An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/xi/xiMatrix

filter net requests according to source, destination and type

ad-block firefox-extension security umatrix webextension

Last synced: 26 Mar 2025

https://github.com/dutchcoders/identify

Identify web application versions

fingerprint security

Last synced: 11 Apr 2025

https://github.com/hackeralert/heavypin

A lightweight HTTPS-based proxy for bypassing firewalls.

censorship circumvention firewall freedom https networking privacy proxy security vpn

Last synced: 17 Jun 2025

https://github.com/lirantal/express-security-txt

A Node.js middleware for Express that implements Security.txt - A Method for Web Security Policies

express hacktoberfest nodejs security

Last synced: 05 May 2025

https://github.com/systemli/mail-tls-helper

Postfix helper for mandatory TLS

postfix postfix-helper python security tls

Last synced: 12 Jul 2025

https://github.com/agent-receipts/obsigna

Agent Receipts — cryptographically signed audit trails for AI agent actions. Protocol spec, SDKs (Go, TypeScript, Python), and MCP proxy.

agent-receipts ai ai-agents audit cryptography ed25519 golang mcp model-context-protocol python receipts security typescript verifiable-credentials w3c-vc

Last synced: 12 Jun 2026

https://github.com/danieljustus/symaira-vault

🔐 The password manager for terminal users and AI agents. Age-encrypted, keyring-cached, MCP-ready. Zero telemetry.

age-encryption agent-skills ai-agents claude-code cli codex-cli golang hermes-agent hermes-skill mcp mcp-server openclaw openclaw-skill opencode own-your-data password-manager security

Last synced: 11 Jun 2026

https://github.com/akshatvg/vulnerability-testing-solutions

Website for testing and preventing different attacks like XSS, SQL Injection & Spoofing for Nasscom (ISAA) Project.

audit cyber-security security spoofing sql-injection testing vulnerability website xss

Last synced: 11 Apr 2025

https://github.com/frozenassassine/easepass

A powerful but simple, password manager that stores all your passwords locally and offline. Written in C# WinUI3

2fa-client 2factor app csharp password password-manager passwordmanager security totp windows winui3

Last synced: 23 Aug 2025

https://github.com/rasoolsomji/django-security

Django is great! Here are some ways to make it safer

audit csrf cybersecurity django nginx owasp pentest python security vulnerabilities xss

Last synced: 14 Mar 2025

https://github.com/fortify/ssc-restapi-client

Communicate with Fortify Software Security Center through REST API in java, a swagger generated client

api api-client application-security fortify fortify-api fortify-ssc integration openapi security

Last synced: 08 Apr 2026

https://github.com/shellrow/nscan

Network scan tool for host and service discovery. Written in Rust.

cli-app cross-platform network rust scanner security

Last synced: 13 Apr 2025

https://github.com/luizbizzio/siteguard

🛡️ A JavaScript utility that detects when developer tools are opened in web browsers. It blocks right-click actions, drag events, and certain keyboard shortcuts to enhance the protection of web content from unauthorized inspection or tampering.

blocker content-protection copy detector devtools iot javascript legacy library lock open-source prevent privacy safety script security siteguard web web-tools website

Last synced: 27 Apr 2025

https://github.com/chadmcox/azure_ad_conditional_access_policies

Tools to help implement Conditional Access Policies in Azure AD

azuread azuread-b2b azuread-reporting conditional-access mfa security

Last synced: 28 Jun 2025

https://github.com/sebastienrousseau/password-generator

A fast, simple, and powerful open-source utility tool for generating strong, unique, and random passwords. The Password Generator supports various types of passwords including base64-encoded, memorable, and complex strong passwords.

crypto cryptography dictionary dictionary-tools generator javascript memorable-passphrases memorable-passwords nodejs npm passgen passgenerator password password-generator passwords security security-tools yeoman

Last synced: 16 Mar 2025

https://github.com/ctxz/mkauthdocs

A tool made to implement simple authentication on top of mkdocs builds.

