An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/0xedward/fisherman

a fisherman catches phishes - a tool to look up reputation of email addresses

email infosec phishing python security security-tools threat-intelligence

Last synced: 04 Oct 2025

https://github.com/xkcoding/magic-starter-secure-demo

magic-starter-secure 极简的权限控制框架的 demo

demo jwt magic-starter security spring-boot-2 spring-boot-starter xkcoding

Last synced: 09 Mar 2026

https://github.com/grapheneos-archive/device_google_crosshatch

Pixel 3 and Pixel 3 XL device sources.

android grapheneos security

Last synced: 04 Oct 2025

https://github.com/rusty-ferris-club/redact-engine

Protect confidentiality with dynamic redaction by replacing sensitive data.

redact redaction security sensetive-data

Last synced: 19 Aug 2025

https://github.com/teh9/laravel-tg-2fa

A simple implementation of a two-factor authentication via Telegram for Laravel

2fa auth authentication laravel login php security telegram two-factor

Last synced: 22 Aug 2025

https://github.com/divineomega/laravel-password-security-audit

🔏 Artisan command to audit the security of your users' passwords

laravel laravel-package password php security security-audit users

Last synced: 24 Aug 2025

https://github.com/ztalbot2000/zerofile

Simple command line tool that fill a file with binary zeroes, then removes it.

clean clear data disk erase fill reset security wipe zero

Last synced: 26 Aug 2025

https://github.com/hackardox/openv

openv a tool to automatically load secrets from .env files using 1password CLI under the hood

1password secrets security

Last synced: 29 Aug 2025

https://github.com/aegisjsproject/core

A fast, secure, modern, light-weight, and simple JS library for creating web components and more!

aegis component-library constructable-stylesheets css custom-elements dom html html-templates sanitizer-api security web-components

Last synced: 16 Jan 2026

https://github.com/sjinks/yubico-otp

PHP 7/8-friendly alternative to the official php-yubico client

2fa authentication otp php security yubico yubico-otp

Last synced: 10 Apr 2025

https://github.com/derhuerst/generate-node-policy-file

Generate a Node.js policy file for your code.

json nodejs security

Last synced: 15 Apr 2025

https://github.com/k3rnel-dev/katanaframework

Katana-Framework это фреймворк для энтузиастов по тестированию на проникновение на данный момент еще находится в разработке.

framework hack hacking malware metasploit pentest pentesting post-exploitation security

Last synced: 28 Jun 2025

https://github.com/narrowspark/automatic-security-audit

[READ ONLY] :warning: A composer plugin that checks if your application has known security vulnerabilities.

audit automatic composer composer-plugin narrowspark-automatic security security-advisories

Last synced: 13 Jan 2026

https://github.com/cyberark/escape-the-cloud

Web Application for CyberArk Cloud Escape Room CTF challenge

aws challenge cloud conjbot-skip conjbot-skip-vulnrreport ctf security

Last synced: 03 May 2025

https://github.com/geniuszly/CVE-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/miller79/spring-security-demo

Demonstrates how to use Spring Security with common production patterns.

java oauth2 security spring spring-boot spring-framework spring-security

Last synced: 01 Jul 2025

https://github.com/ridge-development/ridge

Create your own personal AI assistant with full control, host it yourself, access insights from both your documents and the web, and automate tasks effortlessly. Design tailored AI agents, dive deep into research, and set up scheduled workflows.

agents autonomous llm nodejs npm pipeline python python3 repository security tasks yaml yarn

Last synced: 16 May 2025

https://github.com/derhansen/tobserver

tObserver TYPO3 extension required for the free TYPO3 monitoring service

monitoring security typo3 typo3-extension

Last synced: 19 Apr 2025

https://github.com/piiiico/proof-of-commitment

Supply chain risk scorer for npm and PyPI — single-maintainer CRITICAL flags before attacks happen

audit cargo cli dependencies github-action go golang mcp mcp-server npm openssf pypi rust scorecard security software-supply-chain supply-chain supply-chain-security

Last synced: 13 Jun 2026

https://github.com/yandex-cloud-examples/yc-mk8s-copy-fail-mitigation

DaemonSet для митигации уязвимости CVE-2026-31431 (Copy Fail)

kubernetes mk8s security yandex-cloud yandexcloud

Last synced: 25 Jun 2026

https://github.com/itcmsgr/nftban

NFTBan is an open-source Linux Intrusion Prevention System (IPS) and firewall manager built on nftables, designed to integrate cleanly with modern Linux security stacks.

ai-security almalinux centos debian fail2ban firewall firewall-management intrusion-prevention ips linux nftables red-hat rocky rocky-linux rockylinux security suricata ubuntu zabbix

Last synced: 04 Jul 2026

https://github.com/5GSEC/security-intents

Repository to hold security intents in standard template format.

