security-code-scan

security-code-scan

Vulnerability Patterns Detector for C# and VB.NET

C#920lgpl-3.0

12 days ago

analysisanalyzercode

osx-security-awesome

A collection of OSX and iOS security resources

711apache-2.0

4 months ago

awesomeawesome-listhacking-mac

Vigilante

Vigilante

🛡️ Android security (camera/microphone dots indicators) app using Hilt, Animati

Kotlin767gpl-3.0

7 months ago

androidandroidanimationandroidviewmodel

awesome-cyber-security-university

awesome-cyber-security-university

🎓 Because Education should be free. Contributions welcome! 🕵️

1323cc0-1.0

2 months ago

awesomeawesome-listcourses

android-security-awesome

A collection of android security related resources

Shell7755apache-2.0

2 months ago

androidawesomeawesome-list

security-acronyms

Curated list of Cyber Security acronyms & abbreviations

HTML17

2 months ago

awesome-llm-security

awesome-llm-security

A curation of awesome tools, documents and projects about LLM Security.

387

5 months ago

awesomeawesome-listllm

awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

4994

2 months ago

awesome-listbest-practicesblue-team

Android-Security-Reference

A W.I.P Android Security Ref

888

13 days ago

androidsecurity

awesome-bluetooth-security

List of Bluetooth BR/EDR/LE security resources

453

5 months ago

awesomeawesome-listble

awesome-embedded-and-iot-security

A curated list of awesome embedded and IoT security resources.

1555cc0-1.0

7 months ago

awesomeawesome-listembedded

tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin

Java8137apache-2.0

yesterday

awesome-industrial-control-system-security

A curated list of resources related to Industrial Control System (ICS) security.

Python1516apache-2.0

7 months ago

awesomeawesome-listhacktoberfest

security-apis

security-apis

A collective list of public APIs for use in security. Contributions welcome

845mit

11 months ago

awesome-listjsonjson-api

awesome-vehicle-security

🚗 A curated list of resources for learning about vehicle security and car hack

2825cc0-1.0

4 months ago

automotiveawesomeawesome-list

aspnetcore-security-headers

Middleware for adding security headers to an ASP.NET Core application.

C#247mit

6 months ago

personal-security-checklist

personal-security-checklist

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy

TypeScript15882other

3 days ago

awesomeawesome-listcensorship

simple-security-toolkit

A collection of practical security-focused guides and checklists for smart contr

988mit

6 months ago

cryptosecuritysecurity-tools

awesome-security

A collection of awesome software, libraries, documents, books, resources and coo

11385mit

3 months ago

awesome-listsecurity

API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing

21736mit

5 months ago

apijwtoauth2

ada-security

Ada Security - OAuth 2.0 client and server framework to secure web applications

Ada20apache-2.0

7 months ago

adaauthenticationjwt

awesome-security-newsletters

Periodic cyber security newsletters that capture the latest news, summaries of c

789gpl-2.0

3 months ago

cybersecuritynewsletter

ibm-security

A Carbon-powered React component library built by IBM Security

JavaScript74apache-2.0

10 months ago

carbon-design-systemibm-securityjavascript

rust-security-framework

Bindings to the macOS Security.framework

Rust210apache-2.0

5 months ago

keychainmacosrust

awesome-web-security

🐶 A curated list of Web Security materials and resources.

10715

3 months ago

awesomeawesome-listlist

Mobile-Security-Framework-MobSF

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application

JavaScript16431gpl-3.0

4 days ago

android-securityapi-testingapk

owasp-mastg

owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual

Python11327cc-by-sa-4.0

3 days ago

androidandroid-applicationcompliancy-checklist

zarn

A lightweight static security analysis tool for modern Perl Apps

Perl37other

2 months ago

sastsecuritystatic-analysis

terraform-aws-security-group

Terraform module to create AWS Security Group resources 🇺🇦

HCL543other

2 months ago

awsaws-security-groupaws-vpc

RMS-Runtime-Mobile-Security

RMS-Runtime-Mobile-Security

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you

JavaScript2493gpl-3.0

27 days ago

android-securityfridaios-security

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do

Python9665apache-2.0

2 days ago

awsazurecis-benchmark

macOS-Security-and-Privacy-Guide

macOS-Security-and-Privacy-Guide

Guide to securing and improving privacy on macOS

Python20933mit

5 days ago

appledisk-encryptiondnscrypt-proxy

docker-bench-security

docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-

Shell8752apache-2.0

3 months ago

cicd-goat

cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip

Python1825apache-2.0

15 days ago

appseccicdctf

harden-runner

harden-runner

Network egress filtering and runtime security for GitHub-hosted and self-hosted

TypeScript531apache-2.0

4 days ago

actionsegress-filteringgithub-actions

bearer

Code security scanning tool (SAST) to discover, filter and prioritize security a

Go1775other

5 days ago

appseccode-qualitycompliance

SecLists

SecLists is the security tester's companion. It's a collection of multiple types

PHP51177mit

4 months ago

fastapi-security

Implements authentication and authorization as FastAPI dependencies

Python124mit

10 months ago

ssh-audit

ssh-audit

SSH server & client security auditing (banner, key exchange, encryption, mac, co

Python3156mit

12 days ago

auditingsecurityssh

reg

reg

Docker registry v2 command line client and repo listing generator with security

Go1624mit

8 months ago

clicontainersdocker

ScoutSuite

ScoutSuite

Multi-Cloud Security Auditing Tool

Python6229gpl-2.0

4 days ago

auditingawsazure

gosec

gosec

Go security checker

Go7499apache-2.0

8 days ago

golangsecuritysecurity-automation

vast

vast

Easy data pipelines for security teams.