auth authentication credentials login mkdocs security

Last synced: 21 Mar 2025

https://github.com/multiform-validator/docs

Multilingual library made for validation, various form fields, such as: email, telephone, password, cpf, cnpj, credit card, magic numbers for image mimetype validation and much more.

collaborate communityexchange filter form-validator github github-pages multiform-validator safe safety security security-tools student-vscode valid valid-fields validador validator

Last synced: 15 Apr 2025

https://github.com/xi/ximatrix

filter net requests according to source, destination and type

ad-block firefox-extension security umatrix webextension

Last synced: 29 Jul 2025

https://github.com/sozercan/guac-ai-mole

🥑 Inspect and understand an organization's software supply chain that enables stakeholders to make actionable decisions about software supply chain security

ai chatgpt gpt-4 guac openai sbom secure-supply-chain security security-tools streamlit supply-chain-security

Last synced: 28 Sep 2025

https://tersesystems.github.io/ocaps/

Object capability (ocap) tools and macros for Scala.

access capabilities capability ocap scala security

Last synced: 23 Sep 2025

https://github.com/checkmarx/ast-vscode-extension

The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.

checkmarx checkmarx-ast security vscode-extension

Last synced: 02 Apr 2026

https://github.com/melonattacker/threat-thinker

AI-powered threat modeling that turns architecture diagrams into actionable risks

architecture diagrams python risk-analytics security security-tools threat-analysis threat-modelling

Last synced: 02 Apr 2026

https://github.com/nebulab/umarell

All in one Ruby static code analyzer

linter rails ruby security static-analysis

Last synced: 14 Apr 2025

https://github.com/adrianlshaw/lightverifier

Simple and scalable Linux tools for verifying TPM-based remote attestations 🔬⚖️🔐⛓📏📜

attestation hacktoberfest ima security security-audit tcg tpm tpm-quote

Last synced: 01 Apr 2025

https://github.com/kasukusakura/kimiroyli

Kimiroyli 是一个致力于 JVM 安全的安全管理框架, 致力于保护整个系统不受恶意外部代码攻击 (WIP)

java javaagent jvm security

Last synced: 26 Apr 2025

https://github.com/aydinnyunus/cve-2024-24576-exploit

CVE-2024-24576 Proof of Concept

1-day exploit rust security

Last synced: 29 Apr 2025

https://github.com/x13a/py-minisign

Missing python minisign library.

crypto ed25519 minisign python security

Last synced: 24 Jul 2025

https://github.com/yosaiproject/yosai_alchemystore

SQLAlchemy-enabled Account Store for Yosai that features a flat Role-Based Access Control (RBAC) data model

security sqlalchemy yosai

Last synced: 14 Jan 2026

https://github.com/cipherstash/encrypt-query-language

Index and search encrypted data in PostgreSQL with SQL

encryption encryption-in-use postgres postgresql security

Last synced: 09 Apr 2025

https://github.com/thejefflarson/soundcheck

Simple security reviews for AI agents

llms security skills

Last synced: 10 Jun 2026

https://github.com/jenkinsci/authorize-project-plugin

Run a job with specified authorization

adopt-this-plugin jenkins-plugin security

Last synced: 11 May 2026

https://github.com/rsc-dev/ishtar

.NET applications hacking toolset

c-sharp dll-injection hacking security

Last synced: 23 Jul 2025

https://github.com/zaproxy/action-af

A GitHub Action for running ZAP Automation Framework plans

actions dast devsecops github-actions security

Last synced: 30 Jun 2025

https://github.com/inspexco/scstg

Smart Contract Security Testing Guide (SCSTG)

best-practices blockchain defi guide security smart-contracts solidity

Last synced: 14 Aug 2025

https://github.com/syss-research/icebreaker-glitcher

Simple voltage glitcher implementation for the iCEBreaker FPGA board

fpga glitching ice40 ice40up5k icebreaker it-security security security-tools security-vulnerability tool

