An open API service indexing awesome lists of open source software.

Security

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

https://github.com/byxor/passflip

Lightweight password manager that doesn't store anything

password-manager python3 security

Last synced: 24 Oct 2025

https://github.com/gensecaihq/kubekavach

Developer-first K8s security scanner with instant pod replay. Debug prod issues locally in seconds. AI-powered explanations. CERT-IN compliant for Indian orgs.

cert-in container cybersecurity india kubernetes kubernetes-cluster security

Last synced: 09 Oct 2025

https://github.com/dev-sec/cnspec-collection-baselines

DevSec Security Baselines provide battle tested hardening checks for Linux, SSH, nginx, MySQL in cnspec

hardening security

Last synced: 31 Aug 2025

https://github.com/nis2shield/django-nis2-shield

๐Ÿ›ก๏ธ Security-First Middleware for Django NIS2 Compliance

compliance django forensic gdpr logging middleware nis2 python security

Last synced: 29 Apr 2026

https://github.com/basis-theory-labs/vgs-migration-guide

Migration Guide to move from Very Good Security to Basis Theory

guide migration security tokenization

Last synced: 04 Mar 2026

https://github.com/zapalm/auto-indexer

PHP auto indexer: the tool against directory traversal security vulnerability. It recursively adds a index.php file in all given directories.

cli-utility directory-traversal-vulnerability hacktoberfest php-library security vulnerability

Last synced: 24 Apr 2025

https://github.com/devops-ia/helm-openaev

Helm chart for Exposure Validation to Improve Security Posture

charts cyber cybersecurity helm intelligence kubernetes openbas osint security threat-intelligence

Last synced: 18 Feb 2026

https://github.com/shopstack-projects/shopstack-security-hmac

Authenticate Shopify requests using the provided HMAC.

authentication hmac security shopify shopify-apps

Last synced: 08 Oct 2025

https://github.com/pavanvaranasi02/ecommerce-website

"An e-commerce web app with user registration, login, responsive product listing, and a 'Buy Later' feature. Built using Java, Servlets, JSP, JDBC, and styled with CSS. Enhance your online shopping experience!"

java jdbc jsp security servlets

Last synced: 08 Oct 2025

https://github.com/ferhatgec/passplusplus

Single header Password Quality and Security Library.

file header library pass quality security single

Last synced: 18 Feb 2026

https://github.com/kliu128/staplechain

Signed, In-band Annotations for Language Model Outputs

gpt-4 openai security

Last synced: 01 Mar 2025

https://github.com/codingo/ctfs

Code and writeups for a variety of CTF challenges. Links to writeups included where available.

capture-the-flag penetration-testing python security writeups

Last synced: 12 Mar 2026

https://github.com/computer-lab/ctf

Computer Lab CTF

ctf hacking security wargame

Last synced: 11 Mar 2025

https://github.com/shemul/dns-over-tls

A DNS over TLS proxy that accepts simple (conventional) DNS requests and proxy it to a DNS servers running with DNS over TLS (DoT)

dns dns-over-tls docker golang security

Last synced: 18 Jan 2026

https://github.com/sultaniman/allowed_hosts

Elixir plug to protect your APIs from Host header attacks

allowedhosts elixir header-attack plug security

Last synced: 04 Jun 2026

https://github.com/sjinks/php-disable-eval

Disable eval() and create_function() in PHP

eval php php-extension security

Last synced: 10 Apr 2025

https://github.com/moolen/secco

:shield: auto-generate seccomp profiles for Kubernetes

ebpf kubernetes seccomp security

Last synced: 04 Feb 2026

https://github.com/mahaloz/mahaloz.re

My hacking blog: https://mahaloz.re

decompilers security vuln-analysis

Last synced: 08 Feb 2026

https://github.com/geeklearningio/bouncer

Highly Configurable Authorization Model

acl aspnet-core authorization dotnet dotnet-core security

Last synced: 28 Apr 2025

https://github.com/cisagov/cool-sharedservices-cdm

Terraform code to create a site-to-site VPN tunnel between the COOL and the CISA CDM (Continuous Diagnostics and Mitigation) environment, as well as some related resources to feed COOL logging data to CDM.

cdm cisa security

Last synced: 14 Oct 2025

https://github.com/mablanco/docker-loki

Docker image for Loki, a Simple IOC Scanner

docker malware-detection security

Last synced: 02 Jun 2026

https://github.com/nwestfall/netsparkerscanrunner

Quickly and easily a Netsparker Scan using your Netsparker Cloud Account

netsparker node scan security

Last synced: 14 Apr 2025

https://github.com/mablanco/docker-fgds

Docker image for Fast Google Dorks Scan (FGDS), a script to enumerate web-sites using Google dorks

docker osint pentesting security

Last synced: 02 Jun 2026

https://github.com/standardnotes/brakeman-action

Runs Brakeman against a repository's source code to find security vulnerabilities, using GitHub actions.