5g blueprints intents k8s kubernetes o-ran security

Last synced: 16 Jun 2026

https://github.com/jamiesonio/defectdojo-mcp

An experimental ModelContextProtocol server connecting LLMs to DefectDojo for AI-powered security workflows. Enables natural language interaction with vulnerability data, simplifies security analysis, and automates reporting through a lightweight middleware integration.

appsec defectdojo devsecops fastmcp mcp security security-automation

Last synced: 01 May 2026

https://github.com/rulilg/litic

JS library to perform technical SEO and best practices analysis to your projects.

accessibility best-practices security seo technical-seo web-development

Last synced: 13 Oct 2025

https://github.com/elliotwutingfeng/passwordsim

passwordsim lets you search for passwords similar to your specified password in any passwords dataset. The similarity metric used is the Damerau-Levenshtein distance.

cybersecurity damerau-levenshtein data-breaches hacktoberfest haveibeenpwned osint password password-manager security

Last synced: 29 Apr 2025

https://github.com/jef/gh-audit-org-keys

🔑 Provides list of public SSH keys of an organization

github-api john-the-ripper openssl security ssh

Last synced: 03 Apr 2026

https://github.com/onzack/kube-defcon

A tool to visualize network policy information from the Kubernetes Master API

docker kubernetes network-policy security visualization

Last synced: 26 Oct 2025

https://github.com/0xjonaseb11/dn404_marketplace.3.0

A DN404 Marketplace built on ERC404 token standard inspired by Pandora coin

auditing dn404 erc404 ethereum marketplaces nfts security smartcontracts solidity tokens

Last synced: 21 Apr 2026

https://github.com/getarcis/arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

bot-detection cli django express fastapi middleware nodejs npm owasp prompt-injection pypi python rate-limiting sast security sql-injection ssrf supply-chain-security web-security xss

Last synced: 06 Jun 2026

https://github.com/codeconut-ltd/wordpress-plugin-default-config

WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.

composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings

Last synced: 08 Oct 2025

https://github.com/ekino/hibernate-crypto-types

Provides new hibernate column types to encrypt your column data before being stored in your database

encryption gradle hibernate jpa secrets security

Last synced: 06 Oct 2025

https://github.com/theruziev/security_interface

Simple API for authentication and authorization.

python-3-6 python-asyncio security

Last synced: 17 Mar 2026

https://github.com/d6stiny/blursed

replacement to the already emerging, closed-source social networks

alternative nextjs privacy react security social social-media social-network

Last synced: 15 Apr 2025

https://github.com/rad-security/clawkeeper

Open-source security scanner for AI agent hosts. Audits macOS and Linux machines for misconfigurations, credential exposure, and network hardening — 42 checks across 5 phases with auto-fix.

ai-agents bash devsecops hardening linux macos openclaw scanner security

Last synced: 12 Jun 2026

https://github.com/kaushikgopal/ff-container-traffic-control

Firefox addon (extension) that helps you define rules which will control which container a website opens in.

firefox firefox-addon firefox-extension privacy security

Last synced: 31 Jan 2026

https://github.com/mablanco/docker-rapidscan

Docker image for Rapidscan, a multi-tool web vulnerability scanner

docker pentesting security

Last synced: 02 Jun 2026

https://github.com/piecioshka/is-responding

🛠 A tool to find active endpoint use an enumeration strategy

cli security

Last synced: 17 Jun 2026

https://github.com/exxeta/flutter-security-toolkit

Mobile Security Toolkit for Flutter

flutter security security-tools

Last synced: 23 Oct 2025

https://github.com/sadhasivamx/boar-hunting-yolov8

YoloV8-based boar detection system with Arduino-triggered buzzer for enhanced security.

arduino artificial-intelligence computer-vision custom machinelearning security yolov8

