An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/mini-ware/file-locker

Keep your files obfuscated by locking them with XOR encryption

cli encryption hacking linux password security shell xor

Last synced: 03 Oct 2025

https://github.com/rooted-io/ctfs

Collection of CTF Labs 🏳️ 🏴

ctf ctf-challenges ctf-walkthroughs ctf-writeups kubernetes security

Last synced: 03 Oct 2025

https://github.com/avantasia/inventedAttack

A POC attack combining IP SPoofing, SYN Flood and IP Fragmentation

poc security wip

Last synced: 13 Mar 2025

https://github.com/cryxnet/cve-2022-42889-rce

Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability)

cve-2022-42889 exploit exploits poc security vulnerability

Last synced: 27 Dec 2025

https://github.com/dev-hwang/flutter_security_checker

This plugin provides the ability to verify rooting and integrity on Android and iOS platforms.

android flutter ios root-checker security

Last synced: 21 Mar 2025

https://github.com/ehsanshahbazii/coursera-javascript-security-refreshers

This course is a Secure Javascript Programming Overview. It gives the student an introduction to JavaScript security and covers important topics like authentication best practices and refreshers on JavaScript, Web browsers and Node.js.

coursera coursera-course es6 javascript js nodejs security

Last synced: 27 Oct 2025

https://github.com/luckman212/cscheck

outputs codesigning info for macOS binaries

macos security

Last synced: 18 Oct 2025

https://github.com/atropinetears/winternitz-ots

A Rust Library For The Post-Quantum Digital Signature Scheme Winternitz One-Time Signature using the hash function Blake2b.

blake2b crypto cryptography digital-signature hash hashing one-time-signatures ots post-quantum post-quantum-cryptography rust rust-crate rust-lang rust-library security signatures winternitz winternitz-ots wots

Last synced: 27 Mar 2026

https://github.com/semgrep/skills

A collection of skills for AI coding agents from Semgrep

agents claude-code security skills

Last synced: 05 Mar 2026

https://github.com/mawg0ud/cveforge

A tool to track & analyze Common Vulnerabilities and Exposures (CVEs).

automation cve cybersecurity detection exploit infosec malware pentesting python risk security vulnerability

Last synced: 04 Apr 2026

https://github.com/sireto/offlinepass

Self Service Password Manager

password password-generator password-manager security

Last synced: 04 Apr 2026

https://github.com/djx-y-z/openmls_dart

Wrapper for OpenMLS, implementing the Messaging Layer Security (MLS) protocol (RFC 9420) for scalable end-to-end encrypted group messaging. Features TreeKEM key agreement, encrypted storage (SQLCipher/IndexedDB), and Web Crypto support. Optimized for Flutter and cross-platform applications (Android, iOS, Linux, macOS, Windows, Web). MIT Licensed.

cross-platform cryptography dart encryption end-to-end-encryption flutter flutter-rust-bridge frb group-messaging messaging mls mls-protocol openmls privacy rfc9420 rust security

Last synced: 06 Jun 2026

https://github.com/nour-karoui/encrypt-storage

NPM package that encrypts Local/Session Storage (available for TS & JS)

angular client-side encryption javascript localstorage reactjs security sessionstorage storage typescript

Last synced: 27 Oct 2025

https://github.com/kardespro/nosqlmap

NoSQLMap CLI Tool is a command-line interface (CLI) tool designed to test for NoSQL injection vulnerabilities using Node.js, TypeScript, and Axios. It supports both HTTP and HTTPS requests and works with all HTTP methods.

exploit mongodb mongodb-database mongoose nosqlmap pentesting scan-tool security security-tools sqlmap

Last synced: 24 Oct 2025

https://github.com/vpereira/brucutu

Brute force tool for SSH, IMAP, HTTP, FTP, POP3 and others

brute-force go golang security security-audit

Last synced: 14 Feb 2026

https://github.com/projectachilles/projectachilles

Continuous security testing and cyber-risk quantification for every organization

breach-a cyber-ri docker golang mitre purple-team security self-hosted typescript

Last synced: 03 Apr 2026

https://github.com/hexway/hive-burp-extension

About Hive Burp Suite Extension

pentest pentest-tool security security-tools

Last synced: 26 Feb 2026

https://github.com/henriquetourinho/brhttp

Um servidor estático em Go, superpoderoso. Oferece Live Reload, mas também automação de build com webhooks, proxy reverso e uma API de controle completa.

automation binario debian dev-server frontend go golang linux live-reload minimalist no-dependencies open-source performance reverse-proxy security spa static-server zero-config

