An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/dirsigler/astro-securitytxt

An Astro integration that generates RFC 9116 compliant security.txt files during build.

astro astro-integration rfc9116 security security-txt securitytxt well-known

Last synced: 04 Apr 2026

https://github.com/jeremylongshore/moat

Verified Agent Capabilities Marketplace — MCP-first trust + policy + execution layer for agents

agents capabilities fastapi mcp policy receipts security trust

Last synced: 04 Apr 2026

https://github.com/koki-develop/setup-ghasec

🛡️ A GitHub Action to install ghasec, a security linter for GitHub Actions workflows.

github-actions security

Last synced: 04 Apr 2026

https://github.com/tomasbasham/ciphersuites

A module providing TLS cipher suite classifications based on current security standards

golang security

Last synced: 04 Apr 2026

https://github.com/endorlabs/endorlabs-buildkite-plugin

Buildkite plugin for Endor Labs — run endorctl in CI to ship secure code with SCA, SAST, secrets, containers, and policy gating.

buildkite buildkite-plugin endorlabs sast sca security

Last synced: 03 Jun 2026

https://github.com/synapticloop/digitalocean-wireguard-vpn

Easily and securely setup a Wireguard VPN using a DigitalOcean droplet.

digitalocean security vpn vpn-server wireguard

Last synced: 20 Jun 2026

https://github.com/imran-siddique/agent-governance

The complete AI agent governance stack - pip install ai-agent-governance[full] for kernel, trust mesh, runtime supervisor, and SRE

agent-framework ai-agents compliance enterprise-ai governance llm multi-agent policy-enforcement security trust

Last synced: 04 Apr 2026

https://github.com/voidd0/passgen

passgen — secure password + diceware passphrase generator with entropy meter and crack-time estimate. Unbiased rejection sampling on crypto.randomBytes. Zero deps.

cli diceware entropy nodejs passphrase password password-generator secure-random security voiddo

Last synced: 20 Jun 2026

https://github.com/wyre-technology/sentinelone-mcp

Multitenant Streamable HTTP wrapper for sentinel-one/purple-mcp

mcp msp msp-mcp security sentinelone

Last synced: 10 Jun 2026

https://github.com/totekuh/winbox

Transparent Windows execution proxy for Kali — run Windows pentest tools via a headless QEMU/KVM VM

cli hacking kali kali-linux kvm offensive-security pentest python qemu red-team security virtualization windows windows-vm

Last synced: 29 Apr 2026

https://github.com/stanleyj03/mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.

ai ai-tools claude fastmcp git-analysis kali-linux npm pentesting prompts python security security-integrations wazuh-integration web-security

Last synced: 09 May 2026

https://github.com/reconmap/latex-docs

Reconmap documents and presentations created using LaTeX.

beamer documents latex pentesting presentations security

Last synced: 10 Jun 2026

https://github.com/mslinn/scala-sig

Typesafe crypto for Scala

jwt rsa scala security

Last synced: 10 Jun 2026

https://github.com/wlkns/wordpress-security-plugin

Lightweight WordPress hardening plugin — blocks brute-force logins with IP banning, traps bots with honeypots, and disables risky features. All toggleable, zero phone-home.

brute-force-protection hardening honeypot security wordpress wordpress-plugin xmlrpc

Last synced: 21 Jun 2026

https://github.com/bch1212/injectshield

Prompt-injection firewall for AI agents — heuristic + semantic detection. Open-source ruleset + managed API at injectshield.dev

agent ai ai-security claude cloudflare-pages guardrails llm mcp model-context-protocol prompt-injection railway security typescript

Last synced: 21 Jun 2026

https://github.com/jmousqueton/2022-openssl-scan

OpenSSL v3.x scanner for Linux (bash) and Windows (Powershell)

bash cve linux openssl scan security vulnerability

Last synced: 10 May 2026

https://github.com/x-mckay/abox

Secure, parallel AI agent sandboxing using microVMs, git worktrees, and a policy-enforcing credential proxy — written in Rust.

ai-agents cloud-hypervisor devtools git-worktrees microvm rust sandbox security tls-proxy virtiofs

Last synced: 10 May 2026

https://github.com/shizhigu/agent-auth

Production-grade auth rail for AI agents. Sits next to your existing human auth — never replaces it.

agent-auth ai-agents api-keys audit-log authentication authorization hmac kms libsodium nodejs oauth postgres rate-limiting redis security typescript

Last synced: 10 Jun 2026

https://github.com/acamarata/curtain

A privacy curtain for macOS Screen Sharing — hide the host screen and block its input while you control remotely.