C++500bsd-3-clause

11 months ago

actor-modelbitmap-indexdataops

wpscan

wpscan

WPScan WordPress security scanner. Written for security professionals and blog m

Ruby8273other

12 days ago

hacking-toolscanscanner

nebula

nebula

Description Nebula is a scalable overlay networking tool with a focus on perf

Go13819mit

8 days ago

intelmq

intelmq

IntelMQ is a solution for IT security teams for collecting and processing securi

Python939agpl-3.0

12 days ago

alertsautomationcert

codeql

codeql

CodeQL: the libraries and queries that power security researchers around the wor

CodeQL6916mit

2 months ago

codeqlgithub-advanced-securitygithub-security-lab

NetEscapades.AspNetCore.SecurityHeaders

Small package to allow adding security headers to ASP.NET Core websites

C#567mit

8 months ago

hacktoberfest

cloudsploit

cloudsploit

Cloud Security Posture Management (CSPM)

JavaScript3000gpl-3.0

5 months ago

alibabaaquaaws

repo-supervisor

repo-supervisor

Scan your code for security misconfiguration, search for passwords and secrets.

JavaScript633mit

11 months ago

blueteamredteamsecret-management

VaporSecurityHeaders

VaporSecurityHeaders

Harden Your Security Headers For Vapor

Swift142mit

last year

brokenhandssecurityserver-side-swift

joy

A package for capturing and analyzing network flow data and intraflow data, for

C1281other

2 months ago

mythril

mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethe

Python3733mit

24 days ago

blockchainethereumprogram-analysis

caringcaribounext

A fork of a friendly car security exploration tool for the CAN bus

Python5gpl-3.0

2 months ago

ebpfguard

ebpfguard

Rust library for writing Linux security policies using eBPF

Rust270apache-2.0

4 months ago

ThreatMapper

ThreatMapper

Open source cloud native security observability platform. Linux, K8s, AWS Fargat

TypeScript4630apache-2.0

last month

cloud-nativecloudsecuritycnapp

progpilot

A static analysis tool for security

PHP306mit

10 months ago

phpsecurity-toolsstatic-code-analysis

LogESP

Open Source SIEM (Security Information and Event Management system).

