An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/guardianproject/opencircle

Open-source Circle of 6 with improved security and privacy features. PLEASE NOTE: For the new Circulo app please visit: https://gitlab.com/circuloapp/circulo-android

community hotline mobile safety security support

Last synced: 22 Jun 2025

https://github.com/apriorit/access-app-data-android

A no-root solution to access Android app private data without root access. Browser history and instant messages example

android security

Last synced: 08 May 2025

https://github.com/0xinfection/pewswitch

A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

exploitation-framework freeswitch security sip-security unauthenticated-requests voip-telephony-providers

Last synced: 13 Apr 2025

https://github.com/ssstonebraker/log4j-scan-turbo

Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

bash kali log4j log4shell oscp oscp-tools osint pentesting security securty-tools shell

Last synced: 12 Jul 2025

https://github.com/thedoctor0/openvas-docker-lite

OpenVAS docker container with custom automation script.

docker nmap openvas scan security shell

Last synced: 12 Apr 2025

https://github.com/ulisesgascon/docker-seguro

📖 Docker Seguro por Ulises Gascón

docker ebook learning security spanish

Last synced: 05 May 2025

https://github.com/simeononsecurity/Windows-Hardening-CTF

A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.

automation ctf ctf-tools hardening security windows

Last synced: 17 Aug 2025

https://github.com/itinerisltd/disallow-pwned-passwords

Disallow WordPress and WooCommerce users using pwned passwords

have-i-been-pwned hibp password security woocommerce wordpress-plugin

Last synced: 24 Apr 2025

https://github.com/endorama/2ami

Your easy 2FA companion that keep the secrets secret.

cli google-authenticator hacktoberfest keychain keyring secrets secure security totp two-factor

Last synced: 15 Mar 2026

https://github.com/deepal/node-dukpt

Node JS Library for Derived Unique Key Per Transaction (DUKPT) Encryption 💳🔑🛡

aes decryption dukpt dukpt-encryption encryption javascript node-dukpt nodejs payments security

Last synced: 15 Oct 2025

https://github.com/tigran-sargsyan-w/self-signed-cert-toolkit

A toolkit for generating self-signed digital certificates for signing PDFs, emails, software, and other content using tools like JSignPdf or any software that supports PKCS#12.

cert-generation certificate cli-tool code-signing digital-signature document-signing email-signature encryption openssl p12 pdf pdf-signature pkcs12 privacy security self-signed smime ssl tls x509

Last synced: 29 May 2026

https://github.com/rshipp/python-dshield

Pythonic interface to the Internet Storm Center / DShield API.

api-client dshield infosec isc library python sans security

Last synced: 15 Sep 2025

https://github.com/alulsh/intro-to-security-for-developers

An introduction to security for developers.

infosec security slides

Last synced: 20 Nov 2025

https://github.com/kraftjectory/secrex

Simple and secure secrets manager in Elixir projects

elixir security

Last synced: 15 Jul 2025

https://github.com/dan-nolan/delegatecall-proxy-bug

An Exploit on the AAVE v2 Contract Vulnerability

security smart-contracts solidity

Last synced: 31 Aug 2025

https://github.com/anon-exploiter/ine-dl

Python script to download INE courses including labs, exercises, quizzes, slides, and, videos!

courses ine ine-dl security

Last synced: 03 Oct 2025

https://github.com/simeononsecurity/windows-hardening-ctf

A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.

automation ctf ctf-tools hardening security windows

Last synced: 15 Apr 2025

https://github.com/d2iq-archive/kubernetes-security-benchmark

A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources

cis cli cobra dcos golang ksphere kubernetes security

Last synced: 31 Mar 2025

https://github.com/sbaresearch/amlsec

Automated Security Risk Identification Using AutomationML-based Engineering Data

automationml cyber-physical-systems industrial-automation research risk-assessment security semantic-web

Last synced: 12 Jul 2025

https://github.com/hazcod/security-slacker

Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.

crowdstrike one security slack spotlight workspace ws1

Last synced: 19 Apr 2025

https://github.com/WiPi-Hunter/PiUser

👨‍💻🕵🏻👩‍💻 Analyze user behavior against fake access points📡

access-point attacker blueteam corporations fake pentesting probe-requests redteam security user wifi

Last synced: 07 Apr 2025

https://github.com/alaz/legitbot

🤔 Is this Web request from a real search engine🕷 or from an impersonating agent 🕵️‍♀️?

bot detect-crawlers fake googlebot impersonation protection ruby ruby-gem search-engine security