macos menu-bar privacy remote-desktop screen-sharing security swift vnc

Last synced: 27 Jun 2026

https://github.com/tatilimongi/simple-authentication-system

A secure authentication system implementing bcrypt for password hashing, developed as a classroom exercise for the Secure Development course

authentication bcrypt encription hashing-algorithm java login-system password-hashing secure-coding security university-project

Last synced: 25 Apr 2026

https://github.com/gedigi/noissh

A remote shell that survives network changes — instant feel on lossy/high-latency links, roams across IP changes and sleep/resume, secured end-to-end by the Noise Protocol. 100% safe Rust.

mosh networking noise-protocol remote-shell roaming rust security ssh terminal udp

Last synced: 28 Jun 2026

https://github.com/geekcell/terraform-aws-waf

Terraform module to provision an AWS Web Application Firewall.

aws firewall security terraform terraform-module waf web-application-firewall

Last synced: 10 May 2026

https://github.com/securityronin/journald-forensic

From-scratch systemd journal (.journal) forensic reader — parse entries without journalctl/systemd, carve from unallocated space, and flag tampering (sequence gaps, timestamp regressions, truncation, online-state)

anti-forensics dfir forensics incident-response journald linux log-analysis log-forensics rust rust-forensics security systemd

Last synced: 21 Jun 2026

https://github.com/soulee-dev/ctfkit

CTFKit: An open-source toolkit for effortlessly setting up Capture The Flag (CTF) competitions.

ctf ctfd cybersecurity defcon discord docker security writeups

Last synced: 10 May 2026

https://github.com/jakbin/django-tor

Run your django website on tor using django_tor

django onion onion-service onionshare python security tor

Last synced: 10 May 2026

https://github.com/mervyn-mccreight/coinflip

Implement a non-server dependent coin flipper client as part of a IT-Security project in university.

coinflip game-of-chances security sra

Last synced: 21 Jun 2026

https://github.com/majormilk/filelocker-an-encrypt-decrypt-cli-program

Uses AES-256 to encrypt and dectrypt files and directories, uses BCrypt for password Hashing

cli csharp decryption dotnet encryption filelocker security security-tools

Last synced: 20 Apr 2026

https://github.com/siinghd/isobox

Open-source, self-hostable sandbox for running untrusted / AI-generated code, isolated by gVisor. Stateful sessions, persistent memory, live kernels — no KVM required.

ai-agents code-execution code-interpreter golang gvisor sandbox security self-hosted

Last synced: 05 Jun 2026

https://github.com/jeremywildsmith/shadowhash-distributed

Elixir distributed Shadow File password cracker with GPU accelerated cracking for md5crypt hashing algorithm.

cracking-hash cracking-hashes cracking-password cuda distributed-systems elixir erlang hashing nx security

Last synced: 11 May 2026

https://github.com/jamieswhiteshirt/suspicious-package

A malicious npm package that exploits the default configuration of GitHub Actions and actions/checkout to write unexpected comments on pull requests

actions npm security

Last synced: 11 May 2026

https://github.com/integsec/portsnatcher

Catch ephemeral ports the moment they open — fingerprint, hold open, and hand off to the pentester before the window closes. Apache-2.0.

burp-suite ephemeral-ports fingerprinting mitm offensive-security pentesting port-scanner red-team rust security

Last synced: 24 Apr 2026

https://github.com/zamberjo/odoo-security-audit

Scripts for Odoo security audit tool

odoo security

Last synced: 10 Jun 2026

https://github.com/chintanshah35/secretguard

Scan source code for secrets, credentials, and PII — CLI and Node.js API

cli credentials devsecops nodejs pii secret-scanning security typescript

Last synced: 10 Jun 2026

https://github.com/ndxdeveloper/formation-debian

Formation complète Debian (Desktop/Server) de 280h, des fondamentaux aux infrastructures cloud-native modernes. Maîtrisez Debian, Docker, Kubernetes, Ansible, Terraform et les pratiques DevSecOps.

ansible cloudnative debian devops devsecops docker formation grafana infrastructure-as-code k3s kubernetes kvm linux networking security sysadmin terraform tutorial

Last synced: 11 May 2026

https://github.com/durellwilson/swift-security-toolkit

Production-ready security utilities for Swift/SwiftUI - Keychain, biometrics, input validation, network security

biometrics cybersecurity detroit devrel keychain security swift swiftui

Last synced: 22 Jun 2026

https://github.com/siddhant-vij/user-authentication-system

Terminal-based user authentication system for registration, login, and password reset using a CSV-based storage.