Last synced: 07 Oct 2025

https://github.com/atbashee/atbash-octopus

Atbash Octopus version; declarative permission based Java EE Security

declarative java javaee javafx microprofile octopus permissions security

Last synced: 06 Jul 2025

https://github.com/homebrew/homebrew-brew-vulns

🔓 A Homebrew subcommand that checks installed packages for vulnerabilities

brew homebrew security vulnerability-scanners

Last synced: 05 Feb 2026

https://github.com/suuhm/log4shell4shell

Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell

checker hacking linux log4j log4j2 log4shell macos patch penetration-testing pentesting proof-of-concept scanner security tomcat vulnerability-scanners windows

Last synced: 03 May 2026

https://github.com/qualixar/skillfortify

First formal security scanner for AI agent skills & plugins. Static analysis, supply chain verification, SBOM generation. 22 frameworks supported including MCP, LangChain, CrewAI.

agent-skills ai-agents cyclonedx formal-methods mcp sbom security static-analysis supply-chain-security

Last synced: 27 Mar 2026

https://github.com/kumuluz/kumuluzee-security

KumuluzEE Security extension for easy integration with OAuth2/OpenID identity and access management providers.

cloud-native java javaee kumuluzee microservices oauth2 openid-connect security

Last synced: 17 Oct 2025

https://github.com/jreisinger/waf-tester

Test Web Application Firewalls (WAFs)

cli ftw security testing tool waf

Last synced: 31 Jan 2026

https://github.com/omaidf/go-chrome-stealer

Steal Chrome Cookies Without Root

cookies security security-tools

Last synced: 14 Jan 2026

https://github.com/cbrnrd/krypton

🔒 A CLI tool for easy cryptography

cli command-line-tool cryptography encryption ruby security

Last synced: 22 Apr 2025

https://github.com/elnappo/bro-log-parser

Simple logfile parser for Bro IDS

bro bro-ids logfile-parser python3 security

Last synced: 09 Mar 2026

https://github.com/mtk911/mailinator-scraper

A powershell script to scrap mailinator without API for sensitive emails

mailinator powershell powershell-script scanner scraper security security-tools

Last synced: 03 Jul 2025

https://github.com/marcreichel/password-exposed-rule

Laravel Validation rule to check that a password hasn't been exposed

data-breach haveibeenpwned laravel laravel-framework laravel-package password security validation

Last synced: 13 Jan 2026

https://github.com/soumyadip007/ga4gh-prototype-and-microservice-api-gsoc-proposal

Implement “Reference registry and contig alias search” for Global Alliance for Genomics and Health.

elasticsearch gsoc hibernate jpa jwt maven microservicers mysql restapi restful-webservices security spring springboot

Last synced: 27 Jul 2025

https://github.com/panther-labs/pysigma-backend-panther

pySigma Panther Backend

python security

Last synced: 12 Aug 2025

https://github.com/Tjoosten/Security-Checklists

Security checklists and advisories that can be used on projects.

documentation security

Last synced: 20 Nov 2025

https://github.com/lilydjwg/httpseverywhereuserrules

My personal HTTPSEverywhere rules

configuration firefox https security

Last synced: 04 Feb 2026

https://github.com/x13a/pschk

Check for suspicious processes on macOS

macos osx security swift

Last synced: 02 Jul 2025

https://github.com/ibreakthecloud/redactrus

Go package for redacting sensitive info in Logrus logs.

golang hacktoberfest logging logrus redact security

Last synced: 23 Mar 2025

https://github.com/theamazingpt/passman

A dmenu frontend for password-store (Pass: The Standard Unix Password Manager)

bash dmenu linux manager pass password password-store security unix

Last synced: 10 Mar 2026

https://github.com/mchackorg/gonts

Network Time Security in Go

go network ntp nts protocol security

Last synced: 16 Jan 2026

https://github.com/pythonhacker/varuh

Password manager for the command line for Unix like operating systems

command-line command-line-tool encryption golang linux password-manager security security-tools shell unix-like

Last synced: 19 Mar 2025

https://github.com/umuttopalak/pass-cli

A secure command-line password manager with AES-256 encryption and sudo authentication

aes-256 cli command-line-tool cryptography keyring password-generator password-manager password-security python security

