An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/erzz/dockle-action

Github Action to run Dockle and report in workflows, pipeline and PR's

action best-practice container docker dockle github-action lint security

Last synced: 14 Apr 2025

https://github.com/putyourlightson/craft-sherlock

Security scanner and monitor to keep your site and Craft CMS secure.

craft-plugin craftcms monitor monitoring scanner secure security

Last synced: 31 Jul 2025

https://github.com/cybrota/scharf

Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks

ci-cd cybersecurity devsecops github github-actions go golang security security-tools supply-chain-security

Last synced: 17 Jan 2026

https://github.com/dotnet-labs/client-ip-safelist

Client IP safelist for ASP.NET Core | .NET 5 | CIDR | Network | allowed list | IP restriction

allowedlist api cidr client-ip dotnet dotnet-core dotnet5 dotnetcore integration-tests ip-restrictions ngrok remote-ip remoteip safe-list security

Last synced: 08 Aug 2025

https://github.com/NodeSecure/report

NodeSecure HTML & PDF report generator for any public and/or private git repositories.

hacktoberfest nodejs report security security-tool

Last synced: 02 Aug 2025

https://github.com/jw-12138/m42

Web-based, self-hosted, 1 on 1 Chat App with end-to-end encryption.

chat chat-app chat-application end-to-end-encryption instant-messaging message-app security self-hosted

Last synced: 04 Mar 2025

https://github.com/snej/secret-handshake-cpp

SecretHandshake secure connections in C++, with Cap'n Proto support

capnproto cplusplus cryptography networking security

Last synced: 07 May 2025

https://github.com/padok-team/yatas-aws

Plugin for YATAS that audits AWS accounts for misconfiguration and security issues

audit aws hardening misconfiguration security yatas

Last synced: 12 Jul 2025

https://github.com/camandel/check-password-strength

check-password-strength is an open-source tool that could help you to check how your passwords are good

password password-strength security tool zxcvbn

Last synced: 12 Jan 2026

https://github.com/skyplabs/scapy-mitm

ARP cache poisoning implementation using Scapy

arp-cache-poisoning hacking network python scapy security

Last synced: 20 Mar 2025

https://github.com/securefix-action/action

GitHub Action to fix code securely

cicd github-actions oss security

Last synced: 23 Mar 2025

https://github.com/hovancik/BSDSec

deadsimple BSD Security Advisories and Announcements

advisories announcements bsd dragonfly freebsd midnightbsd netbsd openbsd pfsense security

Last synced: 01 Aug 2025

https://github.com/hotaydev/audit-export

A handy tool to export npm audit results to a fully offline HTML page for a better view of your project's vulnerabilities.

audit npm-audit packages security vulnerabilities

Last synced: 15 May 2025

https://github.com/sap-samples/appgyver-auth-flows

SAP Cloud Identity and XSUAA authentication samples for SAP AppGyver. This repository shows how to apply OAuth 2.0 authorization and token flows to your SAP AppGyver apps.

authentication btp-use-case-factory cloud-foundry integration pkce sample sample-code sap-appgyver sap-btp sap-cap sap-cloud-identity sap-ias sap-xsuaa security

Last synced: 31 Aug 2025

https://github.com/zillionare/omega

Data module for project zillionare

quant quotation security trade

Last synced: 23 Jul 2025

https://github.com/cr0hn/nginx-wordpress-docker-sec

Anti-hacking tools deployment config of Nginx for Wordpress

hacking hardening nginx nmap plecost security wordpress wp-scan wp-scanner

Last synced: 25 Jun 2025

https://github.com/nugget/rickroll

Try `telnet macnugget.org`

network-service security troll

Last synced: 03 Jan 2026

https://github.com/secure-software-engineering/authcheck

Analysis for access-control vulnerabilities in Java Spring Security applications.

access-control authentication authorization java security soot springframework

Last synced: 10 Apr 2025

https://github.com/elongl/viper

Remote control agent and controller.

agent controller rat security

Last synced: 16 Jul 2025

https://github.com/a3r0id/httpscan

Scan a host for open HTTP ports and gain information about the services present.

crawler hacking hacking-tool http low-level penetration-testing pentest pentesting portscan portscanner scan scanner scanner-web scraper security service-discovery

Last synced: 06 Apr 2025

https://github.com/gcmurphy/checksec

Elf checksec in Go.