Last synced: 04 Sep 2025

https://github.com/sjinks/ssh-honeypotd

A low-interaction SSH honeypot written in C

honeypot security ssh ssh-honeypot ssh-honeypotd

Last synced: 27 Jun 2025

https://github.com/artginzburg/2fatotray

 Copy 2FA tokens in a click (macOS)

2fa app macos security totp

Last synced: 31 Aug 2025

https://github.com/rapidlua/sandals

A lightweight process isolation tool, requiring absolutely no privileges to run

cgroups-v2 chroot linux linux-namespaces process-isolation sandbox seccomp-bpf security

Last synced: 30 Mar 2025

https://github.com/tijme/binaries

A mirror of several precompiled standalone red-teaming tools.

binaries cyber hacking mirror precompiled redteam security standalone tools

Last synced: 25 Apr 2025

https://github.com/azureanimations/azureanimations.github.io

Azure Animations, where we make hard-to-understand Azure cloud concepts easier and more fun to learn!

ai azure copilot devops microsoft openai security

Last synced: 30 Jun 2025

https://github.com/brunocampos01/encrypt-file

:lock: :page_with_curl: CLI to encrypt or decrypt files with only one command.

aes aes-encryption aes-gcm decrypt decryption encrypt encryption encryption-decryption pbkdf2 pip python security security-tools sha256

Last synced: 01 Sep 2025

https://github.com/ntkme/security-trust-settings-tools

:lock: OS X Keychain Trust Settings Tools.

certificate macos security

Last synced: 28 Jul 2025

https://github.com/akaunting/signed-url

Signed (unique) URL package for Laravel

laravel php security signed unique url

Last synced: 07 Jul 2025

https://github.com/nozaq/terraform-aws-secure-vpc

A terraform module to create a VPC with secure default configurations.

aws aws-auditing cis-benchmark devops hardening security security-hardening security-tools terraform vpc

Last synced: 06 May 2025

https://github.com/storopoli/dead-man-switch

Rust no-BS Dead Man's Switch library, TUI and Web Interface

dead-man-switch privacy security tui web

Last synced: 02 Feb 2026

https://github.com/neuralegion/sslscanner

SSL Scanner written in Crystal

crystal openssl scanner security ssl

Last synced: 07 May 2025

https://github.com/Ovi3/awvs_xray

AWVS13和xray的自动化扫描脚本

scanner-web security vulnerability vulnerability-scanners web-security

Last synced: 11 Jul 2025

https://github.com/jasona7/ChatCVE

ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data

devsecops python sbom security

Last synced: 04 Apr 2025

https://github.com/sripwoud/ethernaut

🧑‍🚀 Web3/Solidity based wargame, played in the Ethereum Virtual Machine

blockchain ctf ethereum ethernaut evm forge foundry hack security solidity web3

Last synced: 16 Mar 2026

https://github.com/maximthomas/blazewall

Open Source Single-Sign-On and Access Management platform built in microservice architecture

authentication authorization cloud-native gateway-service go go-gin golang information-security microservice microservices security sso sso-solution

Last synced: 15 Dec 2025

https://github.com/ph4r05/tinyosids

Intrusion Detection System (IDS) for Wireless Sensor Networks (WSN)

ids iot research security tinyos

Last synced: 11 Jul 2025

https://github.com/bwireman/go-over

A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!

audit beam cli dependencies dependency elixir erlang ghsa gleam javascript security security-audit security-tools tools vulnerable

Last synced: 28 Oct 2025

https://github.com/marvinjwendt/traefik-guardian

👮 A dead simple forward auth provider to protect Traefik services with passwords.

auth auth-provider authentication docker docker-image golang hacktoberfest security traefik traefik-middleware user-authentication

Last synced: 15 Dec 2025

https://github.com/adityaoberai/rolebasedauthsample

ASP.NET Web API sample to showcase RBAC via JWTs in .NET 8

authentication dotnet dotnet-8 jwt security

Last synced: 06 May 2025

https://github.com/syntatis/wp-feature-flipper

🚥 Disable Comments, Gutenberg, Emojis, and other features you don't need in WordPress®

comments emojis gutenberg media-library rss-feed security wordpress-plugin wp-admin xmlrpc

