Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/micahflee/onionshare

Securely and anonymously share files, host websites, and chat with friends using the Tor network

cross-platform file-sharing onion-service onionshare open-source python security tor tor-onion-service

Last synced: 06 Nov 2024

https://github.com/onionshare/onionshare

Securely and anonymously share files, host websites, and chat with friends using the Tor network

cross-platform file-sharing onion-service onionshare open-source python security tor tor-onion-service

Last synced: 31 Dec 2024

https://github.com/cleverhans-lab/cleverhans

An adversarial example library for constructing attacks, building defenses, and benchmarking both

benchmarking machine-learning security

Last synced: 31 Dec 2024

https://github.com/ViRb3/wgcf

🚤 Cross-platform, unofficial CLI for Cloudflare Warp

client cloudflare plus security vpn warp wireguard

Last synced: 28 Oct 2024

https://github.com/nccgroup/ScoutSuite

Multi-Cloud Security Auditing Tool

auditing aws azure cloud gcp security

Last synced: 28 Oct 2024

https://github.com/tutao/tutanota

Tuta is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.

email encryption javascript mithril privacy security tutanota

Last synced: 30 Dec 2024

https://github.com/majd/ipatool

Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

apple appstore cli command-line command-line-tool go golang golang-library ios ipa itunes macos research reverse-engineering security swift tool

Last synced: 31 Dec 2024

https://github.com/duo-labs/cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

aws cytoscape diagram security

Last synced: 31 Dec 2024

https://github.com/gopasspw/gopass

The slightly more awesome standard unix password manager for teams

git go gpg hacktoberfest password-manager security

Last synced: 30 Dec 2024

https://github.com/bromite/bromite

Bromite is a Chromium fork with ad blocking and privacy enhancements; take back your browser!

adblock adblocking android bromite browser chromium privacy security

Last synced: 02 Jan 2025

https://github.com/jeremylong/DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

ant-task build-tool gradle-plugin jenkins-plugin maven-plugin security security-audit software-composition-analysis vulnerability-detection

Last synced: 25 Oct 2024

https://github.com/yokoffing/Betterfox

Firefox user.js for speed, privacy, and security. Your favorite browser, but better.

anti-tracking firefox gecko mozilla performance privacy security settings speed tracking web-browser

Last synced: 30 Oct 2024

https://github.com/EdOverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 05 Nov 2024

https://github.com/edoverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 30 Nov 2024

https://github.com/michenriksen/Gitrob

Reconnaissance tool for GitHub organizations

github-api golang osint security

Last synced: 24 Oct 2024

https://github.com/michenriksen/gitrob

Reconnaissance tool for GitHub organizations

github-api golang osint security

Last synced: 26 Oct 2024

https://github.com/ahmetb/kubernetes-network-policy-recipes

Example recipes for Kubernetes Network Policies that you can just copy paste

kubernetes networking security

Last synced: 02 Jan 2025

https://github.com/six2dez/reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities

Last synced: 01 Jan 2025

https://github.com/ctfd/ctfd

CTFs as you need them

ctf ctfd education flask security

Last synced: 31 Dec 2024

https://github.com/aircrack-ng/aircrack-ng

WiFi security auditing tools suite

audit freeradius hostapd security suite wifi wifi-security

Last synced: 31 Dec 2024

https://github.com/xairy/linux-kernel-exploitation

A collection of links related to Linux kernel security and exploitation

exploit kernel-exploitation linux-kernel privilege-escalation security

Last synced: 31 Dec 2024

https://github.com/kata-containers/kata-containers

Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

acrn containers cri cri-o docker firecracker k8s kubernetes kvm oci qemu security virtual-machine virtualization

Last synced: 30 Dec 2024

https://github.com/google/syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

fuzz-testing fuzzer fuzzing kernel linux security security-tools security-vulnerability testing

Last synced: 31 Dec 2024

https://github.com/ffffffff0x/1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

blueteam collection ctf hacking ics-security infosec linux-learning markdown-article pentest pentest-tool poc post-penetration redteam security security-tools study writeup

Last synced: 31 Dec 2024

https://github.com/CTFd/CTFd

CTFs as you need them

ctf ctfd education flask security

Last synced: 30 Oct 2024

https://github.com/google/clusterfuzz

Scalable fuzzing infrastructure.

fuzzing security stability vulnerabilities

Last synced: 30 Dec 2024

https://google.github.io/clusterfuzz/

Scalable fuzzing infrastructure.

fuzzing security stability vulnerabilities

Last synced: 18 Nov 2024

https://github.com/authzed/spicedb

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

abac acl ciam cloud-native database distributed-systems entitlements fga fine-grained-access-control grpc kubernetes latency permissions production rbac rebac scale security security-tools zanzibar

Last synced: 30 Dec 2024

https://github.com/aflplusplus/aflplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

afl afl-compiler afl-fuzz afl-fuzzer afl-gcc fuzz-testing fuzzer fuzzer-afl fuzzing instrumentation qemu security testing unicorn-emulator unicorn-mode

