An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/skosachiov/remediations-gendbuntu

The main goal of this project is the configuration and control of various types of devices operating in a corporate environment. Information security is the main direction of development. Roles have default settings that can be dynamically overridden using "inventories" folder rules based on subnet, host group (organizational unit or branch), OS.

ansible automation centos compliance debian group-policy laps linux redhat remote-assistance sccm security security-audit security-automation ubuntu

Last synced: 15 May 2025

https://github.com/tenable/accurics-action

The Accurics GitHub Action scans Infrastructure as Code files checked into the respository to help ensure that cloud resources are secure and compliant from creation.

cicd devops security

Last synced: 15 Apr 2025

https://github.com/redhat-actions/crda

Scan your project's dependencies with Code Ready Dependency Analytics

crda github-actions sarif-report security security-analysis security-automation

Last synced: 26 Jun 2025

https://github.com/roboflow/rickblocker

Audio visual mitigation of Rickrolls using computer vision.

april-fools computer-vision rickroll roboflow security

Last synced: 21 Jun 2025

https://github.com/frmoretto/hardstop

Don't let AI destroy your hard work! HardStop is a rock-solid protection for AI-generated commands. Pre-execution safety validation for Claude Code, Claude Cowork. Catches dangerous commands before they run: whether from AI mistakes, hallucinations, prompt injection, or misunderstood instructions. Seatbelts for the agentic AI era.

agentic-ai ai-safety claude claude-ai claude-code claude-code-hooks claude-code-plugin claude-code-plugin-marketplace claude-code-plugins claude-code-plugins-marketplace claude-cowork cowork developer-tools llm pre-commit-hook prompt-injection security

Last synced: 14 Feb 2026

https://github.com/labd/python-param-store

Python module to store secrets in secret stores

aws python security

Last synced: 30 Aug 2025

https://github.com/cyb3rmx/badpig

A compilation of snort rules for detecting malware traffic.

intrusion-detection malware-detection network-security security snort snort-rules

Last synced: 02 Jan 2026

https://github.com/toshke/aws-keys-sectool

Command line to list and IP whitelist active AWS credentials

access-control aws security security-tools

Last synced: 14 Dec 2025

https://github.com/dxc-0/respect-my-internet

Opensnitch / LittleSnitch - No-Gafam (blocklist for facebook, google, microsoft, amazon, huawei, tencent, apple, xiaomi ...) - aggressive privacy and protection (trackers, spywares, malwares, cti feeds, malicious ips, phishing...) - 99% in adsblockers tests !

anonymity blocklist firewall firewall-configuration firewall-rules netfilter nftables-rules no-amazon no-apple no-batx no-facebook no-gafam no-microsoft open-source opensnitch privacy-protection privacy-tools respect-privacy script security

Last synced: 16 May 2025

https://github.com/k4yt3x/network-security-checklist

A checklist for defending private or corporate networks.

checklist networking security

Last synced: 09 Mar 2025

https://github.com/lambdacasserole/hack-this

A collection of common web programming security mistakes.

education hacking php security sql-injection vulnerabilities

Last synced: 09 Feb 2026

https://github.com/bain3/f.bain

E2EE file uploading website

cryptography security storage website

Last synced: 04 Apr 2026

https://github.com/mxschmitt/react-have-i-been-pwned

React component for: Have I Been Pwned?

hibp javascript passwords react security

Last synced: 19 Apr 2025

https://github.com/rung/go-safecast

Go Library for safe type conversion to prevent integer overflow

go golang security

Last synced: 26 Jan 2026

https://github.com/alishahidi/apantos

Apantos is a fast and simple framework based on php with security methods and dedicated orm. Modularly

fast framework lightweight php security

Last synced: 13 Jan 2026

https://github.com/devgateway/ansible-ldap-auth

Configure LDAP authentication & authorization with parametrized user/host/project lookups

ansible ansible-role ldap ldap-authentication ldap-server linux nss pam security ssh ssh-server