authentication csv database encryption hashing java logging login multifactor-authentication registration reset-password security terminal-based

Last synced: 17 Apr 2026

https://github.com/edycutjong/vetoblast

🛡️ Zero-Trust AI Agent Terminal Proxy and Runtime Guard protecting developer credentials and workspaces.

ai-agents deberta nextjs react sandbox security tailwind zero-trust

Last synced: 10 Jun 2026

https://github.com/hasip-timurtas/solsec

🛡️ CLI toolkit for auditing Solana smart contracts. Includes static analysis, IDL-based fuzzing, plugin system, and multi-format reports.

anchor auditing blockchain cli fluzzing rust security smart-contracts solana static-analysis web3

Last synced: 24 Apr 2026

https://github.com/canonical/certificate-transfer-interface

Charm libraries for providers and requirers of the certificate-transfer integration.

juju mtls security tls trust-store x509

Last synced: 17 May 2026

https://github.com/tayron/spring-boot-mvc-security-mysql

Spring Boot + Spring MVC + Spring Security + MySQL

java mvc mysql security spring-boot

Last synced: 20 Apr 2026

https://github.com/loupe-tools/loupe

100% offline, single HTML file security analyser for 60+ file formats — Office docs, PDFs, executables (PE/ELF/Mach-O), emails, certificates, OpenPGP, JAR, SVG, archives, scripts, plists, EVTX and SQLite. 475+ built-in YARA rules, VBA macro analysis, IOC extraction, recursive payload decoding, STIX 2.1 / MISP export.

evtx file-analysis incident-response malware-analysis offline security single-file static-analysis threat-detection yara

Last synced: 02 May 2026

https://github.com/teskilatsiz/mergelock

Rust tabanlı, yerel çalışan kod güvenliği tarayıcısı. Güvenlik açıklarını, gizli anahtarları ve riskli kod kalıplarını tespit eder.

local-first mergelock rust secrets-detection security security-tools vscode-extension

Last synced: 07 Jun 2026

https://github.com/antonlovesdnb/fishbowl

Containerized credential auditing perimeter for AI coding agents. Wraps Codex/Claude Code in Docker, audits every credential access via eBPF.

ai-agents claude-code codex container-security credential-security devtools docker ebpf rust security

Last synced: 26 Apr 2026

https://github.com/arpihomesecurity/arpi_server

ArPI home security system - backend component

home-security python raspberrypi security

Last synced: 26 Apr 2026

https://github.com/pouriyajamshidi/fwmonitor

for network traffic analysis, displays your iptables, UFW, or any application that logs in the same format, in a pleasant way.

forensics-tools iptables linux network security security-tools

Last synced: 17 Apr 2026

https://github.com/maandree/key2root

Authenticate with keyfile and run a process as root

privilege-escalation root root-access security utility

Last synced: 23 Jun 2026

https://github.com/amarmuric04/gobot

🤖 A terminal-based automation bot for GoVault, my MERN + Next.js password manager. Automates login, password generation, and storage, all from the CLI.

automation bot browser-automation cli dotenv govault mern-stack nextjs password-manager python security selenium

Last synced: 12 May 2026

https://github.com/abinavkrishnaa/ciphertalk

CipherTalk 🔒💬 is an AI-powered, end-to-end encrypted messaging app built with FastAPI, PostgreSQL, and WebSockets for real-time secure communication. It features AES/RSA encryption, JWT authentication, and AI-driven smart replies. Designed for privacy, scalability, and industry-level security. 🚀

ai authentication backend-api database django django-rest-framework python3 security

Last synced: 20 Apr 2026

https://github.com/nir3x/cryptorand.cpp

CryptoRand.cpp - Random Key Generation using Cryptographic Techniques

algorithm algorithms c-plus-plus cpp cryptography encryption entropy random random-number-generation security

Last synced: 04 Jun 2026

https://github.com/sr-lab/pol-infer

Inferring password composition policies from breached user credential databases.

inference password-policy security

Last synced: 27 Apr 2026

https://github.com/citadel-cloud-management/terraform-azure-key-vault

Azure Key Vault Terraform module with RBAC, private endpoint, HSM keys, certificates, and diagnostics

azure devops infrastructure-as-code key-vault production-ready security terraform terraform-module

Last synced: 27 Apr 2026

https://github.com/xxxjjhhh/spring_security_7_jwt

개발자 유미 : 스프링 시큐리티 7 JWT

jwt security spring

Last synced: 07 Jun 2026

https://github.com/filiprokita/portscanner

PORTSCANNER is a simple Python program with GUI that allows users to check whether a given port is open on a specified IP address. The program uses socket programming to establish a connection to the specified port, and displays a message indicating whether the port is open or closed.

