An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/mhmdiaa/acumen

A clean UI with a modular structure to enhance security researchers' ability to work with data

penetration-testing penetration-testing-tools pentesting recon security security-tools user-interface visualization web-application-security

Last synced: 19 Apr 2025

https://github.com/x13a/pschk

Check for suspicious processes on macOS

macos osx security swift

Last synced: 02 Jul 2025

https://github.com/ricco386/cyber502x-computer-forensics

RITx: CYBER502x Computer Forensics - Personal study notes

mooc security study-notes

Last synced: 17 Mar 2026

https://github.com/cwshugg/gurthang

[Masters Thesis] A connection-multiplexing web server fuzzing harness for AFL++.

afl aflplusplus fuzzing networking security systems-programming

Last synced: 19 Apr 2025

https://github.com/acunningham-ship-it/leakproof

Local secret firewall for AI coding assistants (Claude Code/Cursor/aider) — scans + redacts secrets before anything leaves the machine. Local-first, zero cloud. MIT.

ai-coding aider claude-code cursor data-loss-prevention devsecops dlp hipaa local-first pre-commit privacy python secret-detection secrets security soc2

Last synced: 12 Jul 2026

https://github.com/ashishb/checkdevicecredentials

Force device credential check before decrypting data

android android-security keystore security

Last synced: 02 May 2025

https://github.com/fkie-cad/bidcos-security-doc

A documentation of the Bidcos (homematic) radio protocol with focus on practical security aspects

eq3 home-automation homematic security urh

Last synced: 06 May 2025

https://github.com/stackrox/jenkins-plugin

The StackRox Jenkins Plugin for image scanning and security

containers hacktoberfest jenkins k8s security stackrox

Last synced: 06 May 2025

https://github.com/geniuszly/cve-2022-44149

it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.

cve cve-2022-44149 cybersecurity ethical-hacking exploit exploit-development linux payload penetration-testing poc privilege-escalation security vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/notoriousrebel/social_media_shamer

Breaches happen all the time, it would be a shame if people used those credentials for their social media accounts.

python3 redteam security

Last synced: 11 Apr 2025

https://github.com/cihatsolak/net7-jwt-token

Main project is audience dependent on access to other api projects. I am providing information about the structure and architecture of the jwt token.

entity-framework-core jwt-token migration net7 nlayer-architecture security webapi

Last synced: 06 May 2025

https://github.com/kerberjg/chillinode

Node.js-based captive portal system for Linux

captive-portal linux network-management nodejs openwrt security

Last synced: 11 Apr 2025

https://github.com/middlewares/recaptcha

PSR-15 middleware to use Google reCAPTCHA for spam prevention

http middleware prevention psr-15 recaptcha security

Last synced: 06 May 2025

https://github.com/andiveloper/ts-rbac

Use ts-rbac if you need role-based access control in your TypeScript application, independent from your architecture.

jwt security ts typescript

Last synced: 06 May 2025

https://github.com/volkansah/tor-network-application-with-stem-and-scapy

This project demonstrates how to use the Stem library to interact with the Tor network and the Scapy library for network packet manipulation. The goal is to create an application that can leverage Tor for anonymized network analysis, including scanning both Onion and regular websites.

example-code examples hacking network nikto nmap python scapy security socat stem tor

Last synced: 12 Apr 2025

https://github.com/aw-junaid/android-security

Explore Android security: secure app development, reverse engineering, vulnerability testing, and best practices for data protection and encryption.

android android-rat androidsecurity hacking hacking-tool security vulnerabilities

Last synced: 01 Jul 2025

https://github.com/jsign/timing-attack

Timing attack proof-of-concept in Go

go security statistics timing-attack

Last synced: 18 Mar 2025

https://github.com/didjacome/modules.azure

This repository aims to have modules and scripts created for Microsoft Azure administration

accounts assessment azure engineer management powershell rbac resources security snapshot

Last synced: 17 Jan 2026

https://github.com/vdlp/oc-csrf-plugin

Adds CSRF protection to October CMS frontend.

csrf october-cms october-plugin octobercms php security

Last synced: 12 Apr 2025

https://github.com/kyopark2014/aws-security-token-service

It shows how to generate and use temporary security credential using AWS STS.