Python186mit

9 months ago

asset-managementforensicslog

Raccoon

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability

Python3008mit

last month

enumerationfuzzinghacking

fleet

fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS,

Go2021other

2 months ago

device-managementemployee-experienceendpoint-ops

Astra

Astra

Automated Security Testing For REST API's

Python2434apache-2.0

9 days ago

ci-cdowasppenetration-testing

File-Manager

File-Manager

Easy app for managing your files without ads, respecting your privacy & security

Kotlin413gpl-3.0

2 days ago

androidfile-managerfoss

octopus

octopus

Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contra

Python478mit

6 months ago

blockchaincall-flow-analysiscontrol-flow-analysis

gatsby

The best React-based framework with performance, scalability and security built

JavaScript54851mit

5 months ago

blogcompilergatsby

secure_headers

Manages application of security headers with many safe defaults

Ruby3122mit

9 months ago

content-security-policycookiecsp

uuid

Go package for UUIDs based on RFC 4122 and DCE 1.1: Authentication and Security

Go4912bsd-3-clause

3 months ago

gouuid

shield

Comprehensive security for Lucky framework

Crystal52mit

6 months ago

authenticationcrystallucky-framework

GraphCrawler

GraphCrawler

GraphQL automated security testing toolkit

Python285mit

3 months ago

apiapi-hackingautomated-testing

AWSBucketDump

Security Tool to Look For Interesting Files in S3 Buckets

Python1306mit

12 months ago

bugbountyenumerationpenetration-testing

starbase

starbase

Graph-based security analysis for everyone

TypeScript326mpl-2.0

5 months ago

analysisawsazure

qark

Tool to look for several security related Android application vulnerabilities

Python3143other

4 months ago

binskim

A binary static analysis tool that provides security and correctness results for

C#731other

3 months ago

infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the c

C#722mit

4 months ago

fastapi_simple_security

fastapi_simple_security

Drop-in API-key based security for FastAPI

Python291mit

5 months ago

sobelow

Security-focused static analysis for the Phoenix Framework

Elixir1478apache-2.0

11 months ago

elixirphoenix-frameworksecurity

ntopng

ntopng

Web-based Traffic and Security Network Traffic Monitoring

Lua5923gpl-3.0

17 days ago

dockerebpfipfix

pest

pest

:beetle: Primitive Erlang Security Tool

Erlang100mit

5 months ago

elixirelixir-securityerlang

allstar

allstar

GitHub App to set and enforce security policies

Go1199apache-2.0

12 days ago

awesome-appsec

awesome-appsec

A curated list of resources for learning about application security

PHP6126mit

8 months ago

application-securitycuratedowasp

PatrowlManager

PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Plat

HTML590agpl-3.0

7 months ago

apiautomationincident-response

vokuro

vokuro

Sample application for Phalcon Framework (Acl, Auth, Security)

PHP370bsd-3-clause

10 months ago

acldemophalcon

brakeman

brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Ruby6747other

8 months ago

brakemanrailsruby

calico

Cloud native networking and network security

Go5216apache-2.0

5 months ago

iniscan

A php.ini scanner for best security practices

PHP1469mit

12 months ago

configurationiniphp

killerbee

killerbee

IEEE 802.15.4/ZigBee Security Research Toolkit

C735other

8 months ago

SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list,

2632mit

2 months ago

composerinfosecphp

rudder-server

rudder-server

Privacy and Security focused Segment-alternative, in Golang and React

Go3940other

17 days ago

bigquerycustomer-datacustomer-data-lake

cotopaxi

Set of tools for security testing of Internet of Things devices using specific n

Python343gpl-2.0

2 months ago

magevulndb

magevulndb

List of Magento extensions with known security issues.

PHP192

4 months ago

extensionsmagentovulnerability

Simple-File-Manager

Simple-File-Manager

Easy app for managing your files without ads, respecting your privacy & security

Kotlin1461gpl-3.0

3 days ago

androidandroid-developmentfile-manager

LSMS

Linux Security and Monitoring Scripts

Python314mit

9 months ago

terrascan

terrascan

Detect compliance and security violations across Infrastructure as Code to mitig

Go4534apache-2.0

6 days ago

architectureawsaws-security

cli

terraform-compliance/cli

a lightweight, security focused, BDD test framework against terraform.

Python1307mit

7 months ago

bddbdd-stylecompliance

dawnscanner

Dawn is a static analysis security scanner for ruby written web applications. It

Ruby731mit

3 months ago

codereviewcybersecurityhanami

solcurity

Opinionated security and code quality standard for Solidity smart contracts.

1943

11 months ago

secure

HTTP middleware for Go that facilitates some quick security wins.

Go2198mit

5 months ago

gogolangmiddleware

SecureDefaults

SecureDefaults

Elevate the security of your UserDefaults with this lightweight wrapper that ad

Swift225mit

16 days ago

aesaes-256aes-encryption

SOC-Multitool

SOC-Multitool

A powerful and user-friendly browser extension that streamlines investigations f

JavaScript310mit

9 months ago

browser-extensionchrome-extensioncybersecurity

haaukins

haaukins

A Highly Accessible and Automated Virtualization Platform for Security Education

Go178apache-2.0

6 days ago

clictfdcybersecurity

tracee

Linux Runtime Security and Forensics using eBPF

Go3115apache-2.0

3 months ago

bpfdockerebpf

tetragon

tetragon

eBPF-based Security Observability and Runtime Enforcement

Go3199apache-2.0

2 months ago

bpfebpfkernel

nsjail

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rl

C++2716apache-2.0

3 months ago

chrootlinuxlinux-namespaces

caringcaribou

A friendly car security exploration tool for the CAN bus

Python676gpl-3.0

20 days ago

can-busecufuzzing

electronegativity

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patt

JavaScript929apache-2.0

11 months ago

electronelectron-appnodejs

lockfile-lint

lockfile-lint

Lint an npm or yarn lockfile to analyze and detect security issues

JavaScript744apache-2.0

9 months ago

hacktoberfestlintlinter

diffy

diffy

:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric securit

Python635apache-2.0

4 months ago

dfirforensicssecurity

play-pac4j

play-pac4j

Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenI

Java398apache-2.0

8 months ago

authenticationauthorizationcas

vertx-pac4j

vertx-pac4j

Security library for Vert.x: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