Last synced: 23 Jul 2025

https://github.com/tink-crypto/tink-go-gcpkms

Extension to Tink Go that provides Google Cloud KMS integration

crypto cryptography gcp-kms go golang golang-library google-cloud-kms security tink

Last synced: 12 Jan 2026

https://github.com/jasondrawdy/amaterasu

Lightweight licensing library for .NET applications which allows the managing of licenses via web based scripts and on-the-fly code compilation.

amaterasu antebyte code-generation compiler cryptography csharp dotnet dynamic encryption hacking library license license-management memory-management networking on-the-fly scripting security web windows

Last synced: 22 Apr 2025

https://github.com/chinmina/chinmina-bridge

Allows Buildkite agents to use ephemeral GitHub tokens to authenticate their interactions. Avoids deploy keys and long-lived PATs.

buildkite github github-app oidc security

Last synced: 27 May 2026

https://github.com/avishayil/cf-signer

Tool for signing and verifying the integrity of CloudFormation templates

aws cloudformation integrity security signing

Last synced: 01 Apr 2025

https://github.com/madhuakula/hacked-emails

Command line hacked-emails

go golang hacked-emails infosec security

Last synced: 11 Aug 2025

https://github.com/DoneDeal0/codefather

Codefather protects your codebase by controlling who can change what. Set authorization levels, lock down files, and enforce your rules—offline via CLI or online with GitHub Actions.

access-control cli code-review codefather codeowner-approval codeowners codeowners-files file-protection github-actions godfather mafia protection repository-management reviewer reviewer-assignment rule-based security team-management

Last synced: 11 Sep 2025

https://github.com/snej/secret-handshake-cpp

SecretHandshake secure connections in C++, with Cap'n Proto support

capnproto cplusplus cryptography networking security

Last synced: 07 May 2025

https://github.com/openwall/phpass

Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5

bcrypt hash hashing password php security

Last synced: 09 Apr 2025

https://github.com/moul/totp-keychain

:lock: TOTP cli backed by the OS X keychain

2fa authentication cli cryptography keychain mfa security totp

Last synced: 28 Apr 2025

https://github.com/hktalent/blackips

black Ip lists, dorks-collection

black-ips block-ip dorks security

Last synced: 14 May 2025

https://github.com/ms-luf/manage-adshadowgroup

A simple Powershell Module to help people managing Active Directory Shadow Group

active-directory groups ldap ldap-library powershell powershell-gallery powershell-module security

Last synced: 14 Jul 2025

https://github.com/rocketshipapps/adblockfast-android

[Moved] Adblock Fast for Android is an Android port of the Adblock Fast app.

android data-structures frontend gradle html http java mobile security xml

Last synced: 25 Jul 2025

https://github.com/v-thakkar/talks

This repository contains the slides of my talks.

coccinelle ebpf embedded-linux kernel linux security static-code-analysis virtualization xen

Last synced: 17 Mar 2025

https://github.com/stakater/stakaterplatform

Stakater platform provides out of the box stacks to control, monitor, log, trace and security for applications deployed on kubernetes using CI/CD pipelines.

ci-cd logging monitoring security tracing

Last synced: 10 Aug 2025

https://github.com/hegdepavankumar/cisco-asa-firewall-training

Welcome to our comprehensive Free Cisco ASA Firewall Training – the ultimate guide to mastering the art of network security. Whether you're a beginner looking to understand the basics or an experienced professional seeking advanced configurations, our hands-on course is tailored just for you.

asa asa-firewall cisco-asa cisco-firewall-training firewall firewall-configuration firewall-management security statefull training

Last synced: 07 Feb 2026

https://github.com/kamil-kielbasa/libedhoc

EDHOC (RFC 9528): Lightweight authenticated key exchange in C for IoT and constrained devices

authentication c coap constrained-devices cryptography edhoc embedded ietf iot key-exchange oscore rfc9528 rfc9529 security zephyr