network network-analysis network-monitoring network-security network-tools networking port-scanner python python3 security socket-programming tkinter

Last synced: 28 Jun 2026

https://github.com/fridex/pip-provenance

Files supporting an article about PEP-710.

hack hacktoberfest-accepted provenance python security

Last synced: 06 Jun 2026

https://github.com/mkafonso/guardian

[NPM] Analise dependências Node.js, priorize riscos reais e gere relatórios acionáveis em segundos

audit cli dependencies devtools nodejs npm security typescript vulnerabilities

Last synced: 12 May 2026

https://github.com/x45iq/prencryptor

Android application for file encryption and decryption using password

android android-application decryption encryption java mit-license security

Last synced: 29 Jun 2026

https://github.com/nischal94/repo-template

Template for new repos: Tier A security workflows (gitleaks, PR-title lint, dependabot, harden-runner) + community files. Click 'Use this template' to start a new repo with these defaults.

ci security template

Last synced: 27 Apr 2026

https://github.com/zaydons/devscrub

A comprehensive security scanning tool that combines traditional pattern matching with semantic analysis to detect vulnerabilities, secrets, and security issues across multiple programming languages and frameworks.

ci-cd cli devsecops docker javascript open-source python security static-analysis

Last synced: 20 Apr 2026

https://github.com/mk-knight23/ai-sdk-anthropic

Claude-centered secure agent runtime with policy-first design

anthropic claude mcp python security

Last synced: 03 Apr 2026

https://github.com/suuhm/xml_event_xtractor

export and analyze windows evtx events from xmlcli export files

analyzer blueteam eventlog events evtx forensics logging security siem windows xml xmlcli

Last synced: 27 Apr 2026

https://github.com/saagpatel/mcp-trust

Neutral trust registry for MCP servers — check before you connect

ai-safety developer-tools mcp model-context-protocol python security trust-registry

Last synced: 28 Jun 2026

https://github.com/seniorbatleo/cryptocart

Secure chat software for your computer.

chat cryptocart cryptography messaging secure security

Last synced: 24 Jun 2026

https://github.com/joscha/mta-sts-cloudflare

A Cloudflare worker for mta-sts policy files

cloudflare email mta-sts security

Last synced: 17 Apr 2026

https://github.com/santiellena/cryptopals

My solutions to Cryptopals challenges (http://cryptopals.com/) written in Rust

cryptography rust-lang security

Last synced: 07 Jun 2026

https://github.com/tigthor/encyption

�� Simple and secure encryption/decryption utility for TypeScript applications. Works seamlessly with backend APIs and frontend Next.js applications.

aes browser crypto encryption javascript nextjs nodejs security typescript utils

Last synced: 27 Apr 2026

https://github.com/fluidattacks/sast-action

Static Application Security Testing (SAST) GitHub Action by Fluid Attacks

code-scanning-ready github-actions sast security

Last synced: 27 Apr 2026

https://github.com/rarestype/rarestcheck

No description or website provided.

autosync continuous-integration security

Last synced: 07 May 2026

https://github.com/chadmayfield/gh-repos-hud

Heads-up display of repo health across your GitHub orgs (gh extension)

bubbletea cli dashboard dependabot devops gh-cli gh-extension github github-api golang repository-management security terminal tui

Last synced: 24 Jun 2026

https://github.com/raullopezpenalva/contact-service

Spring Boot microservice handling contact submissions for my personal website. Includes persistence, admin management and notification system.

backend backend-api backend-service documentation feature infrastructure java security spring-boot

Last synced: 13 May 2026

https://github.com/axi0mh1ve/axiom-hive-ddm

Deterministic DNS Defense Module - Replace probabilistic threat detection with cryptographic verification and strict enforcement

cybersecurity deterministic-security dns dns-security ebpf kernel merkle-tree network-security security zero-trust

Last synced: 20 Apr 2026

https://github.com/ggabrie2025/apollo_data_auditor

APOLLO Data Auditor — Native agent for data privacy audits (GDPR/NIS2). Scans files, databases, cloud, directory & apps. Detects PII, produces compliance reports.

compliance data-audit gdpr nis2 pii-detection privacy rust security

Last synced: 28 Apr 2026

https://github.com/tandemcreativedev/llm_nextjs_audit_sheets

AI-optimised audit sheets for systematic code quality assessment in Next.js projects. Transform manual auditing into structured, agent-driven quality assurance.