Java122apache-2.0

5 months ago

authenticationauthorizationcas

graphql-armor

graphql-armor

🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / En

TypeScript462mit

17 days ago

apolloapollo-servercybersecurity

tutanota

tutanota

Description Tuta (formerly Tutanota), the fully secure encrypted email and ca

TypeScript5778gpl-3.0

18 hours ago

emailencryptionjavascript

tfsec

tfsec

Security scanner for your Terraform code

Go6584mit

15 days ago

awsazureci

2FAuth

2FAuth

A Web app to manage your Two-Factor Authentication (2FA) accounts and generate t

PHP1625agpl-3.0

23 days ago

2fa2factorhotp

kubectl-kubesec

kubectl-kubesec

Security risk analysis for Kubernetes resources

Go501apache-2.0

5 months ago

acra

acra

Database security suite. Database proxy with field-level encryption, search thro

Go1271apache-2.0

5 months ago

cryptocryptographydatabase-proxy

fwanalyzer

fwanalyzer

a tool to analyze filesystem images for security

Go481apache-2.0

7 months ago

androidembedded-linuxfilesystem

falco

falco

Cloud Native Runtime Security

C++6578apache-2.0

5 months ago

cloud-nativecncfcncf-project

InviZible

InviZible

Android application for online privacy and security

Java1303gpl-3.0

3 days ago

advertisingandroidandroid-application

mimikatz

A little tool to play with Windows security

C18797

9 days ago

honggfuzz

honggfuzz

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzin

C2986apache-2.0

2 months ago

cfuzzingsecurity

hblock

hblock

Improve your security and privacy by blocking ads, tracking and malware domains.

Shell1477mit

13 days ago

ad-blockeradblockadblocker

cyberowl

A daily updated summary of the most frequent types of security advisories curren

Python240mit

3 months ago

cisacvesecurity

safenotes

safenotes

Safe Notes is a security project aimed at providing an encrypted, private note m

Dart208gpl-3.0

2 days ago

androidanonymitydart

matano

matano

Open source security data lake for threat hunting, detection & response, and cyb

Rust1365apache-2.0

3 months ago

alertingapache-icebergaws

android-money-manager-ex

android-money-manager-ex

Manage your finances on-the-go, encrypted for security, sync via your own cloud

Java443gpl-3.0

6 days ago

androidcipherencryption

fibratus

fibratus

A modern tool for Windows kernel exploration and tracing with a focus on securit

Go2088other

5 days ago

edrgolanginstrumentation

PayloadsAllTheThings

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CT

Python57223mit

17 days ago

bountybugbountybypass

drozer

drozer

The Leading Security Assessment Framework for Android.

Python3648other

14 days ago

androiddrozerjava

cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined use

Rust1018apache-2.0

4 months ago

apiapi-securitybest-practices

scorecard

scorecard

OpenSSF Scorecard - Security health metrics for Open Source

Go4180apache-2.0

18 hours ago

openssf-scorecardscorecard

PortAuthority

PortAuthority

A handy systems and security-focused tool, Port Authority is a very fast Android

Java334gpl-3.0

9 months ago

androiddns-lookupjava

rails-template

Application template for Rails 7 projects; preloaded with best practices for TDD

Ruby216other

3 months ago

ackamarailsrails-template

cilium

cilium

eBPF-based Networking, Security, and Observability

Go17866apache-2.0

3 months ago

bpfcncfcni

hubble

Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Go3174apache-2.0

3 months ago

ciliumebpfkubernetes

Awesome-SOAR

Awesome-SOAR

A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome

739

2 months ago

awesome-fuzzing

A curated list of awesome Fuzzing(or Fuzz Testing) for software security

766

6 months ago

awesomeawesome-listcpuu

graphql-cop

graphql-cop

Security Auditor Utility for GraphQL APIs

Python284mit

8 months ago

auditingblue-teamgraphql

Flask-AppBuilder

Flask-AppBuilder

Simple and rapid application development framework, built on top of Flask. inclu

Python4511bsd-3-clause

last month

authenticationcrudflask

emba

emba

EMBA - The firmware security analyzer

Shell2447gpl-3.0

3 days ago

artificial-intelligencebinary-analysisembedded-linux

find-sec-bugs

find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android app

Java2210lgpl-3.0

21 days ago

bytecodecode-analysiscwe

flask-talisman

HTTP security headers for Flask

Python904apache-2.0

11 months ago

OpenSK

OpenSK

OpenSK is an open-source implementation for security keys written in Rust that s

Rust2797apache-2.0

5 months ago

ctap2embeddedfido2

gotham

gotham

A flexible web framework that promotes stability, safety, security and speed.