Last synced: 31 Dec 2024

https://github.com/vanhauser-thc/aflplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

afl afl-compiler afl-fuzz afl-fuzzer afl-gcc fuzz-testing fuzzer fuzzer-afl fuzzing instrumentation qemu security testing unicorn-emulator unicorn-mode

Last synced: 31 Dec 2024

https://github.com/AFLplusplus/AFLplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

afl afl-compiler afl-fuzz afl-fuzzer afl-gcc fuzz-testing fuzzer fuzzer-afl fuzzing instrumentation qemu security testing unicorn-emulator unicorn-mode

Last synced: 03 Nov 2024

https://github.com/libreddit/libreddit

Private front-end for Reddit

docker front-end privacy reddit rust security self-hosted

Last synced: 02 Jan 2025

https://github.com/dominicbreuker/pspy

Monitor linux processes without root permissions

ctf enumeration golang pentesting privesc security

Last synced: 02 Jan 2025

https://github.com/snyk/cli

Snyk CLI scans and monitors your projects for security vulnerabilities.

monitor security snyk vulnerabilities

Last synced: 30 Dec 2024

https://github.com/snyk/snyk

Snyk CLI scans and monitors your projects for security vulnerabilities.

monitor security snyk vulnerabilities

Last synced: 22 Nov 2024

https://github.com/DominicBreuker/pspy

Monitor linux processes without root permissions

ctf enumeration golang pentesting privesc security

Last synced: 05 Nov 2024

https://github.com/edoverflow/can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

bugbounty infosec list security subdomain subdomain-takeovers

Last synced: 29 Dec 2024

https://github.com/k8gege/ladon

Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange

brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools

Last synced: 03 Jan 2025

https://github.com/permify/permify

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.

abac access-control acl authorization ciam cloud-native distributed fga fine-grained-access-control golang grpc kubernetes least-privilege permission permissions rbac rebac security zanzibar

Last synced: 31 Dec 2024

https://github.com/k8gege/Ladon

Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange

brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools

Last synced: 11 Nov 2024

https://github.com/ikarus23/mifareclassictool

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

android android-nfc mifare mifare-classic nfc rfid rfid-tags security

Last synced: 31 Dec 2024

https://github.com/EdOverflow/can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

bugbounty infosec list security subdomain subdomain-takeovers

Last synced: 24 Oct 2024

https://github.com/accurics/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 22 Nov 2024

https://github.com/tenable/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan

Last synced: 30 Dec 2024

https://github.com/passbolt/passbolt_api

Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

cakephp cakephp4 credentials passbolt password password-manager php productivity security

Last synced: 31 Dec 2024

https://github.com/ikarus23/MifareClassicTool

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

android android-nfc mifare mifare-classic nfc rfid rfid-tags security

Last synced: 30 Oct 2024

https://github.com/chaifeng/ufw-docker

To fix the Docker and UFW security flaw without disabling iptables

debian docker docker-swarm firewall linux security ubuntu ufw

Last synced: 31 Dec 2024

https://github.com/pirate/wireguard-docs

📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.

internet kernel-module linux mesh-networking nat networking security tunnel tuntap udp vpn vpn-solution wireguard

Last synced: 31 Dec 2024

https://github.com/oisf/suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurity ids intrusion-detection-system intrusion-prevention-system ips network-monitor network-monitoring nsm security suricata threat-hunting

Last synced: 30 Dec 2024

https://github.com/alibaba/pouch

An Efficient Enterprise-class Container Engine

cloud-native containers efficiency go isolation kubernetes oci package security

Last synced: 05 Dec 2024

https://github.com/aliyuncontainerservice/pouch

An Efficient Enterprise-class Container Engine

cloud-native containers efficiency go isolation kubernetes oci package security

Last synced: 31 Dec 2024

https://github.com/AliyunContainerService/pouch

An Efficient Enterprise-class Container Engine

cloud-native containers efficiency go isolation kubernetes oci package security

Last synced: 01 Nov 2024

https://github.com/andresriancho/w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

appsec cross-site-scripting scanner security sql-injection

Last synced: 02 Jan 2025

https://github.com/LyleMi/Learn-Web-Hacking

Study Notes For Web Hacking / Web安全学习笔记

hacking penetration-testing pentesting security study-notes web-hacking

Last synced: 05 Nov 2024

https://github.com/ossec/ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

compliance file-integrity-management fim hids intrusion-detection loganalyzer nist800-53 ossec pci-dss policy-monitoring security

Last synced: 31 Dec 2024

https://github.com/lylemi/learn-web-hacking

Study Notes For Web Hacking / Web安全学习笔记

hacking penetration-testing pentesting security study-notes web-hacking

Last synced: 03 Nov 2024

https://github.com/build-trust/ockam

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

authentication authorization credentials distributed-systems e2ee encrypted-connections encrypted-messages encryption end-to-end-encryption identity kafka key-management messaging rust security snowflake trust zero-trust