Last synced: 04 May 2026

https://github.com/r3dhulk/bad-usb

bad usb also known as rubber ducky is a usb device to hack your target when you are in device's physical access

attack hacking security security-tools usb

Last synced: 13 Jun 2026

https://github.com/italomaia/uri-faker

See how fonts can be used to create fake URIs

fonts html jquery pentest phishing security semantic-ui uri usability

Last synced: 28 Oct 2025

https://github.com/djinn-soul/cytoscnpy

Fast Python static analysis powered by Rust. Detects dead code, security issues (including taint analysis), and code quality metrics like complexity, Halstead, maintainability, and nesting depth.

code-quality dead-code-detection python python-linter quality secret-detection security vscode-extension

Last synced: 18 Apr 2026

https://github.com/open-sspm/open-sspm

Open-SSPM is a small “who has access to what” service. It syncs identities from Okta (IdP) and permissions from connected apps (GitHub, Datadog, AWS Identity Center). Demo: admin@admin.com / admin

security sspm

Last synced: 18 Apr 2026

https://github.com/ubernostrum/django-flashpolicies

Flash cross-domain policies for Django.

django flash python security

Last synced: 26 Oct 2025

https://github.com/jonhadfield/ipscout

Host threat aggregator for network administrators and security analysts.

cli ip ip-reputation netsec netsec-tools network security

Last synced: 07 Feb 2026

https://github.com/crodjer/biip

Strip out PII before Sending Data

cli pii privacy prompt-engineering prompt-toolkit rust security

Last synced: 25 Apr 2026

https://github.com/drawing-captcha/drawing-captcha-app

Drawing Captcha is an innovative software that enhances security and promotes brand awareness by requiring users to complete interactive drawing tasks to pass the verification process. (Website comes soon)

captcha drawing js nodejs open-source security solving

Last synced: 25 Jul 2025

https://github.com/imranismail/cloudcreds

Secure access to your organization's AWS accounts for both programmatic and console use-case via federated identity and short-lived credentials

aws federated-identity google oauth oidc security

Last synced: 22 Apr 2025

https://github.com/ph-7/notallowed

🚫 NotAllowed 🚫 =>A lightweight library that helps you to censor words, profane words, banned IPs, banned bank accounts, etc.

ban ban-words banned blacklist censor censored-words check-words filter-words php72 profane profane-words security spam

Last synced: 09 Apr 2025

https://github.com/hobbyquaker/check_nextcloud

Nagios/Icinga Nextcloud Security Check :cloud: :closed_lock_with_key: :ballot_box_with_check:

icinga monitoring nagios nextcloud security

Last synced: 12 Apr 2025

https://github.com/traycho/micronaut-security-attributes

Micronaut security attributes - secure your endpoints by validating authentication attribute using micronaut-security and a bit more. Library is not limited to any specific authentication method and is expected to work with supported authentication methods from micronaut.

attributes aws claims jwt jwt-authentication jwt-token lambda ldap-authentication micronaut security serverless tokens validation

Last synced: 11 Jan 2026

https://github.com/inexio/cve-alert-manager

Collect security alerts from different sources and provide a normalized API to query

cve golang security security-vulnerability

Last synced: 09 Mar 2026

https://github.com/robertdebock/ansible-role-auto_update

Install and configure automatic package updates on your system.

ansible autoupdate molecule playbook security system tox

Last synced: 24 Apr 2025

https://github.com/theoomoregbee/angular4-auth

EVERYTHING YOU NEED TO KNOW ON SECURING YOUR ANGULAR 2+ SPA

angular-cli angular4 security single-page-app spa

Last synced: 09 May 2025

https://github.com/oops-org-php/mod_execdir

mod_execdir: jailed system function. Run only the shell command in the specified directory

jail php8 security shell-injection

Last synced: 26 Apr 2025

https://github.com/xewdy444/netgrave

A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)

camera exploit netwave security vulnerability

Last synced: 11 Mar 2026

https://github.com/jonhadfield/subtocheck

subdomain takeover checker

go golang scanner security subdomain takeover

Last synced: 15 Jul 2025

https://github.com/dents/torche

Torrent file checker - verifies files in a directory against a torrent file in the same directory

datahoarder datahoarding file file-validation hash security sha1 storage torrent torrent-files torrents

Last synced: 11 Mar 2026

https://github.com/go-to-k/ecr-scan-verifier

The AWS CDK Construct that blocks deployments to ECS, Lambda, and other services when ECR Image Scanning detects vulnerabilities, and optionally verifies container image signatures.

aws aws-cdk aws-cdk-construct aws-ecr awscdk cdk container security

Last synced: 22 May 2026

https://github.com/jin5354/backstab

Bury latent information to your web page for confidentiality and track.