Last synced: 25 Apr 2026

https://github.com/tink-crypto/tink-tinkey

Utility that allows generating and manipulating Tink keysets

crypto cryptography java key-management security

Last synced: 27 Jan 2026

https://github.com/unicornsasfuel/keybrute

A wordlist-based encryption key brute forcer targeting weak key choice/derivation

aes aes-encryption brute-force computer-security crack cryptanalysis crypto cryptography encryption information-security infosec security

Last synced: 26 Mar 2025

https://github.com/hxsecurity/dongtai-plugin-idea

Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.

applicationsecuritymonitoring appsec-tutorials code-quality devsecops dongtai-iast iast idea-plugin intellij-platform security

Last synced: 04 Oct 2025

https://github.com/jpcertcc/quasarrat-analysis

QuasarRAT analysis tools and research report

malware python3 security

Last synced: 05 Apr 2025

https://github.com/mondoohq/packer-plugin-cnspec

Packer plugin cnspec by Mondoo - Build machine images free of security misconfigurations and vulnerabilities!

ami cnspec mondoo packer packer-plugin security vulnerability

Last synced: 27 May 2026

https://github.com/houzuoguo/cryptctl

A disk encryption utility that helps setting up LUKS-based disk encryption using randomly generated keys, and keeps all keys on a dedicated key server.

disk-encryption encryption go golang linux luks os security

Last synced: 13 Apr 2025

https://github.com/chewbaka69/fail2ban_pterodactyl

A fail2ban filter for wings daemon, the service of pterodactyl panel, to secure the SFTP bruteforcing

fail2ban fail2ban-filter security

Last synced: 05 Jul 2026

https://github.com/kstr0k/migrate-apt-keys

Migrates from "apt-key" managed keys to "[signed-by=.../keyrings/...]"

apt apt-key debian gpg security shell-script ubuntu

Last synced: 22 Apr 2025

https://github.com/fractalfir/memory_pages

`memory_pages` is a small library provinig a cross-platform API to request pages from kernel with certain premisions

low-level memory-management rust security

Last synced: 16 May 2025

https://github.com/koki-develop/ghasec

🫴 Catch security risks in your GitHub Actions workflows.

github-actions security

Last synced: 17 Apr 2026

https://github.com/davidalami/VulnMapAI

VulnMapAI combines the power of nmap’s detailed network scanning and the advanced natural language processing capabilities of GPT-4 to generate comprehensive and intelligible vulnerability reports. It aims to facilitate the identification and understanding of security vulnerabilities.

hacking hackthebox hacktoberfest machine-learning penetration-testing port-scanning security tryhackme vulnerability-scanners

Last synced: 07 Sep 2025

https://github.com/fusionauth/fusionauth-example-modern-guide-to-oauth

The example application paired with the Modern Guide to OAuth

authentication oauth oauth2 security

Last synced: 05 Apr 2025

https://github.com/sfuhrm/openssl4j

High performance Java crypto binding to the native OpenSSL library

crypto cryptography fast java java-library jni md5 mmx openssl ripemd160 security sha1 sha256 sha3 sm3 sse whirlpool

Last synced: 05 Apr 2025

https://github.com/stijnmoreels/fsecurity

Security testing library written in F# to make writing security tests more fun.

exploitation fsec fsharp input-validation owasp security testing tests url-tampering vulnerability-detection xml-parsing

Last synced: 23 Mar 2025

https://github.com/jlleitschuh/security-checklist-transformer

Sqreen Security Checklist Transformer & Uploader

security security-checklists security-plan security-tools

Last synced: 07 Apr 2025

https://github.com/advanced-security/codeql-bundle-action

Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

code-scanning codeql security

Last synced: 10 Mar 2026

https://github.com/karlamoe/unsafe-accessor

A bridge to access sun.misc.Unsafe & jdk.internal.misc.Unsafe

java jdk jvm reflect reflection security tool tools unsafe

Last synced: 15 Jan 2026

https://github.com/dev-sec/chef-mysql-hardening

This chef cookbook provides security configuration for mysql.

chef chef-cookbook devops hardening mysql security

Last synced: 09 Jul 2025

https://github.com/kajov/wazuh-kubernetes-helmchart

Wazuh - Wazuh Kubernetes Helm chart. This repo is not maintained by Wazuh team. This is community project.

automation community compliance containers devsecops docker helm helm-chart k8s kubernetes monitoring orchestration security security-tools vulnerability-detection wazuh