Last synced: 30 Dec 2024

https://github.com/google/santa

A binary authorization and monitoring system for macOS

allowlist authorization blocklist endpoint-security macos santa security system-extension

Last synced: 31 Dec 2024

https://github.com/yauhenkavalchuk/interview-questions

Популярные HTML / CSS / JavaScript / ECMAScript / TypeScript / React / Vue / Angular / Node вопросы на интервью и ответы на них (https://tinyurl.com/wxysrpsy)

accessibility angular css ecmascript html interview interview-preparation interview-questions javascript js nodejs react redux security typescript vue

Last synced: 31 Dec 2024

https://github.com/ionuttbara/windows-defender-remover

A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.

defender defender-disabler defender-remover security tweaking windows windows-defender

Last synced: 01 Jan 2025

https://github.com/YauhenKavalchuk/interview-questions

Популярные HTML / CSS / JavaScript / ECMAScript / TypeScript / React / Vue / Angular / Node вопросы на интервью и ответы на них (https://tinyurl.com/wxysrpsy)

accessibility angular css ecmascript html interview interview-preparation interview-questions javascript js nodejs react redux security typescript vue

Last synced: 31 Oct 2024

https://github.com/rhinosecuritylabs/pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

aws aws-security penetration-testing python security

Last synced: 31 Dec 2024

https://github.com/lldap/lldap

Light LDAP implementation

authentication ldap opaque rust security wasm web-assembly

Last synced: 30 Dec 2024

https://github.com/netflix/security_monkey

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

aws aws-ec2 aws-iam aws-policy-tracking aws-s3 aws-security aws-sqs aws-vpc boto boto3 botocore python security

Last synced: 26 Sep 2024

https://github.com/Netflix/security_monkey

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

aws aws-ec2 aws-iam aws-policy-tracking aws-s3 aws-security aws-sqs aws-vpc boto boto3 botocore python security

Last synced: 26 Oct 2024

https://github.com/madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app

Last synced: 31 Dec 2024

https://github.com/buttercup/buttercup-desktop

:key: Cross-Platform Passwords & Secrets Vault

buttercup electron encryption login password-manager password-vault security

Last synced: 31 Dec 2024

https://github.com/chybeta/web-security-learning

Web-Security-Learning

security sqlinjection xss

Last synced: 30 Nov 2024

https://github.com/CHYbeta/Web-Security-Learning

Web-Security-Learning

security sqlinjection xss

Last synced: 25 Oct 2024

https://github.com/google/tamperchrome

Tamper Dev is an extension that allows you to intercept and edit HTTP/HTTPS requests and responses as they happen without the need of a proxy. Works across all operating systems (including Chrome OS).

debugging extension security web

Last synced: 31 Dec 2024

https://github.com/OISF/suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurity ids intrusion-detection-system intrusion-prevention-system ips network-monitor network-monitoring nsm security suricata threat-hunting

Last synced: 26 Oct 2024

Security Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 84 personal-security-checklist 243 awesome-security 321 awesome-web-security 405 awesome-ctf 220 android-security-awesome 211 awesome-incident-response 218 awesome-hacker-search-engines 501 Awesome-WAF 172 awesome-privacy 639 awesome-security-hardening 204 DevSecOps 181 awesome-infosec 213 awesome-cybersecurity-blueteam 252 awesome-sec-talks 264 WebHackersWeapons 408 awesome-vehicle-security 220 awesome-api-security 199 awesome-nodejs-security 179 awesome-game-security 90 backend-cheats 961 awesome-cloud-security 153 awesome-iot-hacks 70 awesome-golang-security 34 alternative-frontends 119 awesome-windows-domain-hardening 70 DevSecOps 48 awesome-embedded-and-iot-security 131 awesome-iam 274 Awesome-FL 2,323 Crypto-OpSec-SelfGuard-RoadMap 473 awesome-azure-architecture 309 awesome-ethereum-security 81 osx-and-ios-security-awesome 57 Awesome-Cybersecurity-Datasets 54 awesome-executable-packing 666 awesome-executable-packing 667 awesome-aws-security 164 awesome-he 82 awesome-python-security 35 security-apis 112 awesome-vulnerable-apps 88 graph-adversarial-learning-literature 314 awesome-opa 224 MobileHackersWeapons 71 awesome-runners 36 awesome-russian-it 514 SmartContracts-audit-checklist 46 awesome-llm-security 94
Security Categories
Uncategorized 2,529 fl in top-tier journal 1,466 :books: Literature 1,451 Pentesting 1,313 Tools 869 fl in top ml conference and journal 847 Attack 642 Operating Systems 626 **Мероприятия** 453 Weapons 448 Threat Hunting: 445 Blue Team 432 Papers 418 Other Lists 414 Defense 371 fl on graph data and graph neural networks 330 Programming Language 324 Resources 313 Malware Analysis 297 fl in top ai conference and journal 289