checksec elf go security

Last synced: 13 Apr 2025

https://github.com/padsalatushal/cve-2011-2523

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

cve cve-2011-2523 exploit python security vsftpd-exploit

Last synced: 31 Jul 2025

https://github.com/dheerajjha451/websitethreatscan

A web tool to scan websites for common vulnerabilities like SQL Injection, CSRF protection checks, Cookie security configurations, and other sensitive information exposure.

collaborate cybersecurity hacking hackingtool nextjs python python3 security security-tools tailwindcss threatscanning websecurity website

Last synced: 14 Sep 2025

https://github.com/mohamedch7/kubectl-guard

Accidentally modifying production instead of a local cluster? kubectl-guard helps prevent such critical mistakes.

kubernetes script security

Last synced: 13 May 2025

https://github.com/shopify/seer-prototype

Security Expert Elicitation of Risks

elicitation expert-elicitation security

Last synced: 04 Oct 2025

https://github.com/FIWARE-Ops/docs.academy

:mortar_board: Video tutorials, slide decks and other training materials for developers learning about the FIWARE ecosystem.

context-broker contextual-data data-publication fiware generic-enablers iot-agent monetization processing robotics security tutorial video-tutorial

Last synced: 30 Mar 2025

https://github.com/grapheneos/platform_system_sepolicy

Base SELinux policy (extended by per-device repositories)

android grapheneos privacy security

Last synced: 13 Apr 2025

https://github.com/hrbrmstr/pubcheck

Check Safety of SSH Public Keys

r rstats security ssh-key

Last synced: 29 Oct 2025

https://github.com/shaadcode/payload-auditor

Payload CMS plugin for event tracking, auditing, and security. Monitor activities and analyze user behavior.

auditor cms payload payload-cms payload-plugin payloadcms security

Last synced: 19 Jun 2025

https://github.com/rusty-snake/kyst

Keep Your Sandbox Tight! – Actually just a collection of my own tight sandbox configurations.

firejail flatpak hardening overrides sandbox security systemd

Last synced: 26 Dec 2025

https://github.com/enygma/duoauth

PHP Library for easy integration with Duo Security's Two-Factor REST API

api api-client duo-security security security-tools

Last synced: 13 Apr 2025

https://github.com/m3ssap0/springbreakvulnerableapp

WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk!

cve-2017-8046 exploit security security-tools spring-break spring-data-rest vulnerability vulnerability-scanners

Last synced: 17 Jul 2025

https://github.com/ctrlaltdev/illegal-auth-attempts

🔒 Lists of IPs making illegal auth attempts and users used doing so

auth infosec ip login scan security ssh user

Last synced: 04 Apr 2025

https://github.com/yoeunes/regex-parser

Treat regex as code in PHP: parse it, lint it, explain it, secure it, and ship it in CI.

ast code-analysis lexer parser pattern-matching pcre php regex security validation vulnerability-detection

Last synced: 07 Jan 2026

https://github.com/geekmasher/ghastoolkit

GitHub Advanced Security Python Toolkit

advanced-security python security

Last synced: 05 May 2025

https://github.com/echo-devim/inou

Tool useful to discover services behind unknown ports

hacking network network-security protocols python3 security service-detection service-discovery

Last synced: 27 Mar 2025

https://github.com/theritex/router-switchcommands

RouterCommands es un repositorio creado para ayudar a aquellos gestores/administradores de servicios router

commands description help md5 ospf router security vlan vtp

Last synced: 27 Mar 2025

https://github.com/VERMAXVR/awsome_kali_MCPServers

awsome kali MCPServers is a set of MCP servers tailored for Kali Linux, designed to empower AI Agents in reverse engineering and security testing. It offers flexible network analysis, target sniffing, traffic analysis, binary understanding, and automation, enhancing AI-driven workflows.

agent kali-linux llm mcp-server security

Last synced: 17 Jun 2025

https://github.com/adamt20054/djscaptcha

A NPM module for Discord.js made to easily create CAPTCHAs to present to your Discord servers members.

bot captcha discord discord-js discord-verification discord-verification-bot djs djscaptcha djsv14 security verification

Last synced: 29 Oct 2025

https://github.com/mdp/u2fcli

Command line tool for using U2F tokens

ecdsa security u2f

Last synced: 10 Apr 2025

https://github.com/apratimshukla6/enyo

Enyo is a lightweight multistage partition-based encryption algorithm. Enyo cipher demonstrates good resistance to a brute-force attack. It is well suited for small-scale applications where the computational power is a bottleneck.