Rust2216other

3 months ago

asyncgothamlearning-gotham

SXA.SecurityHeaders

Sitecore SXA Security Headers Module

C#8mit

12 months ago

Awesome-Hacking

A collection of various awesome lists for hackers, pentesters and security resea

76294cc0-1.0

2 months ago

androidawesomebug-bounty

fastapi-permissions

row level security for FastAPI framework

Python446other

7 months ago

machinae

machinae

Machinae Security Intelligence Collector

Python496mit

6 days ago

awesome-canbus

:articulated_lorry: Awesome CAN bus tools, hardware and resources for Cyber Secu

1822cc0-1.0

2 months ago

automotiveautomotive-securityawesome

awesome-web-hacking

A list of web application security

5461mit

2 months ago

appsechackinghacking-tools

strong-node

strong-node

:heavy_check_mark: More than 100 security checks for your Node.js API

JavaScript497

29 days ago

is-website-vulnerable

is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript

JavaScript1911apache-2.0

9 months ago

hacktoberfestlighthousenodejs

secrets.clj

secrets.clj

A library designed to generate cryptographically strong random numbers suitable

Clojure87mit

9 months ago

authenticationchoicesclj

DevSkim

DevSkim is a set of IDE plugins, language analyzers, and rules that provide secu

C#886mit

11 days ago

lintersdlsecurity

zuul

zuul

Zuul is a gateway service that provides dynamic routing, monitoring, resiliency,

Java13037apache-2.0

5 months ago

openappsec

openappsec

open-appsec is a machine learning security engine that preemptively and automati

C++685apache-2.0

30 days ago

api-securityapplication-securityappsec

NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 sec

HTML1831apache-2.0

3 months ago

dockerherokujavascript

pac4j

pac4j

Security engine for Java (authentication, authorization, multi frameworks): OAut

Java2369apache-2.0

2 months ago

authenticationauthorizationcas

pareto-mac

pareto-mac

Automatically audit your Mac for basic security hygiene.

Swift302gpl-3.0

2 months ago

endpoint-securitymacossecurity

panel

panel

Pterodactyl® is a free, open-source game server management panel built with PHP,

PHP6062other

17 days ago

dockerfreegames

action-tfsec

action-tfsec

Run tfsec with reviewdog on pull requests to enforce security best practices

Shell68mit

5 days ago

reviewdogterrafromtfsec

secure-electron-template

secure-electron-template

The best way to build Electron apps with security in mind.

JavaScript1581mit

6 months ago

boilerplateelectroni18next

cloudgoat

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python2775bsd-3-clause

5 days ago

Infosec_Reference

Infosec_Reference

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/adm

CSS5378mit

9 days ago

blueteamforensicshacking

advisory-db

advisory-db

Security advisory database for Rust crates published through crates.io

815other

3 months ago

rustsecuritysecurity-advisories

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive s

PowerShell8394other

26 days ago

activedirectoryhackinginfosec

sast-scan

Scan is a free & Open Source DevSecOps tool for performing static analysis based

Python760apache-2.0

9 months ago

appsecdependency-scandevsecops

tenzir

tenzir

Open source security data pipelines.

C++616bsd-3-clause

4 days ago

dataopsincident-responseinvestigation

VeraCrypt

Disk encryption with strong security based on TrueCrypt

C5854other

3 months ago

encryptionencryption-algorithmsencryption-decryption

ctf-tools

Some setup scripts for security research tools.

Shell8190bsd-3-clause

6 months ago

awesome-privacy

awesome-privacy

Description Strongbox is an application for keeping all your passwords safely

Astro6078cc0-1.0

4 days ago

awesomeawesome-listhacktoberfest

videocall-rs

videocall-rs

teleconference system written in rust

Rust1306mit

5 months ago

actix-webrustrust-lang

tpotce

tpotce

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

C5956gpl-3.0

9 days ago

deceptiondockerelk

building-secure-contracts

Guidelines and training material to write secure smart contracts

Solidity2093agpl-3.0

7 days ago

cloud-custodian

cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml

Python5070apache-2.0

5 months ago

awsazurecloud

cloud-concierge

cloud-concierge

Codify resources outside of Terraform control, detect drift, estimate cloud cost

Go151apache-2.0

7 months ago

awsazurermcontainers

nix-bitcoin

nix-bitcoin

A collection of Nix packages and NixOS modules for easily installing full-featur

Nix409mit

5 months ago

bitcoinbitcoindnix

Shuffle

Shuffle

Shuffle: A general purpose security automation platform. Our focus is on collabo

Shell1277agpl-3.0

4 days ago

agplv3automationcybersecurity

weggli

weggli

weggli is a fast and robust semantic search tool for C and C++ codebases. It is

Rust2237apache-2.0

3 months ago

KryptEY

KryptEY

Android keyboard for secure E2EE communication through the signal protocol in an

Java595gpl-3.0

30 days ago

androidandroid-keyboardchat-control

secure-headers

PHP Secure Headers

PHP484mit

2 months ago

clear-site-datacontent-security-policycsp

How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.

16728cc-by-sa-4.0

last month

cc-by-sahardeninghardening-steps

rn-secure-storage

Secure Storage for React Native (Android & iOS)

Java186mit

2 months ago

substation

substation

Substation is a toolkit for routing, normalizing, and enriching security event a

Go288mit

2 days ago

awsdata-engineeringdata-processing

kics

kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigur

Open Policy Agent1791apache-2.0

5 months ago

appseccloudnativedevsecops

lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists

Shell12541gpl-3.0

18 days ago

auditingcompliancedevops

crowdsec

crowdsec

CrowdSec - the open-source and participative security solution offering crowdsou

Go7886mit

4 days ago

attacks-preventiondetectionlinux

regula

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s m

Open Policy Agent909apache-2.0

5 months ago

OwaspHeaders.Core

OwaspHeaders.Core

A .NET Core middleware for injecting the Owasp recommended HTTP Headers for incr

C#255mit

6 months ago

aspnetcorehttp-headermiddleware

validiac

ValidIaC combines the best open-source tools to help ensure Infrastructure-as-Co

TypeScript217other

5 months ago

ObjectivePGP

ObjectivePGP is an open-source library for iOS and macOS that provides developer

Objective-C657other

yesterday

encryptionframeworkios

beep

BEEP Account Security Scanner - Detect if your credentials have been compromised

Objective-C155mit

10 months ago

ionicionic4vue

OpenAM

OpenAM

OpenAM is an open access management solution that includes Authentication, SSO,

Java668other

6 months ago

aaaaccessaccess-management

bandit

bandit

Bandit is a tool designed to find common security issues in Python code.

