An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/jreisinger/waf-tester

Test Web Application Firewalls (WAFs)

cli ftw security testing tool waf

Last synced: 31 Jan 2026

https://github.com/getarcis/arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss

Last synced: 06 Jun 2026

https://github.com/theruziev/security_interface

Simple API for authentication and authorization.

python-3-6 python-asyncio security

Last synced: 17 Mar 2026

https://github.com/0xjonaseb11/dn404_marketplace.3.0

A DN404 Marketplace built on ERC404 token standard inspired by Pandora coin

auditing dn404 erc404 ethereum marketplaces nfts security smartcontracts solidity tokens

Last synced: 21 Apr 2026

https://github.com/kevinrabun/judges

MCP server with specialized judges to evaluate AI-generated code for security, cost, scalability, cloud readiness, and best practices.

ai-agent ai-code-review ai-generated-code code-quality code-review judge mcp mcp-server security software-architecture static-analysis typescript

Last synced: 05 Apr 2026

https://github.com/jmaczan/ktotu

Identify devices in your network and monitor it against intruders

linux monitoring netsec netsecurity network network-monitoring network-security python security

Last synced: 02 Aug 2025

https://github.com/bocaletto-luca/systemauditdashboard

SystemAuditDashboard is a centralized Linux system monitoring dashboard implemented in Python using Tkinter. It provides a real-time overview of key system information including: Kernel Version Operating System Details Logged-in User Number of Active Processes Number of Open Ports Load Average (1 min, 5 min, 15 min) Available Memory (in MB)...

admin-tool bocaletto-luca gui linux python security security-tool system-audit system-audit-dashboard system-tool tkinter

Last synced: 17 Sep 2025

https://github.com/petemcw/ansible-role-hardening

Ansible role for basic server hardening

ansible ansible-role security

Last synced: 14 Apr 2025

https://github.com/olliecheng/passwordbreachchecker

A small unofficial extension to check passwords you type in against the database at HaveIBeenPwned (Chrome only for now)

browser-extension chrome-extension extension password-security security

Last synced: 26 Jun 2025

https://github.com/albertito/kxd

[mirror] Key exchange daemon

encryption-key go-application key-management security

Last synced: 02 Aug 2025

https://github.com/grapheneos-archive/kernel_msm-extra-coral

Kernel audio drivers for the Pixel 4, Pixel 4 XL and Pixel 4a.

android grapheneos security

Last synced: 13 Apr 2025

https://github.com/jbruchon/php_secure_auth

Secure user login/authentication template for PHP web applications

authentication pdo pdo-mysql php security

Last synced: 13 May 2025

https://github.com/muqsit/2fa

[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.

2fa mfa pmmp pocketmine-mp security

Last synced: 05 Aug 2025

https://github.com/hugobatista/tailhoogram

Send Tailscale webhook events to Telegram using Cloudflare Workers

audit cloudflare cloudflare-workers events security tailnet tailscale telegram webhook

Last synced: 26 May 2026

https://github.com/sarathsp06/py2factor

Python two factor authenticator app for linux,experimental

2factor cli multifactor-authentication python security

Last synced: 28 Jul 2025

https://github.com/sap/sanitizer-checker

A tool to evaluate the security of JavaScript sanitizer functions.

cross-site-scripting injection javascript sanitizer security

Last synced: 09 Aug 2025

https://github.com/umuttopalak/pass-cli

A secure command-line password manager with AES-256 encryption and sudo authentication

aes-256 cli command-line-tool cryptography keyring password-generator password-manager password-security python security

Last synced: 28 Jul 2025

https://github.com/federicoceratto/desktop-security-assistant

Help desktop users improve their security

debian gui python security ui

Last synced: 20 Sep 2025

https://github.com/mjorgegulab/nestjs-cryptography

Secure NestJS cryptography module 🔐

cryptography javascript nest nestjs node security typescript

Last synced: 27 Jul 2025

https://github.com/ufukty/ovpn-auth

Simple to use, easy to deploy 2FA login for OpenVPN servers

authentication golang openvpn password security totp two-factor-authentication

Last synced: 17 Jan 2026

https://github.com/tigera-solutions/cc-aks-zero-trust-workshop

In this AKS-focused security workshop, you will work with Calico and Microsoft Azure experts to learn how to implement zero-trust security for workloads to reduce the attack surface of applications running on AKS. This 90-minute hands-on lab comes with your own Calico Cloud environment and a sample app environment.

