An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/cesarsicas/spring-blog

REST API made with Spring Boot and Java.

api-server java rest security spring spring-boot

Last synced: 13 Apr 2026

https://github.com/gavin-chua/moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

cve exploit exploitation infosec infosectools linux privilege-escalation red-teaming redteam redteam-tools security security-tools

Last synced: 18 May 2026

https://github.com/cskwork/ssh-llm-connect

Safe SSH for LLM coding agents — multi-host helper + read-only command guard + harness-enforced PreToolUse hook the agent cannot bypass

agent-tools ai-agents anthropic claude-code devops guardrails hooks llm security ssh

Last synced: 31 May 2026

https://github.com/huzaifanasir08/Web-Changes-Detector

Web Changes Detector that monitors website updates by hashing HTML content and comparing changes over time. It supports asynchronous crawling, automated checks, and email notifications for detected changes. Stay ahead of web updates effortlessly!

change-detection cybersecurity django django-project security website

Last synced: 16 Jun 2026

https://github.com/stiankri/appsec-labs

Security playground

security

Last synced: 14 May 2026

https://github.com/luciangutu/tls_handshake_poc

Poor's man PoC for TLS handshake

python security tls

Last synced: 14 May 2026

https://github.com/andreid/smarthoneypotting

playing with honeypotting. when have time

ethereum honeypots security smart-contracts solidity

Last synced: 11 Apr 2026

https://github.com/mojotx/entropy

Calculate password entropy bits

entropy entropy-bits go golang password security

Last synced: 31 May 2026

https://github.com/alextanhongpin/node-ssl

Example on using SSL with nodejs

express node security ssl

Last synced: 13 Apr 2026

https://github.com/mridang/traefik-superheader

A traefik plugin to add the most common headers to HTTP requests

headers http-headers middleware owasp security traefik traefik-middleware traefik-plugin

Last synced: 16 Jul 2026

https://github.com/reaatech/guardrail-chain

Composable input/output guardrail pipeline for agent systems. Chain PII redaction, prompt injection detection, topic boundaries, and output filters with short-circuit logic and latency budgets.

agentic-ai ai ai-agents developer-tools generative-ai llm mcp security typescript

Last synced: 16 Jul 2026

https://github.com/reaatech/prompt-injection-bench

Reproducible benchmark and test corpus for prompt-injection defenses — adapters for common sanitization libraries, scored leaderboard, CI-ready. Security-adjacent, evergreen.

adversarial-testing agentic-ai ai-safety ai-security benchmark defense llm llm-security prompt-injection red-teaming sanitization security test-corpus typescript

Last synced: 16 Jul 2026

https://github.com/uzziellite/encryption_service

Encrypt all data for enhanced security

encryption-decryption python security

Last synced: 17 Mar 2025

https://github.com/divyamohan1993/enterprise-sso-system

Military-grade SSO system with FROST threshold signing, OPAQUE password auth, ML-KEM-768 post-quantum KEM, OIDC/OAuth2, FIDO2/WebAuthn, forward-secret ratcheting, BFT audit. Live demo: sso-system-demo.dmj.one

authentication fido2 frost milnet oauth2 oidc opaque post-quantum rust security sso threshold-cryptography webauthn zero-trust

Last synced: 13 Apr 2026

https://github.com/rpfilomeno/darahata

Lazy Windows event log fast forensics timeline generator and threat hunting script.

blueteam detection dfir-automation forensics hayabusa rust security siem sigma takajo threat-hunting windows

Last synced: 30 Apr 2026

https://github.com/arisrhiannon/vibecheck

Offline, zero-dependency, no-AI "safe to ship?" gate for vibe-coded apps — finds the security mistakes AI coding agents make (secrets, unprotected routes, eval-RCE, SQLi, CORS, JWT, leaked keys). CLI + MCP, agent-runnable.

agent ai-generated-code ci devsecops llms-txt mcp owasp sast secrets security ship-gate typescript vibe-coding zero-dependency

Last synced: 31 May 2026

https://github.com/sqreen/heroku-buildpack-go

Companion buildpack for the Heroku Go Buildpack enabling Sqreen

buildpack go heroku rasp security sqreen waf

Last synced: 22 May 2026

https://github.com/skyghost090/web-private

Script for Block specific sites on linux

gui linux-gui security web

Last synced: 08 Jan 2026

https://github.com/arisrhiannon/wormguard

Offline, zero-dependency npm supply-chain auditor — behavioral + baseline-diff detection of malicious install scripts (Shai-Hulud-style worms). No network, no account, no CVE database.