brakeman rails review ruby security static-code-analysis

Last synced: 25 Aug 2025

https://github.com/root-tanishq/pscrap

multi processed parameter scrapper

bugbounty hacking pentesting python scrapping security web

Last synced: 14 Apr 2025

https://github.com/appsechq/skill-scanner-test

Skill Scanner - An automated security scanning pipeline for AI agent SKILL.md and Agent plugins in popular public skills directories.

appsec security security-tools skills

Last synced: 04 Jun 2026

https://github.com/bootique/bootique-shiro

Provides Apache Shiro integration with Bootique.

bootique java security shiro

Last synced: 19 Oct 2025

https://github.com/invariant-systems-ai/aiir

AI Integrity Receipts โ€” generate, verify, and attest cryptographic receipts for commits with declared AI involvement. Release verification with SLSA-compatible VSA. Zero dependencies. Apache 2.0.

ai attestation audit compliance copilot cryptography eu-ai-act git github-actions in-toto mcp receipts security slsa supply-chain-security verification

Last synced: 17 Apr 2026

https://github.com/pandarudra/ecrypto

Secure folder encryption with modern cryptography (XChaCha20-Poly1305 + Argon2id)

cli clitool decryption ecrypto encryption go golang security

Last synced: 21 Jan 2026

https://github.com/amkisko/grape_rails_logger.rb

Unified, Rails-compatible JSON request logging for Grape APIs with ActiveRecord timing, parameter filtering, and structured context.

activerecord grape logging monitoring rails security structured-logging

Last synced: 15 Apr 2026

https://github.com/danvixent/cryptany

A simple tool for encrypting/decrypting any sequence of bytes using a key

encryption golang security

Last synced: 08 Feb 2026

https://github.com/0xjjpa/deniable-website

๐Ÿ‘€ deniable.website / An usage example of Web Cryptography API

cryptography security web

Last synced: 23 Feb 2026

https://github.com/victorfleite/wwalerts-backend

Open source spatial and geographic platform to create and show the last severe alerts based on CAP (Common Alert Protocol). Front-end (Twitter Bootstrap, Javascript, JQuery) and Back-end (Php, Yii2, Postgres, Postgis, Restful, Api, Json). This platform have been created to help the meteorologic agencies to predict severe events and create CAP.

alert alerts geographic insert json-api oop php postgresql prediction security spatial wheather wheather-app wmo yii2

Last synced: 13 Apr 2026

https://github.com/stormsinbrewing/savvy-devsecops

GitHub native DevSecOps CI/CD best practices include automated security testing, code analysis, and policy enforcement using GitHub Actions, coupled with secure IaC and container security measures. This entails managing secrets, enforcing access control, and implementing incident response and monitoring, all while fostering continuous learning.

aws build codeql dependab devops devsecops docker github github-actions kubernetes nodejs renovate sast security

Last synced: 01 Jun 2026

https://github.com/containerscrew/nflux

Simple network monitoring tool. Powered by eBPF & Rust ๐Ÿ

aya bpf ebpf kernel linux linux-tools networking observability packet-capture rust security sniffing tracing traffic-control

Last synced: 24 Oct 2025

https://github.com/discourse/ruby-landlock

Landlock bindings for Ruby

landlock linux sandbox security

Last synced: 25 Jun 2026

https://github.com/mjmccans/docker-socket-proxy

Docker socket proxy using Nginx for security.

docker docker-compose proxy security

Last synced: 23 May 2026

https://github.com/j4n-e4t/deletr

Delete your online accounts with one click!

account-management hacktoberfest help-wanted privacy security

Last synced: 17 Jul 2025

https://github.com/rootsami/ratkiez

A CLI tool to rat on all AWS keys with creation date, last used date, and attached policies.

aws awscli keys scan security

Last synced: 01 Aug 2025

https://github.com/dalibo/selinux-pgsql-pgdg

SELinux policy module for PGDG rpms

postgresql security security-hardening selinux-policy

Last synced: 13 Apr 2025

https://github.com/codingchili/sidechannel-timing-tool

Small tool for measuring system latency during string comparison.

network proof-of-concept security side-channel

Last synced: 06 Apr 2025

https://github.com/jkawamoto/ambassadors

Yet another Ambassador pattern over SSH

ambassador connection docker secure security

Last synced: 15 Apr 2025

https://github.com/paulveillard/cybersecurity-data-privacy

A collection of awesome software, libraries, documents, books, resources and cool stuff about Data Privacy in cybersecurity

big-data data dataprivacy fedramp gdpr pci security security-audit security-tools