Last synced: 02 Apr 2026

https://github.com/mbrg/talks

BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits

appsec blueteam bsides hacking infosec lowcode nocode owasp owasp-top-10 pentesting redteam rsac sans security

Last synced: 01 Feb 2026

https://github.com/buskill/awesome-buskill-triggers

Antiforensic actions to secure your device if it's physically stolen from you

anti-forensics deadmanswitch infosec opsec security tripwire

Last synced: 05 Mar 2026

https://github.com/ait-testbed/attackbed

The AttackBed is a simulated enterprise network with numerous vulnerabilities. Attacks in this testbed are executed automatically and cover a variety of tactics and techniques of the MITRE ATT&CK enterprise framework.

aecid ai ait ansible atb attackmate dataset environment machine-learning openstack research security simulation terraform terragrunt testbed vulnerability

Last synced: 02 Mar 2026

https://github.com/middlewares/honeypot

PSR-15 middleware to implement a honeypot spam prevention

honeypot http middleware psr-15 security spam-protection

Last synced: 01 Apr 2026

https://github.com/doyensec/imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

conversion converters image-processing imagemagick scanner security security-policies security-tools

Last synced: 29 Apr 2025

https://github.com/zeroxjf/cve-2026-20687-applejpegdriver-uaf

CVE-2026-20687: AppleJPEGDriver startDecoder Timeout UAF — iOS/macOS kernel vulnerability leading to deferred panic (A19 Pro, iOS 26.3 RC)

apple arm64 cve-2026-20687 ios kernel poc security use-after-free vulnerability

Last synced: 03 Jun 2026

https://github.com/mk-fg/git-nerps

Tool to encrypt and manage selected files (or parts of files) under git repository

convenience cryptography git nacl python secret-storage security tool

Last synced: 26 Oct 2025

https://github.com/stratum-mining/stratumprotocol.org

Website for the Stratum V2 bitcoin mining protocol

bitcoin decentralization efficiency flexibility mining security

Last synced: 04 Sep 2025

https://github.com/anomaly/gallagher

The missing toolkit for extending Gallagher Command Centre, featuring a CLI, SQL interface, TUI and a Python idiomatic SDK

cli foss gallagher python sdk security sql tui

Last synced: 14 Jan 2026

https://github.com/camandel/check-password-strength

check-password-strength is an open-source tool that could help you to check how your passwords are good

password password-strength security tool zxcvbn

Last synced: 12 Jan 2026

https://github.com/ihexon/revm

revm helps you quickly launch Linux VMs / Containers

container docker libkrun orbstack podman sandbox security vfkit virtualization vm

Last synced: 09 Mar 2026

https://github.com/enquo/enquo-core

Core cryptographic code to allow encrypted query operations

cryptography encryption enquo hacktoberfest ruby rust security

Last synced: 13 Apr 2025

https://github.com/anvilsecure/symlink-secure-boot-vm

VM demonstration various symlink and hard link attacks against secure boot. See the whitepaper at: https://www.anvilventures.com/blog/defeating-secure-boot-with-symlink-attacks.html

attacks boot hacking secure secureboot security symlinks vms whitepaper

Last synced: 07 Jan 2026

https://github.com/bincyber/vigilant

a security controller for Kubernetes

controllers kubernetes security

Last synced: 25 Aug 2025

https://github.com/buanzo/webmon

A scalable, plugin-based url asset monitoring system based on zeromq, flask-restful, redis and docker-compose

asset-monitoring docker docker-compose flask-restful osint osint-framework osint-python python3 redis security url-monitor web-monitoring

Last synced: 11 Apr 2025

https://github.com/jw-12138/m42

Web-based, self-hosted, 1 on 1 Chat App with end-to-end encryption.

chat chat-app chat-application end-to-end-encryption instant-messaging message-app security self-hosted