cryptography custom-encoder encryption-algorithm encryption-decryption enyo feistel-cipher owasp pypi pypi-package python security symmetric-key-cryptography url-safe

Last synced: 17 Jan 2026

https://github.com/cerbos/demo-graphql

A Typescript GraphQL demo of integrating Cerbos with GQL

access-control graphql nodejs policy security typescript

Last synced: 06 Oct 2025

https://github.com/zelon88/scancore

A high performance, self-updating, single thread command-line virus scanner written in PHP.

antivirus antivirus-engine av-engine cli command-line file-scanner malware-scanner php scanner security security-scanner security-tools virus virus-scanner

Last synced: 11 Oct 2025

https://github.com/yottayoshida/llm-key-ring

Secure CLI for managing LLM API keys via macOS Keychain. No more plaintext .env files.

api-key cli keychain llm macos rust secret-management security

Last synced: 13 Mar 2026

https://github.com/zkat/srisum

Compute and check Subresource Integrity digests.

checksum cli security subresource-integrity

Last synced: 11 Mar 2026

https://github.com/daviderez4/nodatachat-core

Secure, zero-trace secret sharing library. Encrypt and share secrets via CLI without servers ever seeing your data.

burn-after-reading cli encryption privacy secret-sharing security typescript zero-knowledge

Last synced: 27 Apr 2026

https://github.com/gaetangr/synaudit

A fast and user-friendly security auditing tool for Synology NAS systems built in Go.

auditing go golang security synology

Last synced: 14 Jan 2026

https://github.com/ynori7/credential-detector

An easy-to-use and highly configurable tool that allows you to scan projects to detect potentially hard-coded credentials.

credentials devsecops dynamic-analysis linter pentesting scanner secrets security security-tools

Last synced: 23 Jan 2026

https://github.com/vcc3v/ChromeSEC

A guide to help administrators to properly set up and secure their Chromebooks without having to decipher documentation.

chromeos cybersecurity edtech guide hardening hardening-steps k12 security security-hardening

Last synced: 29 Apr 2025

https://github.com/jwilk/security-research

Jakub's security research

security

Last synced: 27 Jan 2026

https://github.com/threagile/run-threagile-action

GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file

cicd devsecops devsecops-pipeline github-actions github-workflow risk-analysis security threagile threat-modeling

Last synced: 04 Jul 2025

https://github.com/mikasjp/wp-abuseshield

A simple and lightweight plugin that protects your WordPress against abuse.

abuse-detection abuseipdb hardening security wordpress wordpress-plugin

Last synced: 09 Oct 2025

https://github.com/sherifkozman/the-red-council

LLM Adversarial Security Arena — Jailbreak → Detect → Defend → Verify

adversarial-testing gemini langchain llm red-team security

Last synced: 04 Apr 2026

https://github.com/autostructure/secure_windows

Puppet module that hardens Windows Server to DoD STIG compliance

dod nist nist800-53 puppet security stig stig-vulnerabilities windows windows-server

Last synced: 11 Dec 2025

https://github.com/Jakiboy/Ratr

Router Config Extractor (Huawei, ZTE)

huawei ppp router security tr069 zte

Last synced: 17 Apr 2026

https://github.com/hsyntes/authentication-authorization-security

Authentication, Authorization and Security Back-End System with Node.js & Express.js & mongoDB - mongoose. Registering users to the database, authorization and authentication users, sending emails to users' email address to reset or update their password and more.

authentication authorization expressjs mongodb mongoose nodejs security

Last synced: 24 Apr 2025

https://github.com/JChristensen/usb-condom

A little something for the tinfoil hat crowd.

security tinfoil-hat usb

Last synced: 17 Jul 2025

https://github.com/ethereum-optimism/monitorism

Suite of tools for Monitoring OP Stack Chains 🔴 Offers real-time detection and Incident response capabilities ✨

monitoring onchain optimism security

Last synced: 26 Apr 2025

https://github.com/pforret/wp_cleanup

Script to clean up infected WordPress installations

bash bashew cleanup hacking security wordpress

Last synced: 07 May 2026

https://github.com/doocs/.github

❤ Community health files for the @doocs organization

code-of-conduct contributing default doocs funding health issue pull-request security support

Last synced: 28 Jan 2026

https://github.com/laravel-validation-rules/exposed-password

Validate that a password hasn't been exposed in a data breach.