Last synced: 06 Jan 2026

https://github.com/gqzdev/spring-boot-start

๐Ÿ€๐Ÿ€๐Ÿ€้€ๆญฅๅ…ฅ้—จSpring Boot็š„ไฝฟ็”จ๏ผŒ๐Ÿ˜Š้›†ๆˆๅ„็งๅบ”็”จๆจกๅ—็ป„ไปถ

activemq docker dubbo elasticsearch mybatis mybatis-plus rabbitmq redis schedule security spring-boot websocket zookeeper

Last synced: 08 May 2025

https://github.com/gunjan5/shift-left-security

Shift Left โฌ…๏ธ (Preventive) Security ๐Ÿ” for Containers/Kubernetes ๐Ÿ“ฆ

ci ci-cd cloud containers devops kubernetes security security-tools

Last synced: 17 Aug 2025

https://github.com/reasonsoftware/security-group-manager

:closed_lock_with_key: AWS Security Group Management Lambda :closed_lock_with_key:

aws devops firewall lambda security whitelist

Last synced: 08 May 2025

https://github.com/llllllxy/tiny-security

ไธ€ไธชๅŸบไบŽtoken้ชŒ่ฏ็š„Java Webๆƒ้™ๆŽงๅˆถๆก†ๆžถ๏ผŒๆ”ฏๆŒredisใ€jdbcๅ’Œๅ•ๆœบsessionๅคš็งๅญ˜ๅ‚จๆ–นๅผ๏ผŒๅ‰ๅŽ็ซฏๅˆ†็ฆป้กน็›ฎใ€ไธๅˆ†็ฆป้กน็›ฎๅ‡ๅฏไฝฟ็”จ๏ผŒๅŠŸ่ƒฝๅฎŒๅ–„ใ€ไฝฟ็”จ็ฎ€ๅ•ใ€ๆ–‡ๆกฃๆธ…ๆ™ฐ๏ผŒๆ˜“ไบŽๆ‰ฉๅฑ•ใ€‚

authorization java security session-management springboot token

Last synced: 21 Jul 2025

https://github.com/eaceto/flutter_local_authentication

A flutter plugin that allows access to Local Authentication / Biometrics on iOS, macOS, Linux and Android (Windows Hello is a work in progress).

android biometric biometric-authentication biometric-identification dart fingerprint flutter ios local-authentication macos password plugin security

Last synced: 22 Aug 2025

https://github.com/jaayperez/keysoft

Crypto Js secure, dynamic password creator application that uses cryptographic algorithms with Node.js, Express 4, and Heroku cloud deployment.

crypto cryptographic-algorithms expressjs generator heroku nodejs password password-generator random-password security tool tools

Last synced: 23 Mar 2025

https://github.com/jojiiofficial/scanbanserver

The server for the triplink-system to collect hackers and webscanner across the internet

blocking database filter ipsec security security-automation triplink

Last synced: 04 Mar 2025

https://github.com/644/avg-audit

Arch Linux Audit Tool - checks for vulnerable packages installed against security.archlinux.org

advisory arch-linux archlinux audit cve security

Last synced: 10 Mar 2025

https://github.com/perpetualintelligence/shared

The shared components for cross-platform frameworks, and developer tools.

licensing oneimlx oneterminal pi-cli saas security

Last synced: 16 Jan 2026

https://github.com/jenkinsci/openshift-login-plugin

A plugin for integrating OpenShift OAuth into Jenkins

oauth openshift security

Last synced: 30 Sep 2025

https://github.com/Popsiclestick/falco-filebeat-daemonset

Easily deployable daemonset which moves logs from falco with filebeat.

containers daemonset falco filebeat kubernetes security

Last synced: 12 May 2025

https://github.com/ryankurte/fwsig

packaging, signing, and verification for embedded firmware

embedded firmware security signing

Last synced: 04 Mar 2025

https://github.com/guardicode/centra-py-client

A Python client for Guardicore Centra API access.

firewall python security segmentation

Last synced: 16 Jan 2026

https://github.com/airlock/microgateway-running-example

Running example of Airlock Microgateway, a Kubernetes-native WAAP (Web Application and API Protection) solution

airock devops ergon gateway-api k8s kubernetes microgateway oidc openapi security waap waf

Last synced: 22 Apr 2025

https://github.com/damienbod/wpfazureadsharepointonlinegraphapi

WPF Azure AD signin with Sharepoint Online API call using Graph API

azure azuread graph graph-api identity msal security sharepoint sharepoint-online wpf

Last synced: 03 Aug 2025

https://github.com/checkmarx/ast-eclipse-plugin

The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.