Last synced: 11 Jul 2025

https://github.com/augustoproiete/i-am-root-nuget-package

📦🏴‍☠️ NuGet package that shows we can run arbitrary code from any NuGet package

code groot hacktoberfest i-am-root iamroot nuget powershell root security

Last synced: 14 Apr 2025

https://github.com/bjornstar/intercept-redirect

Skip tracking redirects that serve no purpose other than to waste your precious time.

anti-tracker browser-extension privacy redirect security webextension

Last synced: 15 Apr 2025

https://github.com/c0r0n3r/cryptolyzer

CryptoLyzer is a fast, flexible and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI. (read-only clone of the original GitLab project)

certificate-transparency content-security-policy dnssec http-header-check http-scan mixed-content openvpn python scan-tool scanning-tool security security-audit security-tools ssh-scanner ssl-scanner subresource-integrity tls-scan tls-scanning-library vulnerability-scanners

Last synced: 20 Nov 2025

https://github.com/vitormesquita/msession

A simple and sophisticated session and authentication solution written in Swift

apple authentication faceid faceid-authentication ios keychain secur security session swift swift-library

Last synced: 25 Jul 2025

https://github.com/wix-incubator/isolated-runtime

Run untrusted Javascript code in a multi-tenant, isolated environment

isolated javascript nodejs security threads vm

Last synced: 14 Apr 2025

https://github.com/nwtgck/piping-draw-web

🎨 End-to-End Encryption Share Drawing via Piping Server

canvas drawing end-to-end-encryption handwriting paint piping-server security

Last synced: 07 Mar 2026

https://github.com/qfcy/no-subclasses

A library that removes the __subclasses__() list from all classes, allowing for nearly absolute security in exec and eval functions. 一个清除所有类的__subclasses__()列表的库,使得exec和eval函数变得几乎绝对安全。

eval exec python python-sandbox sandbox-tool security subclasses

Last synced: 07 Jul 2025

https://github.com/turbot/steampipe-mod-terraform-aws-compliance

Run compliance and security controls to detect Terraform AWS resources deviating from security best practices prior to deployment using Powerpipe and Steampipe.

aws compliance hacktoberfest powerpipe powerpipe-mod security sql steampipe steampipe-mod terraform

Last synced: 10 Mar 2026

https://github.com/Cymmetria/honeycomb_plugins

The plugin repository for Honeycomb, the honeypot framework by Cymmetria

honeycomb python security security-tools

Last synced: 27 Mar 2025

https://github.com/kawaiipantsu/ip-blacklist-collection

These are automated updated IP address blacklist/whitelist you can use to fetch and parse and put in your firewall, waf, null-routing, sinkhole or what ever you choose. The blacklists are not necessary threat actors, it's just lists i like to have ready and handy.

blacklist blocklist blueteam compliance firewall geoblocking ip iptables ipv4 ipv6 mullvad nordvpn privacy proxy proxy-list security ufw waf

Last synced: 17 Jan 2026

https://github.com/rbiedrawa/spring-webflux-keycloak-demo

This repository demonstrates how to use reactive Spring Security with OAuth2 and Keycloak. Keycloak server with all components can be started using docker-compose and utility script.

docker docker-compose jwt jwt-authentication keycloak oauth2 postman postman-collection reactor security spring-boot spring-security spring-security-5 spring-security-oauth2 spring-webflux testing webflux-security wiremock

Last synced: 19 Oct 2025

https://github.com/rroemhild/docker-mailpile

A minimal Mailpile Docker image based on Alpine Linux.

docker email encryption gnupg mailpile security

Last synced: 24 Oct 2025

https://github.com/andygeiss/cloud-native-utils

A collection of high-performance, modular utilities for enhancing testing, transactional consistency, efficiency, security and stability in cloud-native Go applications.

assert automated-testing batteries-included best-practices cloud-native cloud-native-patterns consistency efficiency extensibility go golang logging resource security service stability templating utils

Last synced: 17 Jan 2026

https://github.com/stirby/fastpass

A password manager that gets you logged in quickly

linux password-generator password-manager password-store passwords security

Last synced: 11 Mar 2026

https://github.com/animeshshaw/learning-node.js-security

A Collection of articles, videos, blogs, talks and other materials on Node.js Security

learning-nodejs nodejs nodejs-pentesting nodejs-secuirty-reading nodejs-security penetration-testing pentesting security web-security

Last synced: 16 Oct 2025

https://github.com/vboureaud/ctfbourgpalette

A pokemon-like project game where you level up by hacking your neighbor.

phaserjs react security

Last synced: 25 Oct 2025

https://github.com/miguelgrinberg/microblog-authy

Microblog application from the Flask Mega-Tutorial with added two-factor push authentication via Authy

authentication authy authy-api flask security twilio two-factor-authentication

Last synced: 06 Sep 2025

https://github.com/tanepiper/npm-lint

A linter for npm & node package.json files with a focus on dependency security

dependency-analysis linter linting-rules nodejs npm npm-scripts security security-tools