aks azure cc regismartins security workshop

Last synced: 10 Aug 2025

https://github.com/dodo325/flytrap

People tracker on the Internet. OSINT analysis and research tool by dodo325. Catch a user using your URL!

flask hacking hacking-tool ngrok osint security security-tools social-engineering

Last synced: 09 Apr 2025

https://github.com/panther-labs/pysigma-backend-panther

pySigma Panther Backend

python security

Last synced: 12 Aug 2025

https://github.com/kubeshop/monokle-action

Run this GitHub action to validate your Kubernetes resources with the Monokle SARIF validator.

devsecops github-actions kubernetes sarif sarif-report scanner security validation

Last synced: 07 Apr 2025

https://github.com/yhs0602/logbluetoothapi

Logs android bluetooth api calls of apps using xposed framework, to learn how to avoid java.lang.IOException: connect() failed; socket might closed or timeout; read ret: -1

benchmarking reverse-engineering security security-tools xposed-framework

Last synced: 24 Jul 2025

https://github.com/fijimunkii/usb-canary

Shell script to monitor usb devices while your computer is locked. Get notified when someone plugs in or removes a usb device

alert detection linux monitoring notify osx security shell sms usb

Last synced: 04 Oct 2025

https://github.com/derhuerst/generate-node-policy-file

Generate a Node.js policy file for your code.

json nodejs security

Last synced: 15 Apr 2025

https://github.com/haikelfazzani/otp

🔐 Zero dependencies Deno/Bun/Node/Browser module for TOTP and HOTP generator based on RFC 6238 and RFC 4226 🗝️

2fa browser bun cryptography deno hotp nodejs one-time-password otp rfc-6238 rfc4226 security totp web-crypto web-cryptography-api

Last synced: 13 May 2025

https://github.com/bitdefender/hvmi-blog

A place where the HVMI team writes about memory introspection and other fun stuff.

hypervisor introspection reverse-engineering security virtualization virtualization-based-security

Last synced: 15 Apr 2025

https://github.com/xkcoding/magic-starter-secure-demo

magic-starter-secure 极简的权限控制框架的 demo

demo jwt magic-starter security spring-boot-2 spring-boot-starter xkcoding

Last synced: 09 Mar 2026

https://github.com/jcsec-security/cosmwasm-security-spotlight

Posts and labs to learn CosmWasm smart contract security vulnerabilities and audit

audit blockchain bug bugbounty contract cosmos cosmossdk cosmwasm ctf dapp defi hacking rust security smart smartcontract vulnerabilities

Last synced: 26 Oct 2025

https://github.com/sindecker/pentest-playbook

The Penetration Testing Playbook — Beginner to Intermediate Field Guide. 359 pages, 731 code examples, 37+ compliance frameworks. Read free on GitHub.

active-directory beginner bug-bounty burp-suite ctf cybersecurity ethical-hacking hacking infosec oscp oscp-prep owasp penetration-testing pentest red-team security security-tools web-security

Last synced: 18 Apr 2026

https://github.com/grapheneos-archive/device_google_crosshatch

Pixel 3 and Pixel 3 XL device sources.

android grapheneos security

Last synced: 04 Oct 2025

https://github.com/mooxphp/user-device

[READ-ONLY] Manage and let users manage Known Devices in Filament to enhance security

devices filament laravel security user

Last synced: 20 Feb 2026

https://github.com/rknf404/chromium-hardening-guide

Harden chromium (somewhat)

chromium chromium-browser security

Last synced: 15 Apr 2025

https://github.com/adrianmoisey/sitescanners

A few services that scan websites and return useful information.

hacktoberfest http2 ipv6 readme security ssl webdev

Last synced: 16 Jan 2026

https://github.com/arunanshub/pycryptor

Pure Python High Performance File Encryption Software

encryption encryption-tool file-vault locker security

Last synced: 22 Apr 2025

https://github.com/cdpxe/openbsdhacks

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

bsd fupids hids host-monitoring icmp ids information-security kernel kernel-module kernel-modules openbsd openbsd-community openbsd-ports openbsd-scripts port-knocking portknocking security security-hardening security-monitoring security-tools

Last synced: 23 Mar 2025

https://github.com/lukebaggett/ssh-credscan

A multi-factor SSH login scanner with support for password, public key, and google authenticator authentication.

google-authenticator multi-factor-authentication scanner security ssh ssh-client two-factor-authentication

Last synced: 22 Jul 2025

https://github.com/fabian-hk/secure-two-party-computation

Python implementation of the TPC protocol from the paper "Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation"

google-protocol-buffers multi-party-computation network-communication python3 secure-computation security tpc two-party-computation