Last synced: 10 Oct 2025

https://github.com/valtteril/go-implant

A flexible cross-platform post-exploitation agent written in Go with basic functionalities

backdoor payload pentest post-exploitation rat redteam remote-access remote-admin-tool reverse-shell security

Last synced: 14 Jan 2026

https://github.com/ait-testbed/attackmate

AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.

api attack automation automation-framework cybersecurity exploit metasploit orchestration pentest python redteam rootkit security sliver testbed training

Last synced: 22 Apr 2025

https://github.com/jakub-przepiora/ps-scan-prestashop-scanner

This tool serves as an initial version scanner specifically designed for PrestaShop, a popular e-commerce platform. The primary purpose of the scanner is to analyze PrestaShop instances for various aspects, such as module information, version details, and potential security vulnerabilities.

cve prestashop security security-tools

Last synced: 24 Oct 2025

https://github.com/vatshayan/final-year-project-steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination.

btech-project capstone-project cipher college-project cryptography cryptography-project final-project final-projects final-year-project finalyearproject mtech-project project project-report research-paper-project security semester-project steganography university-project university-projects

Last synced: 28 Oct 2025

https://github.com/owtf/http-request-translator

HTTP Request Translator (hrt) translates raw HTTP requests to different scripts (bash, python, etc.)

owasp owtf pentesting python security

Last synced: 17 Mar 2026

https://gitlab.com/i2pplus/I2P.Plus

I2P+ is a soft-fork of the Java I2P Anonymizing Network Layer. License: AGPL v.3 https://i2pplus.github.io/

anonymity privacy security

Last synced: 13 Jun 2025

https://github.com/3nock/ote-templates

Community curated list of templates for the OSINT template engine.

attack-surfaces bugbounty fingerprinting osint recon security templates

Last synced: 09 Feb 2026

https://github.com/cocopuff2u/macos_admin_scripts

macOS Admin Script/Tool Collection

jamf macos mdm scripts security

Last synced: 01 Apr 2026

https://github.com/nccgroup/yocto-whitepaper-examples

Example code included in the "Improving Your Embedded Linux Security Posture with Yocto" whitepaper

linux openembedded security yocto

Last synced: 26 Apr 2025

https://github.com/geminishkv/course_labs

Лабораторные работы по курсам для AppSec, Risk Analysis, Securty Champion: Toolchain, Orchestration, CI/CD, UML, etc.

appsec appsec-tutorials bash bmstu containersecurity course dast docker growth-team lerning-platform owasp-top-10 python sast sca secretdetection security security-team-testing toolchain tools training-materials

Last synced: 01 Apr 2026

https://github.com/dev-sec/chef-jenkins-hardening

⛔ DEPRECATED: A secure jenkins installation

chef chef-cookbook devops hardening jenkins security

Last synced: 01 Apr 2025

https://github.com/wookey-project/manifest

The WooKey project manifest repository, use repo init -u https://github.com/wookey-project/manifest.git

embedded iot security wookey

Last synced: 22 Feb 2026

https://github.com/postgrespro/libblobstamper

Framework for Structure Aware Fuzzing. Allows to build own stamps that would convert pulp-data that came from fuzzer to data with structure you need

fuzzing sdl security structure-aware-fuzzing

Last synced: 28 Feb 2026

https://github.com/m3ssap0/spring-break_cve-2017-8046

This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).

cve-2017-8046 exploit security security-tools spring-break spring-data-rest vulnerability vulnerability-scanners

Last synced: 01 Mar 2026

https://github.com/mindpatch/pmg

Extract parameters/paths from urls

bugbounty bugbounty-tool bughunting python regex security

Last synced: 12 Jul 2025

https://github.com/offa/keygen

KeyGen is a generator for keys and passwords.

c c11 cmake key-generator openssl password-generator security

Last synced: 14 May 2025

https://github.com/000pp/extensions-wordlist

🔍 Improve your files enumeration with specific extensions!

extension extensions files pentest security wordlist wordlists

Last synced: 12 Nov 2025