checkmarx checkmarx-ast eclipse-plugin security

Last synced: 08 Apr 2026

https://github.com/fsmaxb/correcthorsebatterystaple

Create easy to remember passwords from a list of words. See XKCD 936.

correcthorsebatterystaple html javascript password-generator security

Last synced: 11 Apr 2025

https://github.com/yantavares/segcomp

Repositรณrio para abrigar os cรณdigos da disciplina de Seguranรงa Computacional (SEGCOMP) da UnB.

cryptography cybersecurity security

Last synced: 11 Mar 2026

https://github.com/jenkinsci/42crunch-security-audit-plugin

Jenkins plugin 42Crunch API Contract Security Audit

analysis security test

Last synced: 22 Apr 2025

https://github.com/LeKlex/Attack-simulation-infrastructure

A small and simple network infrastructure with automated attacks on a VM server documented by tshark

bruteforce forensic hacking network nmap nmap-scripts port-scanner reverse-shell security shell-script sql-injection telnet tshark ubuntu vagrant virtualbox

Last synced: 12 Jul 2025

https://github.com/hahwul/buildpack-zap-daemon

zap(zed attack proxy) daemon mode buildpack of heroku

bugbounty hacking heroku-buildpack security zap

Last synced: 19 Apr 2025

https://github.com/atao/shodan2db

๐Ÿ”Œ Shodan export to SQLite database and generate an HTML report.

analysis converter cve export osint python-class python3 report reporting security shodan shodan-python sqlite vulnerability

Last synced: 10 Jun 2025

https://github.com/fadhilthomas/zap-reporter

run summary report of owasp zap findings

dast golang security

Last synced: 10 Mar 2026

https://github.com/federicoceratto/nim-libu2f

FIDO U2F server-side and client-side library for Nim

authentication fido nim nim-lang security u2f

Last synced: 03 Oct 2025

https://github.com/alisaduncan/angular-owasp-secure-coding

Code for Pluralsight course "Secure Coding with OWASP in Angular"

angular security

Last synced: 30 Oct 2025

https://github.com/johnshajiang/pyssldemo

Simple demonstrations on Python ssl module

certificate python security ssl tls

Last synced: 02 Jul 2025

https://github.com/kyra-1/otw-banditgames

You can try the games provided here at the given link

basics cyber-security cybersecurity linux security securitybasics shell-scripting

Last synced: 16 Apr 2025

https://github.com/cryxnet/crawnet

CRAWNET is a graph-based domain discovery tool by CRYXNET that helps you gather information about domains and potential relationships with other actors.

cybersecurity data-mining docker flask fullstack graph information-gathering neo4j nextjs osint python red-teaming security

Last synced: 10 Apr 2026

https://github.com/kpcyrd/d3xs

Physical access control (Rust firmware)

embedded-rust iot rust security

Last synced: 14 Apr 2025

https://github.com/nodesource/certified

NodeSource Certified Modules How To

example guide how-to modules nodejs nodesource npm security

Last synced: 11 May 2025

https://github.com/jasondrawdy/krypta

An advanced cryptography suite packaged with a file manager, password manager, and a swiss army knife of crypto tools.

application cryptography data encryption filemanager generators hashing notepad password-manager security software windows

Last synced: 08 Jan 2026

https://github.com/doucol/clyde

Project Calico Observability Tools

calico k8s kubernetes networking observability projectcalico security tigera

Last synced: 02 Feb 2026

https://github.com/jakejarvis/careful-downloader

๐Ÿ•ต๏ธโ€โ™€๏ธ Downloads a file and its checksums, validates the hash, and optionally extracts it if safe.

checksum download extract file hash javascript npm security

Last synced: 03 Jul 2025

https://github.com/opcod3r/godan

Shodan tool subdomains with rotation keys.. ๐ŸŽฉ

bugbounty bugbounty-tool golang pentest recon security shodan subdomains

Last synced: 18 Jun 2025

https://github.com/adjh54ir/blog-codes

Contributor9 ํ‹ฐ์Šคํ† ๋ฆฌ ๋ธ”๋กœ๊ทธ ๋‚ด์—์„œ ํ™œ์šฉํ•œ ๋‚ด์šฉ๋“ค์„ ๋‹ด์€ ๋ ˆํฌ์ง€ํ† ๋ฆฌ์ž…๋‹ˆ๋‹ค.

chatgpt-api fcm-messaging java jpa-hibernate junit5 mockito mockmvc querydsl-jpa rabbitmq-consumer rabbitmq-producer security spring-boot spring-boot-quartz

Last synced: 16 May 2025

https://github.com/sysdiglabs/dockerfile-benchmarker

CIS Docker Benchmark for dockerfiles

cis docker dockerfile image security

Last synced: 09 Aug 2025