Last synced: 14 Apr 2025

https://github.com/jonhadfield/ape

AWS account scanner

aws golang security

Last synced: 15 Jul 2025

https://github.com/louis3797/xss-shield

A powerful middleware for securing your express.js applications against cross-site scripting (XSS) attacks

express-middleware middleware node security typescript xss xss-attacks xss-filter xss-sanitizer xss-shield

Last synced: 07 Apr 2025

https://github.com/infineon/pkcs11-optiga-tpm

OPTIGA™ TPM-Based PKCS #11 Token Setup and User Guide

pkcs11 raspberry-pi security tpm2

Last synced: 06 Apr 2025

https://github.com/rusty-ferris-club/redact-engine

Protect confidentiality with dynamic redaction by replacing sensitive data.

redact redaction security sensetive-data

Last synced: 19 Aug 2025

https://github.com/bocaletto-luca/bug-github-farms-points

Auto Farms Points BUG in Github Author: Bocaletto Luca Hi there! I’m Luca (@bocaletto-luca), and I’ve put together this repo to demonstrate a surprising “feature” (or vulnerability?) in GitHub’s contribution model. With a single workflow file, you can automatically farm commits, issues, PRs, wiki edits, releases and comments every hour—artificially

bocaletto-luca bug farms github github-bug hack hacking points security yaml

Last synced: 27 Apr 2026

https://github.com/jwilk/fuzzing

Jakub's fuzzing goodies

fuzzing security

Last synced: 12 Apr 2025

https://github.com/sjinks/yubico-otp

PHP 7/8-friendly alternative to the official php-yubico client

2fa authentication otp php security yubico yubico-otp

Last synced: 10 Apr 2025

https://github.com/teh9/laravel-tg-2fa

A simple implementation of a two-factor authentication via Telegram for Laravel

2fa auth authentication laravel login php security telegram two-factor

Last synced: 22 Aug 2025

https://github.com/soufantech/arx

Arx is an access control library for Node.js apps, strongly focused on efficiency, type safety and overall composability.

access-control authorisation permissions policy security

Last synced: 12 Apr 2025

https://github.com/kardelruveyda/aspnet-security

We write code for hours during the day. So how many of these codes are safe? I found training on security from Udemy. And I started watching. Thank you Fatih Çakıroğlu

csharp dotnet-core security

Last synced: 13 Apr 2025

https://github.com/darwintantuco/eslint-plugin-require-form-method

Disallow form tags without explicit method attribute

eslint eslint-plugin eslintplugin security

Last synced: 24 Apr 2025

https://github.com/dimosr/monitorito

A browser extension for visualisation and monitoring of browser HTTP traffic

browser graph plugin security visualisation

Last synced: 21 Apr 2025

https://github.com/sattyamjjain/agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 194 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.

ai-agent ai-agent-security ai-safety ai-security claude-code github-action mcp mcp-security owasp sarif scanner security security-scanner static-analysis supply-chain-security tool-poisoning

Last synced: 23 May 2026

https://github.com/tech-at-du/acs-3230-web-security

🔐 This course covers key concepts in internet data security and best practices for keeping information safe. Students will examine historical hacks, learn how to analyze websites and web architectures for classical security vulnerabilities, and learn how to defend against security attacks.

security

Last synced: 08 Jul 2026

https://github.com/hahwul/zaproxy-ruby

A Ruby Implementation and Library for Easy Utilization of ZAP API

ruby ruby-gem security zap zaproxy

Last synced: 12 May 2025

https://github.com/ztalbot2000/zerofile

Simple command line tool that fill a file with binary zeroes, then removes it.

clean clear data disk erase fill reset security wipe zero

Last synced: 26 Aug 2025

https://github.com/homebrew/homebrew-brew-vulns

🔓 A Homebrew subcommand that checks installed packages for vulnerabilities

brew homebrew security vulnerability-scanners

Last synced: 05 Feb 2026

https://github.com/patrickfav/bkdf

BCrypt based key derivation function to improve BCrypt as a cryptographic primitive for password hashing and key derivation

bcrypt cryptography hkdf java kdf password security

Last synced: 09 Apr 2025

https://github.com/picobaz/pyformblaster

PyFormBlaster: A sleek Python web form fuzzer for ethical security audits. Blast forms with random and malicious inputs to uncover XSS, SQL Injection, and more. Features auto-field detection, CSV logging, and modular config. Test responsibly!

cybersecurity ethical-hacking form-fuzzer fuzzing penetration-testing python security web-security