Python6043apache-2.0

12 days ago

banditlinterpython

cloudsplaining

cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations

JavaScript1840bsd-3-clause

5 months ago

awsaws-iamaws-security

sonar-java

:coffee: SonarSource Static Analyzer for Java Code Quality and Security

Java1050lgpl-3.0

6 months ago

analysisanalyzerjava

wemake-django-template

Bleeding edge django template focused on code quality and security.

Python1904mit

3 months ago

caddycookiecuttercookiecutter-template

kube-score

kube-score

Kubernetes object analysis with recommendations for improved reliability and sec

Go2596mit

13 days ago

analysisautomationcharts

Artemis

Artemis

A modular vulnerability scanner with automatic report generation capabilities.

Python441bsd-3-clause

2 days ago

artemispentestingsecurity

speed-camera

A Unix, Windows, Raspberry Pi Object Speed Camera using python, opencv, video st

Python898apache-2.0

3 months ago

matplotlib-pyplotmotion-trackingmoving

paseto-dotnet

🔑 Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .

C#81mit

10 months ago

dotnetdotnet-corenetstandard

Android-InsecureBankv2

Vulnerable Android application for developers and security enthusiasts to learn

Java1196mit

last month

Secur

A FOSS, cross-platform TOTP client written in Flutter with the aim of providing

Dart3mit

3 years ago

Free-Security-eBooks

Free Security and Hacking eBooks

4154

5 years ago

cloud-securitycyber-securityebooks

go-jwk-security

Go7

4 years ago

mana-security-app

macOS vulnerability management for individuals

JavaScript21mit

last year

cybersecurityelectronmacos

automotive-security-research

automotive-security-research

This repository contains reverse engineering results and resources for a few spe

Python83

5 years ago

automotive-securitycar-hacking

snync

Mitigate security concerns of Dependency Confusion supply chain security risks

JavaScript36other

2 years ago

DumpsterFire

DumpsterFire

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for

Python967mit

4 years ago

automationblue-teamblue-teams

timely-security-analytics

Demo code for the Timely Security Analytics and Analysis 2015 Re:Invent presenta

Scala29other

4 years ago

Security

[Archived] Middleware for security and authorization of web apps. Project moved

C#1263apache-2.0

6 years ago

aspnet-product

zen-rails-security-checklist

Checklist of security precautions for Ruby on Rails applications.

Ruby1815mit

4 years ago

checklistrailsruby

awesome-evm-security

🕶 A high-level overview of the EVM security ecosystem

151cc0-1.0

2 years ago

awesomeawesome-listblockchain

awesome-industrial-control-system-security

A curated list of resources related to Industrial Control System (ICS) security.

Python28apache-2.0

8 years ago

eslint-plugin-security

ESLint rules for Node Security

JavaScript1847apache-2.0

last year

awesome-websocket-security

Awesome information for WebSockets security research

238apache-2.0

2 years ago

securitysecurity-toolsweb-application-security

security-belt

security-belt

🥋 Framework for continuously improving the IT-Security of your teams through ga

JavaScript73apache-2.0

2 years ago

gamificationjavascriptmaturity-model

roslyn-security-guard

roslyn-security-guard

Roslyn analyzers that aim to help security audit on .NET applications.