confidentiality screenshot security security-audit

Last synced: 13 Apr 2025

https://github.com/sfr-development/wondersuite-ai-bug-bounty

AI-Powered Offensive Security Research Engine - desktop-native security testing platform with native MCP integration. 90 tools, MITM proxy, stealth browser, autonomous AI agent. Built on Tauri + Rust + React.

ai-agent bug-bounty burp-suite-alternative desktop-app llm-tools mcp mitm-proxy model-context-protocol offensive-security pentesting react rust security security-tools tauri typescript vulnerability-scanner web-security

Last synced: 30 May 2026

https://github.com/artem-smotrakov/java-dns-tunneling

Here is an example which shows an idea how DNS tunneling can be implemented in Java.

dns-tunneling java java-dns security

Last synced: 16 Jul 2025

https://github.com/simpleclub/firebase-rules-helper

A collection of packages aimed to make working with Firebase rules easier.

code-generation coverage coverage-report firebase firebase-firestore firebase-storage firestore security

Last synced: 22 Feb 2026

https://github.com/BiasedRiot/Glanadh

Service to automatically remove Metadata from your files.

cloud-computing exif exif-data mat2 metadata monitoring privacy privacy-tools security security-tools shell systemd

Last synced: 12 Jul 2025

https://github.com/operatorequals/gitsign-action

Verify Sigstore Gitsign commit signatures

cicd pgp security signatures sigstore

Last synced: 16 Jan 2026

https://github.com/humblelad/neuro

Netlas automation to scan for vulnerabilities using nuclei templates.

netlas security security-automation

Last synced: 10 May 2025

https://github.com/dyne/redroom

Zenroom crypto module for Redis

crypto cryptography password redis redis-module security

Last synced: 16 Jul 2025

https://github.com/toshke/aws-waf-demo-workshop

Workshop for demonstrating AWS WAF usage

api apigateway aws aws-waf cloud loadtesting security serverless workshop

Last synced: 07 Apr 2025

https://github.com/grapheneos/tls-pinning

Utilities for setting up TLS key pinning for Android app network security configuration. We pin the keys of trusted roots and backup keys in order to avoid needing to rotate the pinned keys. Backup keys are never intended to be used unless the roots stop being available and then only need to be used until the pins expire or get updated.

https privacy security tls

Last synced: 13 Apr 2025

https://github.com/maymeow/php-encrypt

🔏PHP library for creating and signing Certificates, text encryption and decryption.

certificates encryption hacktoberfest hacktoberfest2020 library openssl php security

Last synced: 19 Apr 2025

https://github.com/drizzlerisk/armyworm

Armyworm是一款用于研究和测试的Internet Explorer密码输入控件粘虫防护能力的测试程序

activex armyworm bank ocx pentest security trojan

Last synced: 16 May 2025

https://github.com/mkmik/getsum

Abuse the gosum database to store verifiable hashes about any binary file

go hack security transparency

Last synced: 17 Aug 2025

https://github.com/jakiboy/ratr

Router Config Extractor (Huawei, ZTE)

ppp router security tr069 zte

Last synced: 21 Jun 2025

https://github.com/littlenewton/ucas_exploit_practice

中国科学院大学,《漏洞利用与攻防实践》,霍玮

security ucas

Last synced: 27 Jul 2025

https://github.com/kahalewai/agbac

AGent Based Access Control (AGBAC) is is an open, vendor-neutral security specification that defines how AI agents securely perform actions on behalf of humans using existing IAM technologies

access-control agent agentic agents ai ai-agent artificial-intelligence auth-n auth-z authentication authorization dual-subject enterprise iam innovation llm security technology zero-trust

Last synced: 29 May 2026

https://github.com/c0m4r/paranoya

Simple IOC and YARA scanner for Linux®

malware-detector paranoya python security security-tool yara yara-scanner

Last synced: 25 Jul 2025

https://github.com/hartwork/mozilla-password-decrypt

:unlock: Decrypt passwords stored by Firefox, Thunderbird, Iceweasel, Icedove using libnss3.so

cli cli-app firefox icedove iceweasel mozilla mozilla-firefox mozilla-thunderbird password password-retrieval security thunderbird