audit cli devsecops install-script lockfile malware npm offline security shai-hulud supply-chain typescript typosquat zero-dependency

Last synced: 31 May 2026

https://github.com/rvhonorato/slurml

slurml is a RESTful interface for Slurm schedulers, providing secure HTTP endpoints for job management without direct user login to HPC nodes.

cluster-management high-performance-computing hpc http-endpoint job-management job-scheduler rest-api security slurm user-management

Last synced: 21 Jun 2025

https://github.com/infrahouse/terraform-aws-key

Terraform module for AWS KMS encryption keys with configurable key policies, key rotation, aliases, and cross-account access grants.

aws encryption infrahouse kms security terraform terraform-module

Last synced: 23 Feb 2026

https://github.com/themrmilchmann/stash

Stash is a Java library that provides capabilities to properly store secrets in memory.

java secrets security stash

Last synced: 11 Apr 2025

https://github.com/wmramadan/wazuh-dvwa-scanner

Docker Container Setup with Wazuh for Vulnerability Scanning DVWA Container

cybersecurity docker dvwa security wazuh wazuh-agent wazuh-manager

Last synced: 14 Jun 2025

https://github.com/kellewic/compass

Helping you find your way across the Splunk landscape

devops itops security splunk-application

Last synced: 04 Apr 2025

https://github.com/edycutjong/docdrift

🔍 AI-powered Code↔Docs Drift Detector and Security-first Auditing Pipeline built for the Anna Hackathon

anna-app documentation-drift hackathon security

Last synced: 16 Jul 2026

https://github.com/jhdsr01/zipcracker

A Python-based tool for cracking protected ZIP, RAR, 7Z, and TAR archives using dictionary attacks, brute force methods, and concurrent processing.

brute-force-attack bruteforce crack cracking dictionary-attack hacking hacktoberfest linux password plaintext-attack security termux zip-file zipfile

Last synced: 23 Aug 2025

https://github.com/devolutions/xts.net

Implementation of the XTS(Ciphertext Stealing) encryption mode

security

Last synced: 25 Mar 2025

https://github.com/papy139/osint-dork-generator

Générateur de Google Dorks OSINT — application autonome en un seul fichier HTML, sans dépendance ni serveur.

google-dorks osint security single-file vanilla-js

Last synced: 30 May 2026

https://github.com/guardian/wazup

Automated deployment of Wazuh configuration changes

security vulnerability-detection wazuh

Last synced: 06 Sep 2025

https://github.com/akornatskyy/wheezy.security

A lightweight security/cryptography library

cryptography python security wheezy

Last synced: 28 Apr 2025

https://github.com/splunk/splunk-app-for-dspt-compliance

This app provide assistance in yearly compliance to the Data Security and Protection Toolkit (DSPT)

app data-security security splunk-addon splunk-app splunk-application splunk-apps toolkit

Last synced: 17 Jul 2026

https://github.com/karan-parmar-007/blog-ai

Whisper AI is an innovative blogging platform that combines advanced artificial intelligence and cloud technologies to revolutionize the way users create, share, and engage with content. With a range of features designed to enhance the blogging experience, Whisper AI empowers users to express themselves freely while ensuring privacy and security.

artificial-intelligence bootstrap django html-css-javascript langchain large-language-models llama2 llamacpp llm-inference python3 security translation

Last synced: 08 Mar 2026

https://github.com/hetrox8/project.network-analysis

This project implements a network analysis tool build using python. The core features include discovering devices connected, manage bandwidth for each connnect, black and whitelist devices and set timer for connected devices

cyber network network-security network-tools python3 security

Last synced: 16 Apr 2026

https://github.com/mauricelambert/mremotengpasswordsstealer

This module steals mRemoteNG passwords.

decrypt mremoteng passwords recovery security steal

Last synced: 30 May 2026

https://github.com/opencodechicago/hacktoberfest-2025-infra

CoreX infrastructure — Terraform modules, GitHub Actions workflows, AWS provisioning (S3, CloudFront, Lambda, ECR), observability, and secrets management. For DevOps, Cloud Engineering, and Security contributors during Hacktoberfest 2025.