Last synced: 09 Oct 2025

https://github.com/sea-n/nctu-109b-comp-sec

109 Spring - Computer Security Capstone

homework nctu security

Last synced: 24 Apr 2025

https://github.com/robertdebock/ansible-role-investigate

Install and configure investigation tools on your system.

ansible investigate molecule playbook security tox

Last synced: 24 Apr 2025

https://github.com/sr-lab/pin-bank

Numeric PINs counted and sorted by frequency as they occur in the RockYou dataset.

analysis frequency list password pin security

Last synced: 03 Mar 2026

https://github.com/nimdy/selks-install-from-source

How to install SELKS in Azure and AWS cloud services and pretty much anywhere with a internet connection

aws azure elasticsearch how-to kibana logstash monitoring network nsm security suricata

Last synced: 11 Mar 2026

https://github.com/kolteq/validating-admission-policies-pss

Kubernetes Pod Security Standards implemented using Kubernetes Validating Admission Policies. Support of Enforce Baseline and Restricted profiles natively with configurable policy exclusions.

compliance kubeapt kubernetes pod-security pod-security-admission security validating-admission-policy

Last synced: 04 Feb 2026

https://github.com/zdnk/authorized

🔐 Simple way to authorize user actions on resources for Vapor 3

authorization security server-side-swift swift swift4 vapor vapor-3 vapor-swift

Last synced: 26 Apr 2025

https://github.com/openwall/owl

Openwall GNU/*/Linux (Owl) is a small security-enhanced Linux distribution for servers. Owl has effectively reached its end-of-life, but its legacy lives on in a few other distributions (most notably, ALT Linux) and upstream projects. This is a tentative export of the Owl CVS repository into Git, which will possibly be redone later.

hardening linux security userland

Last synced: 09 Apr 2025

https://github.com/shinesolutions/aem-test-suite

AEM infrastructure test suite covering acceptance, recovery, security guideline testing scenarios

acceptance aem aem-opencloud performance recovery security testing

Last synced: 06 Mar 2026

https://github.com/hxsecurity/dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.

applicationsecuritymonitoring devsecops django dongtai dongtai-iast security

Last synced: 26 Apr 2025

https://github.com/codeconut-ltd/wordpress-plugin-default-config

WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.

composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings

Last synced: 08 Oct 2025

https://github.com/hitsz-ids/dbmasker

DBMasker 是一个针对主流数据库系统的 Java 开源项目,旨在提供统一且安全的访问接口。

data data-security database mask sdk security

Last synced: 26 Apr 2025

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/appsflyer/srealip

Go package for securely extracting HTTP client's real public IP

go golang http ip security

Last synced: 10 Oct 2025

https://github.com/fivexl/terraform-aws-ssl-checker

Simple SSL check and expiring certificates reminder with additional DNS check and host availability check.

heartbleed lambda security ssl terraform terraform-module tls tls-certificate-checker tls-scan tls13

Last synced: 09 Apr 2025

https://github.com/m-mizutani/aws-honeypot-templates

CloudFormation templates of low interaction honeypot on AWS

cloudformation honeypot security

Last synced: 27 Apr 2025

https://github.com/sadhasivamx/boar-hunting-yolov8

YoloV8-based boar detection system with Arduino-triggered buzzer for enhanced security.

arduino artificial-intelligence computer-vision custom machinelearning security yolov8

Last synced: 07 Oct 2025

https://github.com/njokuscript/blowfishjs

A Typescript/Javascript library for interacting with the Blowfish APIs

javascript security solana web3

Last synced: 19 Apr 2025

https://github.com/kos0ng/cves

Repository regarding my security research

cve exploit security

Last synced: 28 Jul 2025

https://github.com/nikanique/spring-rest-framework

Spring REST Framework (SRF) is a powerful library for Spring applications that brings the simplicity and flexibility of Django's REST Framework to Spring. SRF streamlines API development with powerful serialization, flexible filters, and seamless integration.

api cqrs data-jpa dto filter generator rest-api security serialization spring spring-boot validation

Last synced: 14 Jan 2026

https://github.com/cwshugg/gurthang

[Masters Thesis] A connection-multiplexing web server fuzzing harness for AFL++.

afl aflplusplus fuzzing networking security systems-programming

Last synced: 19 Apr 2025

https://github.com/smoren/url-security-manager-php

Class for building, parsing, signing, signature checking, encrypting and decrypting URLs

encryption security url-builder url-parser

Last synced: 15 Apr 2025

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026