Last synced: 03 Apr 2026

https://github.com/tecnickcom/rndpwd

Web Service Random Password Generator written in GO

go golang password-generator security webservice

Last synced: 04 Mar 2026

https://github.com/z-m-huang/vcp

Vibe Coding Protocal - Security-first protocol for AI-generated code, multiple standards with real-time enforcement and multi-AI pipeline orchestration

ai-coding claude-code claude-skills security security-audit vibe-coding

Last synced: 18 Apr 2026

https://github.com/riquedev/django-login-history2

It's easy to use, plug-in django app that once included, stores logins history (with device data, like IP, user-agent, location etc.) of all users

authenticate django ip location login security session

Last synced: 17 Mar 2026

https://github.com/djx-y-z/libsignal_dart

Wrapper for libsignal, implementing the Signal Protocol for end-to-end encryption. Features Double Ratchet, X3DH, Sealed Sender, Group Messaging (SenderKey), and Kyber post-quantum key exchange. Optimized for Flutter and cross-platform applications (Android, iOS, Linux, macOS, Windows). AGPL-3.0 Licensed.

cross-platform cryptography dart double-ratchet encryption end-to-end-encryption flutter flutter-rust-bridge frb libsignal messaging privacy rust sealed-sender security signal-protocol x3dh

Last synced: 01 May 2026

https://github.com/mostafahussein/kubernetes-sec-alert

Track Kubernetes CVEs by native GitHub notifications!

cve devops github-actions golang k8s kubernetes security

Last synced: 28 Oct 2025

https://github.com/execveat/flawed

Static analysis engine for Python web-applications

security security-tools static-analysis taint-analysis

Last synced: 22 Jun 2026

https://github.com/celenityy/dove

Dove is a suite of configurations & advanced modifications for Mozilla Thunderbird, designed to put the user first - with a focus on privacy, security, freedom, & usability.

anti-tracking email gecko hardened hardening mozilla privacy private secure security settings thunderbird tracking user-js userjs

Last synced: 25 Feb 2026

https://github.com/wan0net/awesome-abac

List of Applications that enable or natively support Attribute Based Access Control

abac access-control attribute-based-access-control authorization awesome-list cybersecurity security zero-trust

Last synced: 03 May 2026

https://github.com/go-to-k/image-scanner-with-trivy

The AWS CDK Construct library to allow you to scan a container image during CDK deployment layer with Trivy.

aws aws-cdk aws-cdk-construct cdk container security trivy

Last synced: 27 Feb 2026

https://github.com/benavlabs/crudauth

Batteries-included, transport-agnostic authentication for FastAPI.

auth authentication backend fastapi security sqlalchemy

Last synced: 24 Jun 2026

https://github.com/mondoohq/ansible-mondoo

Ansible Role for Mondoo cnquery and cnspec

ansible policy policy-as-code security security-as-code

Last synced: 29 Jan 2026

https://github.com/khalidelboray/zap-api-raku

A Raku module for the OWASP ZAP API.

owasp raku raku-module security web-security zaproxy

Last synced: 01 Apr 2026

https://github.com/dionyziz/hackme

The website describing my bounty hunt game.

bounty security

Last synced: 24 Jan 2026

https://github.com/panagiotisdrakatos/universal-encryption-channel

Cross-platform socket API for Windows Universall Apps and Java

cross-platform encryption key-exchanges security

Last synced: 16 Aug 2025

https://github.com/mvladislav/vm-docker-collection

Collection of some useful docker container with composer and swarm setup with traefik support

collection docker docker-compose docker-swarm monitoring security swarm traefik

Last synced: 23 Apr 2025

https://github.com/felixfriedrich/dnsmonitor

Monitor domain names for DNS changes

dns golang security

Last synced: 14 Jan 2026

https://github.com/trag1c/ixia

Connecting secrets' security with random's versatility

cryptography python random security

Last synced: 31 Oct 2025

https://github.com/tldr-devops/auto-security-patching

Apply updates to your servers automatically and securely

automation patching security updates

Last synced: 04 Dec 2025

https://github.com/neospl0it/discord-rat

A powerful Discord RAT for remote control & monitoring. Capture screenshots, grab passwords, evade detection.

discord discord-bot discord-rat grabber-password grabber-token python rat remote-access-trojan remoteaccesstrojan security

Last synced: 22 Apr 2025

https://github.com/knutwurst/psnino

a pure, simple Playstation 1 PS1 Modchip for Arduino, ATMega and ATtiny

copy-protection modchip playstation security

Last synced: 13 Apr 2025

https://github.com/pelock/radio-code-calculator-php

Radio Code Calculator is an online service along with Web API & SDK for generating car radio unlock codes for popular vehicle brands.

anti-theft car car-hacking navigation php radio radio-code radio-codes security unlock vehicle

Last synced: 13 Jun 2025

https://github.com/sondosaabed/sql-injection-attack-detection

Introduction to generative adversial network

ai conditional-gan security

Last synced: 09 Apr 2025

https://github.com/fossable/autovet

Automated security testing for open source libraries and applications.

security security-tools supply-chain

Last synced: 25 Apr 2025