aws aws-lambda aws-sdk lambda security temporary-credentials

Last synced: 12 Apr 2025

https://github.com/contributte/security

:sparkles: Extra contrib to nette/security (@nette)

authentication authorization contributte nette nette-framework security

Last synced: 12 Apr 2025

https://github.com/sakryukov/storage-free-pass

Storage-Free Pass is a generator of highly secure passwords based on cryptographic hash and master password, which should be memorized; no password storage is involved

authentication criptographic-hash cryptography css html javascript security

Last synced: 07 May 2025

https://github.com/strmprivacy/data-plane-helm-chart

Care about your data leaving your VPC/environment in SaaS mode? With our self-hosted option you can run our privacy focused Data Plane in your own Kubernetes Cluster. Just (1) sign-up, (2) request a self-hosted installation, (3) use our values.yaml on your own k8s clusters and (4) run your (customer) data inside your own cloud like 🪄

charts data helm kubernetes privacy security

Last synced: 23 Jun 2025

https://github.com/dguo/digital-security-coach

:lock: Accessible crash course on digital security

cybersecurity guide haveibeenpwned security

Last synced: 17 Jun 2025

https://github.com/jenkinsci/defensics-plugin

Defensics plugin for Jenkins

security test

Last synced: 19 Jun 2025

https://github.com/googlechromelabs/web-identity-demos

Demos for identity on the web. Built by the Chrome Developer Relations team and friends.

authentication autofill demo passkeys security

Last synced: 09 Jul 2025

https://github.com/habilelabs/cvss-v3.1-react

React CVSS v3.1 Base Score Calculator

cvss cvssv3 reactjs security security-vulnerability

Last synced: 20 Jun 2025

https://github.com/ebauman/simpleca

Simple PKI for developers.

certificates cli golang pki security tls

Last synced: 17 Jan 2026

https://github.com/hrchlhck/kubemon

A tool for distributed container monitoring over Kubernetes.

docker kubemon kubernetes monitoring-tool security

Last synced: 01 Apr 2026

https://github.com/neurophant/ouija

Python relay/proxy server and library to build reliable encrypted TCP/UDP tunnels with entropy control for TCP traffic

asyncio censorship cipher encrypted entropy http https network proxy relay security tcp tunnel udp

Last synced: 04 May 2025

https://github.com/turbot/steampipe-mod-snowflake-compliance

Run individual controls or full compliance benchmarks across all of your Snowflake accounts using Powerpipe and Steampipe.

compliance hacktoberfest powerpipe powerpipe-mod security snowflake snowflakedb steampipe steampipe-mod

Last synced: 11 Jul 2025

https://github.com/geeknik/jwt-scanner

A tool for detecting JWT algorithm confusion vulnerabilities in web applications

bugbounty confusion infosec jwt scanner security

Last synced: 23 Jun 2025

https://github.com/jwhitt3r/SIEMEz

A open-source Django Security Incident and Event Management System

django incident-response python python3 security siem

Last synced: 12 Jul 2025

https://github.com/rabbit-company/passwordgenerator-js

Password generator implemented in JavaScript (ES6).

generator password security strength

Last synced: 13 Jul 2025

https://github.com/kaansk/go-euvd

Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.

api-client cvss enisa epss european-union euvd go golang incident-response open-source oss security threat-intelligence vulnerability vulnerabilitymanagement

Last synced: 16 Jul 2025

https://github.com/janloebel/nipca

Network IP Camera Application Programming Interface (NIPCA) - Client

client ip-camera ipcamera javascript nipca node security

Last synced: 15 Jul 2025

https://github.com/rideu/ndot

DNS over DoT relay. Designed for DHCP-configurable routers that supports custom DNS servers.

csharp dns dns-over-tls rfc1035 rfc7858 security security-tools

Last synced: 15 Jul 2025

https://github.com/john-b-yang/course-dev

Personal repository of teaching material

databases pedagogy security software-development

Last synced: 15 Jun 2025

https://github.com/ryandaniels/ansible-role-dnsmasq-adblock

Use dnsmasq for adblocking with OpenVPN. Use this Ansible role after installing OpenVPN (PiVPN or Streisand, etc) on a RaspberryPi or a VPS for example.