Last synced: 04 Mar 2025

https://github.com/erzz/dockle-action

Github Action to run Dockle and report in workflows, pipeline and PR's

action best-practice container docker dockle github-action lint security

Last synced: 14 Apr 2025

https://github.com/padok-team/yatas-aws

Plugin for YATAS that audits AWS accounts for misconfiguration and security issues

audit aws hardening misconfiguration security yatas

Last synced: 12 Jul 2025

https://github.com/dotnet-labs/client-ip-safelist

Client IP safelist for ASP.NET Core | .NET 5 | CIDR | Network | allowed list | IP restriction

allowedlist api cidr client-ip dotnet dotnet-core dotnet5 dotnetcore integration-tests ip-restrictions ngrok remote-ip remoteip safe-list security

Last synced: 08 Aug 2025

https://github.com/leonjza/port-jump

Some security by obscurity using port-jumping.

firewall poc portjump security

Last synced: 19 Jul 2025

https://github.com/middlewares/csp

PSR-15 middleware to add the Content-Security-Policy header to the response

csp http middleware psr-15 security

Last synced: 06 May 2025

https://github.com/netflix-skunkworks/bucketsnake

An AWS lambda function that grantsss S3 permissionsss at ssscale.

aws badpunsss cross-account iam lambda permissions s3 security serverless

Last synced: 28 Jul 2025

https://github.com/feross/security

Security Policies and Procedures for @feross projects

disclosure javascript nodejs policy report security

Last synced: 13 Sep 2025

https://github.com/NodeSecure/report

NodeSecure HTML & PDF report generator for any public and/or private git repositories.

hacktoberfest nodejs report security security-tool

Last synced: 02 Aug 2025

https://github.com/bit4mind/anon-service

Transparent proxy through Tor with optionally DNSCrypt and Anonymized-DNS feature enabled.

anonymity anonymized anonymized-dns dns dnscrypt dnscrypt-proxy iptables privacy proxy security shell tor transparent-proxy unbound

Last synced: 18 Apr 2025

https://github.com/ajayrandhawa/visual-basic-scripts

Visual Basic Scripts Utilities. Fun, Automation, Fundamentals. With the help of these scripts, I develop lots of Exploits which I'm used for automation system tasks. these vb scripts I am also used for system security exploitation.

automation basic exploitation fun fundamentals hacking-tool project scripts security tutorials vb-script visual visual-basic

Last synced: 03 Jan 2026

https://github.com/torden/ngx_hidden_signature_patch

Just! a Hide Server Signature of Nginx Web Server in response header and in response error

hidden-version nginx patch security

Last synced: 18 Jan 2026

https://github.com/org-metaeffekt/metaeffekt-universal-cvss-calculator

A TypeScript implementation of CVSS 2.0, 3.0, 3.1 and 4.0, alongside a web application for calculating scores for multiple CVSS vectors simultaneously.

calculator cve cvss cvssv2 cvssv3 cvssv4 javascript library security typescript webapplications

Last synced: 12 Jan 2026

https://github.com/putyourlightson/craft-sherlock

Security scanner and monitor to keep your site and Craft CMS secure.

craft-plugin craftcms monitor monitoring scanner secure security

Last synced: 31 Jul 2025

https://github.com/mitre/aws-s3-baseline

A micro InSpec baseline to check for insecure or public s3 buckets in your VPC

aws aws-s3-security aws-security inspec microprofile mitre-corporation mitre-inspec mitre-saf s3 s3-bucket s3-bucket-leak s3-security security

Last synced: 29 Jul 2025

https://github.com/cybrota/scharf

Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks

ci-cd cybersecurity devsecops github github-actions go golang security security-tools supply-chain-security

Last synced: 17 Jan 2026

https://github.com/nyxnor/onioncomms

OnionComms is a repository of script to run an onion server and guides to configure client side applications to connect to any onion service that uses the same protocol, therefore, onion communications.