Last synced: 07 Sep 2025

https://github.com/0xAkashsky/sub-scout

Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)

bugbounty cybersecurity infosec infosectools security tools

Last synced: 10 Mar 2025

https://github.com/gitguardian/gitguardian-vscode

Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your code, allowing you to code confidently and maintain the integrity of your data.

appsec credentials devsecops scanning secrets secrets-detection secrets-engine secrets-management secrets-scan security vscode vscode-extension

Last synced: 03 Sep 2025

https://github.com/tsundokul/pyradamsa

Python bindings for calling radamsa mutators

fuzzing security

Last synced: 14 Jan 2026

https://github.com/jameswoolfenden/terraform-cloudflare-adblock

This module helps you set up Adblocking for your devices (PC/Mac Android/Apple) using Cloudflare - similar to a PiHole

adblock mobile pihole security

Last synced: 13 Oct 2025

https://github.com/volkansah/gpt-security-best-practices

The purpose of this document is to outline the security risks and vulnerabilities that may arise when implementing ChatGPT in web applications and to provide best practices for mitigating these risks.

ajax ajax-request chatgpt chf code-security html js php security security-risks server-side serverside-rendering vulnerabilities vulnerabilities-fix

Last synced: 12 Apr 2025

https://github.com/alephao/nft-sale-proxy

A proxy to hide NFT metadata during the sale and prevent people from sniping specific NFTs.

nft nft-sale proxy security

Last synced: 31 Jul 2025

https://github.com/pilotpirxie/devcaptcha

🤖 Open source captcha made with React, Node and TypeScript for DEV.to community

captcha captcha-alternative hip mechanism puzzle react security solve typescript typescript-library

Last synced: 07 Oct 2025

https://github.com/leonjza/tc2

treafik fronted c2 examples

c2 cobaltstrike covenant redteam security traefik

Last synced: 01 Nov 2025

https://github.com/jippi/go-metadataproxy

A proxy for AWS's metadata service that gives out scoped IAM credentials from STS

aws docker golang security sts-credentials

Last synced: 19 Mar 2025

https://github.com/luizbizzio/pihole-https

🔒 Enable HTTPS for Pi-hole with automatic SSL certificate generation, Tailscale DNS detection, and cross-platform compatibility for Windows, Linux, macOS, and Android devices.

android automation certificates dns guide https letsencrypt lighttpd linux macos open-source openssl pi-hole pihole pihole-tools security self-hosted tailscale tutorial windows

Last synced: 11 Apr 2025

https://github.com/esonhugh/springcloudheapdump

anonymous to cluster-admin via Heapdump.

heapdump kuberntes red-team security spring takeover

Last synced: 14 Jul 2025

https://github.com/mdp/u2fdemo

U2F Demo and Debugger

security u2f yubikey

Last synced: 10 Apr 2025

https://github.com/rubysec/rubysec.github.io

Current home of rubysec.com

ruby rubygems security vulnerability

Last synced: 04 Apr 2025

https://github.com/checkedc/checkedc-fork

This was a fork of Checked C used from 2021-2024. The changes have been merged into the original Checked C repo.

c c-programming-language reliability security systems-programming

Last synced: 31 Oct 2025

https://github.com/cloudposse/terraform-aws-guardduty

Terraform module to provision AWS Guard Duty

compliance hcl2 security terraform terraform-modules

Last synced: 29 Apr 2025

https://github.com/sergio11/eclipserecon

🌑 EclipseRecon is a personal project developed during my cybersecurity learning journey 🛡️. It helps practice web reconnaissance 🌐 by identifying subdomains 🧩, site structures 🧭, and vulnerabilities 🐞 in a controlled environment 🧪.

blue-team bug-bounty cybersecurity ethical-hacking information-gathering owasp penetration-testing reconnaissance red-team scan-tools security security-analysis security-reporting security-tools subdomain-scanner vulnerability vulnerability-scanner web-application-security web-crawler web-security

Last synced: 06 Sep 2025

https://github.com/checkedc/checkedc

This was a fork of Checked C used from 2021-2024. The changes have been merged into the original Checked C repo.

c c-programming-language reliability security systems-programming

Last synced: 29 Mar 2025

https://github.com/kurobeats/sparkler

The tool creates a Microsoft Active Directory Domain with a structure and objects for learning.

active-directory educational security

Last synced: 23 May 2026