aws ci-cd cloud community-project devops grafana hacktoberfest hacktoberfest2025 iac infrastructure jira monitoring open-source opencodechicago security terraform

Last synced: 06 Oct 2025

https://github.com/hakenr/modelbindingmassassignment

DEMO for ASP.NET Worst Practices sessions

demo mass-assignment over-posting security spoofing

Last synced: 13 Jul 2025

https://github.com/sharinas/aws-security-remediation

CloudFormation and Python-built lambda functions that add automation to the maintenance and security of an AWS account.

autoremediation aws aws-lambda aws-s3 cloudformation encryption python security yaml

Last synced: 13 Apr 2026

https://github.com/fluohq/compliance-as-code

Generate compliance code from Nix. Evidence as Telemetry.

code-generation compliance gdpr hipaa nix observability opentelemetry security soc2

Last synced: 05 Oct 2025

https://github.com/pivaldi/emacs-passfile

Very simple Emacs package allowing to view and edit securely a GnuPG encrypted file

emacs password-store passwords security

Last synced: 05 Oct 2025

https://github.com/armorblox/armorblox-python-sdk

Armorblox SDK for Python

email-security python sdk security

Last synced: 14 Jan 2026

https://github.com/ryan-rozario/bandit_otw

Solution of Bandit War game of OverTheWire https://overthewire.org/wargames/bandit/

bandit-war-games overthewire security

Last synced: 05 Oct 2025

https://github.com/TheRedSpy15/Snakeswitch

A backup for when your VPN doesn't have a good killswitch

proxy python security vpn wip

Last synced: 11 Mar 2025

https://github.com/ssexton16/websecuritycheatsheet

🔒 Secure your web applications with essential security practices and guides for SSL, server configuration, authentication, and data protection.

apache apache-configuration content-security-policy javascript-security nginx security security-cheatsheets sql-injection web-security websecurity xss-vulnerability

Last synced: 06 Oct 2025

https://github.com/zezav-cz/networkclock

Server app for time shearing

csharp security time

Last synced: 17 Jul 2026

https://github.com/burumdev/esp32-padlock

Securely lock and unlock your ESP32-cX device over an encrypted web endpoint.

embedded esp32 esp32-c3 esp32-c6 https rust security tls

Last synced: 18 May 2026

https://github.com/abjrcode/swervo

Rotate your secrets and live worry free!

secret-management security

Last synced: 12 Mar 2026

https://github.com/adeolu-rabiu/enterprise_infrastructure_stack

Enterprise Infrastructure Lab 🏗️ Production-grade Kubernetes cluster with DevSecOps pipeline, virtualization, monitoring, and security compliance Technologies: Kubernetes | OpenShift | Terraform | Ansible | GitLab CI/CD | Prometheus | ELK | KubeVirt

ansible argocd devops enterprise grafana infrastructure-as-code kubernetes prometheus security terraform virtualization

Last synced: 06 May 2026

https://github.com/strugee/presentation-https-deployment

Recurse Center presentation on HTTPS and how to correctly/securely deploy it

bespoke deployment education https javascript presentation security tls

Last synced: 06 Oct 2025

https://github.com/is-it-ayush/gpg-playground

Just a regular GPG playground

commands debain gpg security

Last synced: 08 Jan 2026

https://github.com/albertotijunelis/hashguard

Professional file verification & threat intelligence platform — hashing, signatures, PE analysis, YARA, risk scoring, IOC extraction, and multi-source threat intel.

file-analysis malware-analysis pe-analysis python security threat-intelligence virustotal yara

Last synced: 12 Mar 2026

https://github.com/uddin-a/snow_crash

A 42 introductory ptoject to computer security.

ctf-challenges hacking learn linux security

Last synced: 30 May 2026

https://github.com/aaronfay911/btc-heuristics

Open-source MIT-licensed Bitcoin wallet heuristics + AI-driven risk analysis. Core contributions & transparency work aligned with the Maelstrom Grant track.

ai bitcoin heuristics machine-learning maelstrom open-source privacy risk-analysis security wallet

Last synced: 06 Oct 2025

https://github.com/thinhho0019/devmess

🚀 DevMess is a secure real-time chat platform featuring end-to-end encryption, lightning-fast performance, and a sleek developer-friendly interface ⚡

chatsocket cloud devmess e2e gitflow-workflow golang jw outh2 postgresql react realtime security vitejs