C#208lgpl-3.0

6 years ago

code-analysisroslynroslyn-analyzer

phpcs-security-audit

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie

PHP703gpl-3.0

last year

phpphp-codesnifferphpcs

security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security moni

3056

3 years ago

dfirhuntingids

eslint-plugin-security

ESLint rules for Node Security

JavaScript1985apache-2.0

last year

Umbrella_android

Umbrella_android

Open source Android, iOS and Web app for learning about and managing digital and

Kotlin248gpl-3.0

last year

activismadvicecrypto

RSF

RSF

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardiz

86gpl-3.0

5 years ago

assessmentcybersecurityframework

sipvicious

sipvicious

SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA a

Python845other

2 years ago

audit-siphacking-toolspassword-cracker

pyt

pyt

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl

Python2161gpl-2.0

3 years ago

abstract-syntaxabstract-syntax-treecontrol-flow-graph

AspNet.Security.OpenIdConnect.Server

OpenID Connect/OAuth2 server framework for OWIN/Katana and ASP.NET Core

C#561

4 years ago

aspnetcorekatanaoauth2

appsec-education

Presentations, training modules, and other education materials from Duo Security

JavaScript67bsd-3-clause

3 years ago

appseceducationtraining-materials

Sitecore-Security-Rights-Reporting

Sitecore-Security-Rights-Reporting

View all the Access right set on Sitecore rols or users

C#7

2 years ago

sitecore

iOS-App-Security-Class

Simple class to check if app has been cracked, being debugged or enriched with c

Objective-C74mit

6 years ago

puma-scan

puma-scan

Puma Scan is a software security Visual Studio extension that provides real time

C#438mpl-2.0

2 years ago

k-rail

Kubernetes security tool for policy enforcement

Go444apache-2.0

last year

k8skuberneteskubernetes-security

H5SC

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

JavaScript2819mpl-2.0

2 years ago

safetybox

Security oriented helper functions for Elixir

Elixir20

9 years ago

stronghold

stronghold

Easily configure macOS security settings from the terminal.

Python1046mit

5 years ago

command-linecommand-line-toolhardening

AndroBugs_Framework

AndroBugs_Framework

AndroBugs Framework is an efficient Android vulnerability scanner that helps dev

Python1100gpl-3.0

5 years ago

Fuzzing101

Fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

2301apache-2.0

2 years ago

aflafl-fuzzbug-hunting

totp-ssh-fluxer

totp-ssh-fluxer

Take security by obscurity to the next level (this is a bad idea, don't really u

Go920

2 years ago

iptablesobscurityssh

atomex

🌊 Elixir RSS/ATOM feed builder with a focus on standards compliance, security a

Elixir50mit

last year

atomelixirrss

fireward

A concise and readable language for Firestore security rules, similar to Firebas

Haskell236mit

last year

firebasefirebase-firestorehaskell

jwtXploiter

A tool to test security of json web token

Python253gpl-3.0

3 years ago

ctfctf-toolsjku

domain_analyzer

domain_analyzer

Analyze the security of any domain by finding all the information possible. Made

Python1839

last year

hermetic

Security for Clack-based Common Lisp web applications.

Common Lisp40

5 years ago

buddy

Security library for Clojure

Clojure826apache-2.0

3 years ago

nogotofail

An on-path blackbox network traffic security testing tool

Python2934apache-2.0

2 years ago

aaf-easypassword

:lock: Easy Password is password management application. This application uses p

Kotlin34other

5 years ago

android-appandroid-applicationkotlin

scanner-cli

scanner-cli

A project security/vulnerability/risk scanning tool

JavaScript359other

3 years ago

cidockernodejs

toms_honeypot

Tom's Honey Pot as seen in Applied Network Security Monitoring.

Python25

9 years ago

insider

insider

Static Application Security Testing (SAST) engine focused on covering the OWASP

Go490mit

2 years ago

androidandroid-securitycli

itextsharp

itextsharp

[DEPRECATED] .NET port of the iText library, only security fixes will be added —

C#1326other

last year

lorg

lorg

Apache Logfile Security Analyzer

HTML207gpl-2.0

5 years ago

threataggregator

Aggregates security threats from a number of online sources, and outputs to Sysl

Python78mit

8 years ago

bolt

An integrated security system for applications built on component

Clojure123mit

9 years ago

NetworkMapper

Android frontend for Nmap Security Scanner

Java62gpl-2.0

8 years ago

NoiseTorch

Project dead (security breach)

21

2 years ago

AdminControl

Additional security settings for Android

Java39gpl-3.0

3 years ago

honeyup

An uploader honeypot designed to look like poor website security.

Rust24gpl-3.0

2 years ago

honeyup

An uploader honeypot designed to look like poor website security.

Rust24gpl-3.0

2 years ago

android_app_security_checklist

Android App Security Checklist

835

2 years ago

binserve

A fast production-ready static web server with TLS (HTTPS), routing, hot reloadi

Rust920mit

2 years ago

actixhandlebarshttp

security_monkey

security_monkey

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and the

Python4345apache-2.0

3 years ago

awsaws-ec2aws-iam

metadata

This repository contains the data behind our Security, Privacy and Parental Cont

622

last year

BreachDetector

Detect root, emulation, debug mode and other security concerns in your Xamarin a

C#87mit

3 years ago

debugdetectionemulation

GRASSMARLIN

Provides situational awareness of Industrial Control Systems (ICS) and Superviso

Java906other

4 years ago

analysiscontrol-systemsics

movecerts

movecerts

Move Android Certificates to system to avoid security warnings

Java28gpl-3.0

4 years ago

paseto

Platform-Agnostic Security Tokens implementation in GO (Golang)

Go789mit

last year

authauthenticationdecoder

v0lt

v0lt

Security CTF Toolkit (Not maintained anymore)

Python362

6 years ago

python3securitysecurity-ctf

Obfuscator-iOS

Secure your app by obfuscating all the hard-coded security-sensitive strings.