accesibility ai audit claude codex llms nextjs security tailwindcss

Last synced: 28 Apr 2026

https://github.com/fluttertwillis/information-security-project

IEEE paper on security vulnerabilities in Decentralized Finance Defi

blockchain cybersecurity defi ethereum ieee-format latex research-paper security web3

Last synced: 28 Apr 2026

https://github.com/morgaesis/ssh-guard

LLM-powered SSH command filter for AI agents. Evaluate every command before execution.

agent-safety ai-agents command-filter devops llm safe-ssh security ssh ssh-wrapper

Last synced: 03 Apr 2026

https://github.com/wyre-technology/huntress-mcp

MCP server for the Huntress cybersecurity platform

huntress mcp mcp-server msp msp-mcp security typescript wyre-technology

Last synced: 13 May 2026

https://github.com/xultech-ltd/laravel-ip-whitelist

Flexible IP whitelist middleware for Laravel – Supports CIDR, wildcards, database or config storage, Blade directives, route macros, and Artisan commands.

authorization ip-whitelist ip-whitelisting laravel laravel-package security

Last synced: 28 Apr 2026

https://github.com/Perufitlife/nhost-security-skill

Open-source Hasura/Nhost security auditor: detects anonymous role with open SELECT, user role missing row filter, public introspection. Active anonymous GraphQL probe confirms each leak.

audit auditor cli devsecops graphql hasura leak nhost nodejs penetration-testing scanner security typescript vulnerability

Last synced: 25 Jun 2026

https://github.com/anystack-sh/electron-license-demo-app

Example implementation of Anystack's licensing SDK for Electron applications

electron license-management security

Last synced: 14 May 2026

https://github.com/declangray/lsa-hunter

A tool for extracting the LSA Key of a Windows machine from the Registry.

encryption lsa security windows

Last synced: 14 May 2026

https://github.com/thomasboegl1/soc-threat-report-tool

A Streamlit-based web application for SOC teams to generate professional monthly security reports with PDF export capabilities. Streamline your security reporting workflow with customizable templates and real-time preview.

cybersecurity pdf-generation python reporting security soc streamlit threat-intelligence threat-reporting

Last synced: 28 Apr 2026

https://github.com/quenchworks/common

quench-common: the shared Helm library chart for the QuenchWorks catalog (hardened pod/container security contexts + a digest-only image resolver).

hardened helm helm-charts helm-library-chart kubernetes security

Last synced: 22 Jun 2026

https://github.com/solomonneas/cortex-mcp

MCP server for Cortex observable analysis and response engine

ai-agents automation cortex mcp model-context-protocol observable-analysis security soar

Last synced: 25 Apr 2026

https://github.com/damianravindupeiris/springbootsecurity

This project demonstrates Spring Boot with JWT authentication.

java jwt-authentication jwt-token security springboot

Last synced: 20 Apr 2026

https://github.com/bogdanticu88/mcp-map

Static attack surface analyzer for MCP servers and LLM tool definitions

cli devsecops llm mcp mitre-atlas model-context-protocol owasp python security static-analysis

Last synced: 03 Jun 2026

https://github.com/rahul-aut-ind/go-analyzer

analyzes any Go codebase and produces useful reports

cli code-quality devto go golang golang-cli golang-tools linter security static-analysis

Last synced: 28 Apr 2026

https://github.com/Perufitlife/appwrite-security-skill

Open-source Appwrite security auditor: detects 'any' role grants, document security misconfig, over-permissive collection permissions. Active probe confirms each leak.

appwrite audit auditor baas cli devsecops leak mit-license nodejs open-source penetration-testing scanner security security-audit typescript vulnerability

Last synced: 25 Jun 2026

https://github.com/Perufitlife/ollama-security

Active-probe security auditor for Ollama: detects a publicly bound, unauthenticated API and PROVES model/compute leaks live via anonymous /api/tags, /api/ps, /api/generate and CORS probes. Zero deps, MIT.

ai-agents cors devsecops llm llm-security local-ai local-llm ollama security security-audit

Last synced: 25 Jun 2026

https://github.com/nisanth2004/springboot-apache-kafka-programs

Apache Kafka is a distributed event streaming platform capable of handling trillions of events per day. It is used for building real-time data pipelines and streaming applications.

broker cluster framework java kafka login message rabbitmq security spring springboot topics user

Last synced: 28 Apr 2026

https://github.com/osama-yusuf/shell-guard

ShellGuard: Secure Shell Based Password Manager

bash-script password-manager security technology

Last synced: 28 Apr 2026