Last synced: 13 Apr 2026

https://github.com/baku-stark/seguranca-da-informacao

Conteúdo para estudos sobre 'Segurança da Informação'.

security seguranca-da-informacao

Last synced: 12 Jul 2026

https://github.com/marcosvidolin/google-idtoken-auth

Node.js middleware to validate Google ID tokens in the request.

auth0 expressjs google idtoken javascript middleware nodejs security token

Last synced: 07 Oct 2025

https://github.com/kariricode-framework/kariricode-sanitizer

A robust and flexible data sanitization component for PHP, part of the KaririCode Framework, utilizing configurable processors and native functions

data-cleaning data-processing filtering framework framework-php input-validation kariri-code php-sanitizer sanitization security

Last synced: 14 Feb 2026

https://github.com/sjinks/wazuh-ar-ipset

Wazuh Active Response Script to Add IP to `ipset` List

active-response firewall ipset security wazuh

Last synced: 17 Jan 2026

https://github.com/microsoftcloudessentials-learninghub/demosscenarios-techtalks

This repository showcases demonstrations and scenarios using Microsoft Cloud technologies. Please note that these demos are intended as a guide and are based on my personal experiences.

ai analytics azure copilot data data-science fabric m365 microsoft-general ml powerapps powerbi privatebot security sharepoint

Last synced: 14 Mar 2026

https://github.com/kristapsdz/dev_sec_flops

A survey and analysis of source code sandboxing

capsicum pledge sandboxing seccomp-bpf security

Last synced: 14 Jun 2025

https://github.com/nir3x/fxms

FNV-XOR-Mask-Shuffle Symmetric Encryption Algorithm

algorithm crypto encryption fnv fxms go golang mask security shuffle symmetric xor

Last synced: 06 Jun 2026

https://github.com/cmangun/compliance-automation-suite

HIPAA compliance automation. PHI validation, 45 CFR 164 references, audit logging, security controls.

audit compliance healthcare hipaa phi python regulations security

Last synced: 18 Jan 2026

https://github.com/integralist/python-encryption

Abstraction layer built on top of Scrypt.

digest encryption hashing python3 scrypt security security-tools

Last synced: 08 Mar 2026

https://github.com/artagon/artagon-bom

Bill of Materials for managing dependency versions across the Artagon stack

bill-of-materials bom cyclonedx dependency-management gradle java maven-central sbom security sigstore supply-chain

Last synced: 13 Apr 2026

https://github.com/pobyzaarif/cluri7

penetration testing and security assessment

security security-audit security-tools security-vulnerability websites

Last synced: 07 Oct 2025

https://github.com/allsmog/vuln-scan-cannon-harness

AI-native SAST / LLM security scanner in one Rust binary: permuted scan salvos + adversarial reasoning verification (taint · trust-graph · metamorphic) over your local Claude CLI. A semantic complement to Semgrep — your code never leaves your machine.

ai-agents ai-security anthropic appsec claude claude-code cli code-review cybersecurity devsecops llm rust sast security security-tools static-analysis taint-analysis threat-modeling vulnerability-detection vulnerability-scanner

Last synced: 12 Jul 2026

https://github.com/urlscan/issues

urlscan.io - Issues, Technical Questions, Feature Requests

security threat-intelligence web website-scanner

Last synced: 17 Jan 2026

https://github.com/mark1708/pastebin-app

Pastebin example with Spring Boot 3 and React js

hazelcast java-17 keycloak minio react security spring-boot

Last synced: 09 May 2026

https://github.com/100xpercent/pop-pay

The runtime security layer for AI agent commerce

ai-agent guardrail mcp mcp-server payment security

Last synced: 14 Apr 2026

https://github.com/brandonhenricks/cloudflare-leakedcredentials

Minimal netstandard2.0 library that parses Cloudflare's Exposed-Credential-Check header so origin servers can detect credential exposure.

cloudflare csharp security

Last synced: 14 Jan 2026

https://github.com/viettaliii/ids

Hệ thống phát hiện xâm nhập (IDS) dành cho doanh nghiệp nhỏ

ids security system

Last synced: 14 Mar 2026

https://github.com/amruthlp12/entropykey

EntropyKey is a web application that generates unique and secure tokens using your device's camera. The randomness in the video feed helps create unpredictable tokens, making them suitable for passwords or other secure identifiers.