adblock ansible ansible-role dnsmasq openvpn privacy raspberry-pi security ubuntu vpn

Last synced: 10 Apr 2025

https://github.com/anthonyharrison/sbom4rust

SBOM4Rust generates a Software Bill of Materials (SBOM) for a Rust component.

cyclonedx devsecops rust sbom sbom-generator security spdx

Last synced: 28 Oct 2025

https://github.com/swedishmike/dmarcparser

A quick and dirty implementation to get DMARC reports into Splunk for further analysis

dmarc dmarc-reports email python security spam-prevention splunk splunk-sdk

Last synced: 08 May 2025

https://github.com/aran112000/nope-php

Nope! A lightweight tool for monitoring your log files and dynamically blocking nuisance or malicious IPs based on easy to define, dynamic rules which you control

anti-bot attack-prevention ban-hosts ban-management ips linux log-analyzer monitoring php php-cli rate-limiting security

Last synced: 22 Apr 2025

https://github.com/fiware/tutorials.roles-permissions

:closed_book: FIWARE 402: IDM - Application Roles and Permissions

fiware fiware-keyrock identity-management security tutorial

Last synced: 30 Apr 2025

https://github.com/angelej/php-insider

A simple static application security testing (SAST) tool for locating dangerous sinks in php applications.

appsec php sast security static-code-analysis whitebox

Last synced: 06 Apr 2026

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/rm3l/container-scan-to-sarif

Converts Azure Container Scan Action output to SARIF, for an easier integration with tools like GitHub Code Scanning

container-scanning go golang sarif sarif-report security

Last synced: 26 Mar 2025

https://github.com/exabrial/javax-security-cdi-extension

A CDI Portable Extension for Java EE 7 (and maybe 8) that allows you to use @RolesAllowed on CDI Beans and their Methods

cdi cdi-extension interceptors java java-ee-7 role-based-access-control security

Last synced: 11 Jan 2026

https://github.com/spaze/security-txt

security.txt (RFC 9116) generator, parser, validator

generator parser security security-txt securitytxt validator

Last synced: 06 Apr 2026

https://github.com/sammcj/github-app-installation-token

Generates Github tokens using a Github App install

actions authentication security token workflow

Last synced: 10 Apr 2025

https://github.com/chriszarate/know-your-deps

Picks a random dependency from your project and splains it to you.

npm security vulnerabilities

Last synced: 20 Aug 2025

https://github.com/przemub/cysectool

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph.

optimization security

Last synced: 17 Jan 2026

https://github.com/oktsec/oktsec

Security layer for AI agent-to-agent communication. Every message is signed, inspected, and logged. If it doesn't comply, it doesn't pass. No LLM. No cloud. Single binary. Your infra, your data.

ai-agents audit ed25519 golang identity inter-agent mcp open-source proxy security

Last synced: 02 Apr 2026

https://github.com/luketainton/pwnedpw

Checks if your password has been leaked.

password pwned pwned-passwords pwnedpasswords security

Last synced: 30 Apr 2025

https://github.com/t94j0/polymorphic_compression_malware

Warning, this is malware. Don't do something stupid with it

hacking malware security

Last synced: 07 Mar 2026

https://github.com/nearata/flarum-ext-twofactor

A Flarum extension. Allow your users to enable two factor authentication.

flarum flarum-extension security two-factor

Last synced: 10 Apr 2025

https://github.com/spiral/security

[READ ONLY] RBAC security layer based on NIST definition, role/rule/permission associations, bulletproof. Subtree split of the Spiral Security component (see spiral/framework)

nist rbac security spiral

Last synced: 28 Oct 2025

https://github.com/petr-panteleyev/password-manager

Desktop application to keep passwords and other sensitive information

aes-256 desktop-application java java-24 javafx javafx-application password-manager security

Last synced: 29 Apr 2025

https://github.com/Peco602/dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

docker dvwa ethical-hacking security ssl

Last synced: 21 Mar 2025

https://github.com/jpts/coredns-enum

Discover K8s Services & Pods through DNS Records in CoreDNS

coredns enumeration kubernetes networking security

Last synced: 12 May 2025

https://github.com/yandex-cloud-examples/yc-mk8s-copy-fail-mitigation

DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)

kubernetes mk8s security yandex-cloud yandexcloud

Last synced: 25 Jun 2026

https://github.com/theruziev/security_interface

Simple API for authentication and authorization.

