem privacy security whistleblowing-software

Last synced: 14 Dec 2025

https://github.com/angelej/php-insider

A simple static application security testing (SAST) tool for locating dangerous sinks in php applications.

appsec php sast security static-code-analysis whitebox

Last synced: 06 Apr 2026

https://github.com/jsign/timing-attack

Timing attack proof-of-concept in Go

go security statistics timing-attack

Last synced: 18 Mar 2025

https://github.com/turbot/steampipe-mod-snowflake-compliance

Run individual controls or full compliance benchmarks across all of your Snowflake accounts using Powerpipe and Steampipe.

compliance hacktoberfest powerpipe powerpipe-mod security snowflake snowflakedb steampipe steampipe-mod

Last synced: 11 Jul 2025

https://github.com/kyopark2014/aws-security-token-service

It shows how to generate and use temporary security credential using AWS STS.

aws aws-lambda aws-sdk lambda security temporary-credentials

Last synced: 12 Apr 2025

https://github.com/petr-panteleyev/password-manager

Desktop application to keep passwords and other sensitive information

aes-256 desktop-application java java-24 javafx javafx-application password-manager security

Last synced: 29 Apr 2025

https://github.com/404notf0und/python-guide

Practice makes perfect

bugs coding python security tricks

Last synced: 12 Apr 2025

https://github.com/fkie-cad/bidcos-security-doc

A documentation of the Bidcos (homematic) radio protocol with focus on practical security aspects

eq3 home-automation homematic security urh

Last synced: 06 May 2025

https://github.com/didjacome/modules.azure

This repository aims to have modules and scripts created for Microsoft Azure administration

accounts assessment azure engineer management powershell rbac resources security snapshot

Last synced: 17 Jan 2026

https://github.com/geeknik/jwt-scanner

A tool for detecting JWT algorithm confusion vulnerabilities in web applications

bugbounty confusion infosec jwt scanner security

Last synced: 23 Jun 2025

https://github.com/dimon222/py-gitsshgen

Automatic generation of SSH keys for VCS

automation git hacktoberfest python security ssh vcs

Last synced: 29 Oct 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/stackrox/jenkins-plugin

The StackRox Jenkins Plugin for image scanning and security

containers hacktoberfest jenkins k8s security stackrox

Last synced: 06 May 2025

https://github.com/ahliweb/awcms

AWCMS (AhliWeb Content Management System) — an enterprise-grade, multi-tenant, ABAC-secured CMS built with React, Supabase, and modern web architecture.

abac audit-log cloudflare cms cms-framework enterprise-cms headless-cms multi-tenant postgresql react rls saas security supabase vite workflow-engine

Last synced: 08 Mar 2026

https://github.com/spaze/security-txt

security.txt (RFC 9116) generator, parser, validator

generator parser security security-txt securitytxt validator

Last synced: 06 Apr 2026

https://github.com/andiveloper/ts-rbac

Use ts-rbac if you need role-based access control in your TypeScript application, independent from your architecture.

jwt security ts typescript

Last synced: 06 May 2025

https://github.com/ebauman/simpleca

Simple PKI for developers.

certificates cli golang pki security tls

Last synced: 17 Jan 2026

https://github.com/strmprivacy/data-plane-helm-chart

Care about your data leaving your VPC/environment in SaaS mode? With our self-hosted option you can run our privacy focused Data Plane in your own Kubernetes Cluster. Just (1) sign-up, (2) request a self-hosted installation, (3) use our values.yaml on your own k8s clusters and (4) run your (customer) data inside your own cloud like 🪄

charts data helm kubernetes privacy security

Last synced: 23 Jun 2025

https://github.com/middlewares/recaptcha

PSR-15 middleware to use Google reCAPTCHA for spam prevention

http middleware prevention psr-15 recaptcha security

Last synced: 06 May 2025

https://github.com/weixian-zhang/fuzzie

A VSCode GUI-based fuzzer for Rest API and GraphQL

fuzzing python3 rest-api security vscode-extension

Last synced: 30 Dec 2025

https://github.com/googlechromelabs/web-identity-demos

Demos for identity on the web. Built by the Chrome Developer Relations team and friends.

authentication autofill demo passkeys security

Last synced: 09 Jul 2025

https://github.com/spiral/security

[READ ONLY] RBAC security layer based on NIST definition, role/rule/permission associations, bulletproof. Subtree split of the Spiral Security component (see spiral/framework)

nist rbac security spiral

Last synced: 28 Oct 2025

https://github.com/anthonyharrison/sbom4rust

SBOM4Rust generates a Software Bill of Materials (SBOM) for a Rust component.

cyclonedx devsecops rust sbom sbom-generator security spdx

Last synced: 28 Oct 2025

https://github.com/oktsec/oktsec

Security layer for AI agent-to-agent communication. Every message is signed, inspected, and logged. If it doesn't comply, it doesn't pass. No LLM. No cloud. Single binary. Your infra, your data.

ai-agents audit ed25519 golang identity inter-agent mcp open-source proxy security

Last synced: 02 Apr 2026

https://github.com/neurophant/ouija

Python relay/proxy server and library to build reliable encrypted TCP/UDP tunnels with entropy control for TCP traffic

asyncio censorship cipher encrypted entropy http https network proxy relay security tcp tunnel udp

Last synced: 04 May 2025

https://github.com/sammcj/github-app-installation-token

Generates Github tokens using a Github App install

actions authentication security token workflow

Last synced: 10 Apr 2025

https://github.com/ashishb/checkdevicecredentials

Force device credential check before decrypting data

android android-security keystore security

Last synced: 02 May 2025

https://github.com/habilelabs/cvss-v3.1-react

React CVSS v3.1 Base Score Calculator

cvss cvssv3 reactjs security security-vulnerability

Last synced: 20 Jun 2025

https://github.com/hrchlhck/kubemon

A tool for distributed container monitoring over Kubernetes.

docker kubemon kubernetes monitoring-tool security

Last synced: 01 Apr 2026

https://github.com/vdlp/oc-csrf-plugin

Adds CSRF protection to October CMS frontend.

csrf october-cms october-plugin octobercms php security

Last synced: 12 Apr 2025

https://github.com/luketainton/pwnedpw

Checks if your password has been leaked.

password pwned pwned-passwords pwnedpasswords security

Last synced: 30 Apr 2025

https://github.com/volkansah/tor-network-application-with-stem-and-scapy

This project demonstrates how to use the Stem library to interact with the Tor network and the Scapy library for network packet manipulation. The goal is to create an application that can leverage Tor for anonymized network analysis, including scanning both Onion and regular websites.

example-code examples hacking network nikto nmap python scapy security socat stem tor

Last synced: 12 Apr 2025