file-sharing hidden-service instant-messaging omemo onion-service open-source otr privacy proxy remote-administration rss security self-hosted tor tor-network voip xmpp xmpp-server

Last synced: 13 Jun 2025

https://github.com/elcritch/keyx

Elixir implementation of Shamir's Secret Sharing

crypto secret-sharing security

Last synced: 07 May 2025

https://github.com/agadiffe/windowsmize

:pushpin: PowerShell script to automate and customize the configuration of Windows. General settings, telemetry, network protocols, apps removal/installation, ramdisk, services, scheduled tasks.

bloatware cleanup debloat debloater optimize powershell powershell-module powershell-script privacy security telemetry tweaks windows windows-10 windows-11 windows10 windows11

Last synced: 11 Apr 2025

https://github.com/pawamoy/django-meerkat

Security audit tool for Django sites

audit django monitoring security

Last synced: 24 Oct 2025

https://github.com/neuralegion/cvss

The Common Vulnerability Scoring System (CVSS) base score calculator and validator library written in TypeScript.

cvss cvss3 cvssv3 score security typescript

Last synced: 07 May 2025

https://github.com/somajitdey/ipfs-link

Publish dynamic multiaddresses of private or isolated nodes using IPNS. Benefit - 1. Bandwidth savings, 2. Avoiding DDNS 3. Securely exposing localhost behind NAT.

bandwidth-saver bootstrap dynamic-ip expose-localhost ipfs ipfs-node ipns nat-traversal port-forwarding private-network remote-shell reverse-proxy security

Last synced: 07 May 2025

https://github.com/gamemann/notes-and-guides

Notes and guides I've made mostly exported from GFLClan.com.

anycast debian dpdk guides hardening linux network networking notes security ubuntu xdp

Last synced: 18 Mar 2025

https://github.com/contributte/oauth2-client

:lock: OAuth2 client for Nette Framework

client contributte http nette nette-framework oauth2 security

Last synced: 30 Oct 2025

https://github.com/devteds/e2-setup-private-docker-registry

Setup private docker registry using docker machine - https://devteds.com/episodes/2-setup-private-docker-registry-secure-with-ssl-password

digitalocean docker docker-compose docker-machine docker-registry free-ssl free-ssl-certificates nginx private-docker-registry security ssl-certificates

Last synced: 10 Apr 2025

https://github.com/0xkoda/defi-dns-whitelist

Minimize your attack surface by allowing only essential traffic for signing Safe transactions.

dns ethereum security

Last synced: 19 Jul 2025

https://github.com/FIWARE/academy

:mortar_board: Video tutorials, slide decks and other training materials for developers learning about the FIWARE ecosystem.

context-broker contextual-data data-publication fiware generic-enablers iot-agent monetization processing robotics security tutorial video-tutorial

Last synced: 04 May 2025

https://github.com/cr0hn/wordpress-docker-sec

Anti-hacking tools deploying configuration for Wordpress

hacking hardening nmap plecost security wordpress wp-scan wp-scanner

Last synced: 11 Apr 2025

https://github.com/willfindlay/suidsnoop

suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.

aya ebpf linux linux-kernel lsm rust security suid-binaries

Last synced: 07 May 2025

https://github.com/nayakpenguin/easy-api-encryptor

"easy-api-encryptor" 🚀 is a lightweight NPM package facilitating seamless encryption and decryption of data between Node.js and React.js. Ensure secure communication in your applications with minimal setup, making it easy to protect sensitive information during transit.

api-encryption encryption-decryption npm npm-package security

Last synced: 18 Jun 2025

https://github.com/constructorfabric/gears-rust

All-in-one open-source framework & middleware for enterprise-grade multi-tenant and multi-tier XaaS Services development

account-management agentic-ai ai benchmarks cloud genai llm microservices middleware modkit multi-tenancy multi-tier rust saas security serverless xaas

Last synced: 28 Jun 2026