bootstrap camera-api client-side-security css3 entropy frontend-development html5 javascript open-source password-generator random-token-generator randomness randomness-generation secure-tokens security token-generation web-application

Last synced: 08 Jan 2026

https://github.com/vnegrea/ldaplookup

Hardened LDAP lookup tool with embedded credentials, runtime locks, and anti-tampering protection

authentication binary-obfuscation garble go golang hardened ldap ldap-client obfuscation security

Last synced: 30 May 2026

https://github.com/softleader/security-guardium-starter

Secure service w/ IBM Security Guardium

security

Last synced: 13 Jul 2025

https://github.com/brazil-data-cube/bdc-auth-client

A client package for authentication and authorization based on OAuth 2.0 and BDC-Auth

client-library oauth2 python security webservice

Last synced: 25 Mar 2025

https://github.com/nirodg/hyper-api

A Quarkus extension for instant, zero-boilerplate, secured CRUD APIs

api-rest backend cache java kafka llm quarkus quarkus-extension security

Last synced: 28 Apr 2026

https://github.com/phpgt/protectedglobal

Protection against accidental use of superglobals.

global-variables object-oriented php-oop php-security phpgt security

Last synced: 19 Apr 2025

https://github.com/mughal-baig/agentic-workflow-guard

Scan GitHub Actions workflows for AI-agent injection and unsafe prompt flows

ai-agents code-scanning devsecops github-actions llm prompt-injection sarif security

Last synced: 30 May 2026

https://github.com/nonameb3/safe-commander-mcp

A secure MCP server for executing whitelisted development commands with comprehensive security controls.

ai-tools claude command-execution development-tools mcp model-context-protocol nodejs safe-execution security typescript

Last synced: 16 Jan 2026

https://github.com/brunogama/swiftlivenesskit

Production-ready iOS liveness detection with multi-vendor support, automatic fallback, and enterprise security. Built with Swift 6 actors and async/await.

actors app-attest async-await biometric-authentication certificate-pinning enterprise face-recognition fallback-strategy ios liveness-detection mobile-security multi-vendor security swift swift-concurrency

Last synced: 08 Oct 2025

https://github.com/mechhelp/indexleak-scanner

🔍 Scan for sensitive index leaks using the Model Context Protocol, enhancing your security through effective detection and prevention.

ai directory-listing mcp osint security

Last synced: 08 Oct 2025

https://github.com/llmora/mosh

Model-driven Open Security Harness

harness llm pentesting security

Last synced: 15 Jul 2026

https://github.com/vettid/vettid-ios

VettID iOS App - Swift/SwiftUI

identity ios privacy security swift swiftui

Last synced: 23 Feb 2026

https://github.com/artnum/menshen

Authentication mechanism using private/public key.

authentication authentication-strategy rsa-cryptography rsa-key-pair security stateless web

Last synced: 08 Oct 2025

https://github.com/kauemurakami/flutter_tamper_detector

[Package Flutter] Flutter Tamper Detector is a security plugin for Flutter that detects and prevents tampering. It identifies if the device is rooted, if hooking tools like Frida, Xposed, or Cydia Substrate are present, or if the device is an emulator. It can automatically close the app to protect integrity and security.

cydia dart flutter flutter-hooks flutter-package flutter-platform-channel flutter-root flutter-security frida kotlin platform-channels security security-app xposed

Last synced: 28 Dec 2025

https://github.com/denial-web/clawguard

Governance and security scanner for OpenClaw skills, ClawHub installs, MCP configs, and skill dependencies.

ai-agents clawhub governance mcp openclaw scanner security supply-chain

Last synced: 30 May 2026

https://github.com/asankov/security-txt-parser

A simple Go library for parsing security.txt files

go security security-txt

Last synced: 25 Mar 2025

https://github.com/sekgobela-kevin/broote

General purpose python bruteforce library built on top of perock

asyncio bruteforcer bruteforcing hacking security testing threads

Last synced: 21 Jan 2026

https://github.com/joinalahmed/skilleval

100% deterministic evaluation framework for AI agent skills with dual-phase scoring, comprehensive security scanning, and transparent grading

agent-skills agents ai deterministic evaluation llm owasp python security skill-evaluation skills testing

Last synced: 12 Jul 2026