python-3-6 python-asyncio security

Last synced: 17 Mar 2026

https://github.com/jreisinger/waf-tester

Test Web Application Firewalls (WAFs)

cli ftw security testing tool waf

Last synced: 31 Jan 2026

https://github.com/ketsapiwiq/siem-infra

Vulnerability detection, OSquery, fully-fledged Wazuh ELK stack with Linux and Windows Wazuh + osquery enrollment via Ansible.

ansible elasticsearch kibana osquery security siem vulnerability-detection wazuh

Last synced: 23 Apr 2025

https://github.com/rsclarke/terraform-cloudflare-fastmail-email

MX, SPF, DKIM and DMARC records with MTA-STS policy for email hosted by Fastmail

cloudflare dkim dmarc email mta-sts mx security spam-protection spf terraform

Last synced: 04 Apr 2026

https://github.com/ebrasha/abdal-security-headers

Abdal Security Headers is a powerful WordPress plugin that enhances your website's security through HTTP security headers. It provides an easy-to-use interface for managing security policies and protecting against common web vulnerabilities.

abdal abdal-security-group ebrahim-shafiei ebrasha hsts security security-headers wordpress wordpress-plugin wp

Last synced: 26 Jan 2026

https://github.com/robertdebock/ansible-role-cve_2024_3094

Check xz vulnerability (cve_2024_3094) on your system.

ansible cve20243094 linux molecule playbook security system tox

Last synced: 23 Oct 2025

https://github.com/cipher-fox/nestjs-cryptography

Secure NestJS cryptography module 🔐

cryptography javascript nest nestjs node security typescript

Last synced: 25 Apr 2026

https://github.com/picobaz/pybruteforge

PyBruteForge: A powerful Python brute-force login tester for ethical security audits. Forge attacks with smart password patterns and CSV logging via a modular API-driven design. Strengthen your defenses—test ethically!

bruteforce cybersecurity ethical-hacking login-tester password-audit penetration-testing python security web-security

Last synced: 23 Oct 2025

https://github.com/software-engineering-and-security/confuzzion

Confuzzion is a Java Virtual Machine (JVM) fuzzer generating Java programs to find bugs and vulnerabilities in the Java VM.

bug code-generation crashes fuzzer java java-virtual-machine java-virtual-machine-fuzzer jvm jvm-fuzzer jvm-fuzzing security soot testing type-confusion vulnerabilities vulnerability

Last synced: 27 Jul 2025

https://github.com/netlify/plugin-csp-nonce

Build plugin to use a nonce for the script-src directive of your site's Content Security Policy.

csp netlify security

Last synced: 26 Oct 2025

https://github.com/shinesolutions/aem-test-suite

AEM infrastructure test suite covering acceptance, recovery, security guideline testing scenarios

acceptance aem aem-opencloud performance recovery security testing

Last synced: 06 Mar 2026

https://github.com/exxeta/flutter-security-toolkit

Mobile Security Toolkit for Flutter

flutter security security-tools

Last synced: 23 Oct 2025

https://github.com/kolteq/validating-admission-policies-pss

Kubernetes Pod Security Standards implemented using Kubernetes Validating Admission Policies. Support of Enforce Baseline and Restricted profiles natively with configurable policy exclusions.

compliance kubeapt kubernetes pod-security pod-security-admission security validating-admission-policy

Last synced: 04 Feb 2026

https://github.com/born05/craft-enforcepassword

Craft plugin for incrementally enforced new and secure passwords.

craftcms craftcms-plugin security

Last synced: 10 Apr 2025

https://github.com/youhaveme9/apkinfo

A python script to extract high level and critical informations from AndroidManifest.xml or apk

android decompiler reverse-engineering security

Last synced: 04 Sep 2025

https://github.com/openwall/owl

Openwall GNU/*/Linux (Owl) is a small security-enhanced Linux distribution for servers. Owl has effectively reached its end-of-life, but its legacy lives on in a few other distributions (most notably, ALT Linux) and upstream projects. This is a tentative export of the Owl CVS repository into Git, which will possibly be redone later.

hardening linux security userland

Last synced: 09 Apr 2025

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026