Last synced: 28 Jul 2025

https://github.com/hugobatista/tailhoogram

Send Tailscale webhook events to Telegram using Cloudflare Workers

audit cloudflare cloudflare-workers events security tailnet tailscale telegram webhook

Last synced: 26 May 2026

https://github.com/authress/authress-local

Local running version of an Authorization API in a container

api authentication authorization authress container offline sdk security

Last synced: 13 May 2025

https://github.com/bitdefender/hvmi-blog

A place where the HVMI team writes about memory introspection and other fun stuff.

hypervisor introspection reverse-engineering security virtualization virtualization-based-security

Last synced: 15 Apr 2025

https://github.com/jbruchon/php_secure_auth

Secure user login/authentication template for PHP web applications

authentication pdo pdo-mysql php security

Last synced: 13 May 2025

https://github.com/autodidaddict/grpctls_sample

Sample illustrating mutual TLS and streaming gRPC using Elixir

elixir elixir-lang grpc grpc-stream mutual-tls otp security tls

Last synced: 21 Apr 2025

https://github.com/bonedaddy/postables-solidity-modules

Collection of reusable contracts and libraries I use in contracts I write.

blockchain contracts cryptocurrency ethereum libraries modules openzeppelin safemath security solidity upgradeable utilities

Last synced: 12 May 2025

https://github.com/YosaiProject/pyramid_yosai

Yosai integration with the Pyramid Web Framework

pyramid python security web-application yosai

Last synced: 13 May 2025

https://github.com/exabrial/javax-security-cdi-extension

A CDI Portable Extension for Java EE 7 (and maybe 8) that allows you to use @RolesAllowed on CDI Beans and their Methods

cdi cdi-extension interceptors java java-ee-7 role-based-access-control security

Last synced: 11 Jan 2026

https://github.com/chinmay29hub/stegmoji

Stegmoji is a client-side steganography tool. Encode secret messages into emoji or text using invisible Unicode characters (variation selectors, zero-width joiners). Supports three embedding modes (Tail, Interleaved, ZWJ-aware), optional compression, AES-GCM encryption, and full Unicode analysis/visualization

client-side compression cryptography data-visualization javascript nextjs open-source privacy react security steganography unicode web-app web-crypto

Last synced: 17 Jan 2026

https://github.com/lytexdev/seal-pi

🦭 Seal-Pi: Security Camera 🦭

camera flask raspberry-pi seal-pi security

Last synced: 13 Apr 2025

https://github.com/potatoqualitee/disarepotools

🦅 DISA Patch Repository Tools - List, download files and install files from DISA patch repositories using your smartcard

disa security

Last synced: 27 Oct 2025

https://github.com/mchmarny/sds-demo

Software Delivery Shield demo illustrating end-to-end solution for secure software supply chain

demo devops gcp sds security supply-chain

Last synced: 05 Aug 2025

https://github.com/ShivKushwah/PSec

Programming Language for creating Secure Distributed Systems leveraging Intel SGX

distributed-systems intel-sgx p-language programming-language psec security

Last synced: 20 Apr 2025

https://github.com/lirantal/security-report

Report a security vulnerability

nodejs npm npx security

Last synced: 21 Apr 2025

https://github.com/rarecoil/mqtt-packet-fuzzy

Radamsa-backed, hooked mqtt-packet for blind MQTT protocol fuzzing on Mac, Linux and Windows.

fuzzing mqtt mqtt-packet mqttjs radamsa security

Last synced: 01 Jul 2025

https://github.com/grottopress/samba

Single Sign On authentication for Lucky framework

authentication crystal lucky-framework oauth2 security sso

Last synced: 22 Apr 2025

https://github.com/ricco386/cyber502x-computer-forensics

RITx: CYBER502x Computer Forensics - Personal study notes

mooc security study-notes

Last synced: 17 Mar 2026

https://github.com/muqsit/2fa

[In-dev] Two-factor authentication for your PocketMine-MP (PMMP) server. Currently there are no documentations or doc comments.

2fa mfa pmmp pocketmine-mp security

Last synced: 05 Aug 2025

https://github.com/gentoo/gentoo-apparmor-profiles

[ORIGIN] AppArmor profiles just for Gentoo

apparmor hacktoberfest security

Last synced: 01 Feb 2026

https://github.com/rknf404/chromium-hardening-guide

Harden chromium (somewhat)

chromium chromium-browser security

Last synced: 15 Apr 2025