data-breach laravel laravel-5-package laravel-validation passwords php security

Last synced: 24 Oct 2025

https://github.com/komachi/ansible-decent-desktop

Ansible playbook to provide decent desktop experience

ansible ansible-playbook desktop playbook security

Last synced: 22 Oct 2025

https://github.com/wmnsk/milenage

MILENAGE algorithm implemented in the Go Programming Language.

epc eutran lte milenage security telecom

Last synced: 28 Jan 2026

https://github.com/mauhpr/agentlint

Real-time guardrails for AI coding agents — code quality, security, and infrastructure safety. 57 rules across 8 packs for Claude Code.

ai-agents claude-code cli code-quality developer-tools guardrails hooks linting python security

Last synced: 10 May 2026

https://github.com/tsawler/signer

A simple package to sign and verify URLs

go golang security

Last synced: 28 Jan 2026

https://github.com/cipherstash/proxy

Encrypt and search your sensitive data in PostgreSQL, with no SQL changes

encryption-in-use postgresql searchable-encryption security

Last synced: 16 Mar 2025

https://github.com/1homsi/gorisk

Supply-chain risk intelligence that maps what your dependencies can do

cli cve dependency-analysis github-action go golang security static-analysis supply-chain

Last synced: 24 Feb 2026

https://github.com/seisollc/goat

Seiso's Grand Opinionated AutoTester (GOAT)

goat governance-as-code lint security seiso standard test

Last synced: 24 Feb 2026

https://github.com/pro-2684/pdf-perm

Change the permissions of a PDF file.

cli metadata pdf pdf-decrypt pdf-desecure permissions security

Last synced: 04 Mar 2026

https://github.com/pforemski/entropy-clustering

Entropy clustering of IPv6 networks, see https://ipv6hitlist.github.io/

ipv6 kmeans security

Last synced: 14 Jan 2026

https://github.com/azu/nextjs-cve-2025-29927-poc

Next.js PoC for CVE-2025-29927

next security

Last synced: 12 Apr 2025

https://github.com/githubixx/ansible-role-cfssl

Ansible role for installing Cloudflares CFSSL PKI toolkit on Ubuntu

ansible ansible-role certificate certificate-authority cfssl cloudflare-pki-toolkit kubernetes security

Last synced: 26 Jun 2025

https://github.com/sap-samples/btp-user-management-microservice

Sample CAP microservice to manage business applications' users and their respective authorizations.

authentication authorization btp cloud-application-programming-model cloud-foundry security xsuaa

Last synced: 25 Sep 2025

https://github.com/theori-io/web3-publications

Collection of Web3 Audits and Publications by ChainLight of Theori

blockchain ethereum exploit fuzzing publications security smart-contract web3

Last synced: 08 May 2025

https://github.com/dkosmari/gnome-shell-extension-totp

A GNOME Shell extension to generate Time-based One-Time Passwords (TOTP aka Time-based OTP) for websites that use 2FA.

2fa 2factor cryptography gnome gnome-shell gnome-shell-extension javascript otp otp-generator otpauth security totp

Last synced: 21 Aug 2025

https://github.com/masterbpro/argus

Argus is an eBPF-based monitoring and management tool delivering real-time insights into system performance. Designed for flexibility, efficiency, and security, it’s an ideal solution for developers and administrators seeking lightweight tools for event analysis and debugging.

audit bpf ebpf infrastructure kubernetes linux linux-kernel network sdn security

Last synced: 15 Apr 2025

https://github.com/lovasoa/samsung-email-password-decrypt

Decrypt encrypted passwords in EmailProvider.db on samsung phones.

android cryptography decoder forensics pasword samsung security

Last synced: 24 Mar 2025

https://github.com/itinerisltd/trellis-cve-2018-6389

Mitigate CVE-2018-6389 WordPress load-scripts / load-styles attacks

ansible-galaxy cve-2018-6389 security trellis wordpress

Last synced: 25 Jun 2025

https://github.com/mlshv/exactify

CLI tool that removes ^ prefix from package.json dependecies and replaces them with specific versions from package-lock.json

cli javascript packagejson security

Last synced: 25 Jun 2025

https://github.com/kjlaw89/webwatcher

Know when your websites are misbehaving!

elementaryos linux monitoring performance security vala

Last synced: 08 May 2025

https://github.com/ventz/docker-cif

CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)

cifs forensic-analysis forensics intel intelligence security threat-hunting threat-sharing

Last synced: 16 Sep 2025

https://github.com/0p4n1k/noctyra

AST-based Python code transformation & deobfuscation framework

ast deobfuscation python reverse-engineering security

Last synced: 17 Apr 2026