Objective-C640mit

3 years ago

recon

recon

🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

Rust26apache-2.0

last year

devopsdevops-toolsrust

secureyournode

Security workshop

JavaScript26mit

9 years ago

c3

𝗖𝟯 provides compliant AWS CDK components to various security standards.

TypeScript31mit

last year

aws-cdkciscis-controls

black-mirror

black-mirror

Blacklists and whitelists that aim to promote security, safety, and sanity acros

Shell106agpl-3.0

2 years ago

adblock-listblackhole-listsblacklist

csaw_esc_2019

csaw_esc_2019

CSAW Embedded Security Challenge 2019

Python34mit

4 years ago

metta

metta

An information security preparedness tool to do adversarial simulation.

Python1074mit

5 years ago

adversarialceleryinfosec

Tokenize

Security tokens for CakePHP

PHP12mit

3 years ago

SOCKS5Engine

High-performance SOCKS5 server by Vee Security

Go41agpl-3.0

5 years ago

Sentry

Sentry

Enforce security policies

Kotlin96gpl-3.0

2 years ago

androidkotlinsecurity

aurasium

Practical security policy enforcement for Android apps via bytecode rewriting an

Python36gpl-3.0

9 years ago

Security_list

Great security list for fun and profit

1591

last year

paseto

Platform-Agnostic Security Tokens

PHP3163other

last year

pasetopaseto-tokensphp

threatbus

🚌 Threat Bus – A threat intelligence dissemination layer for open-source securi

Python256bsd-3-clause

last year

cifcif3ids

ShinobiCE

Shinobi Community Edition (CE) is a GPLv3+AGPLv3 release of Shinobi. The Free Op

JavaScript111other

3 years ago

awesome-blocksec-ctf

A curated list of blockchain security Capture the Flag (CTF) competitions

14cc0-1.0

3 years ago

statistically-likely-usernames

statistically-likely-usernames

Wordlists for creating statistically likely username lists for use in password a

736

2 years ago

k9-cdk

Provision strong AWS security policies easily using the AWS CDK, v1 or v2.

TypeScript8apache-2.0

last year

awscdkiam

awesome-windows-domain-hardening

A curated list of awesome Security Hardening techniques for Windows.

1713

4 years ago

hardeningsecuritywindows

parse

Parse: A Static Security Scanner

PHP355

6 years ago

phpscannersecurity

HaboMalHunter

HaboMalHunter

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.

Python722other

last year

dynamic-analysiselflinux

termbot

termbot

SSH client that works with YubiKeys, Nitrokeys, and other OpenPGP cards (based o

Java78other

last year

termbot

termbot

SSH client that works with YubiKeys, Nitrokeys, and other OpenPGP cards (based o

Java79other

last year

Scout2

Scout2

Security auditing tool for AWS environments

Python1726gpl-2.0

5 years ago

awssecurity

cloud-inquisitor

cloud-inquisitor

Enforce ownership and data security within AWS

Python453apache-2.0

4 years ago

CANalyzat0r

CANalyzat0r

Security analysis toolkit for proprietary car protocols

Python730gpl-3.0

2 years ago

automotive-securitycarhackingreverse-engineering

wagtailenforcer

wagtailenforcer

The Wagtail arm of the law - enforce security protocols on your Wagtail site

Python44

2 years ago

axessecuritysecurity-protocol

pyramid_simpleauth

Session based authentication and role based security for a Pyramid web applicati

Python33unlicense

last year

wysihtml5

Open source rich text editor based on HTML5 and the progressive-enhancement appr

JavaScript6503mit

8 years ago

vsfire

vsfire

Visual Studio Code extension for syntax highlighting, hover help and code comple

TypeScript75mit

4 years ago

firebasefirebase-storagevscode

scout

scout

Description The Scout - Full App for accessing a Scout server, which is a sta

Go13mit

last year

mqtt-pwn

mqtt-pwn

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and se

Python318gpl-3.0

last year

exploitationiotmqtt

RCTF

RCTF

Scenarios of the Robotics CTF (RCTF), a playground to challenge robot security.

32gpl-3.0

4 years ago

ctf-challengesctf-platformcybersecurity

user.js

Firefox privacy, security and anti-tracking: a comprehensive user.js template fo

JavaScript6519mit

2 years ago

anti-fingerprintinganti-trackingarkenfox

ssh-audit

ssh-audit

SSH server auditing (banner, key exchange, encryption, mac, compression, compati

Python2922mit

4 years ago

mkit

mkit

MKIT is a Managed Kubernetes Inspection Tool that validates several common secur

Dockerfile402mit

3 years ago

aksawsazure

awesome-electronjs-hacking

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

536

2 years ago

awesome-rtc-hacking

a list of awesome resources related to security and hacking of VoIP, WebRTC and

359cc0-1.0

last year

awesomeawesome-listsbug-bounty

awesome-lockpicking

:unlock::sunglasses: A curated list of awesome guides, tools, and other resource

1307cc0-1.0

2 years ago

awesomeawesome-listkeypicking

weggli

weggli

weggli is a fast and robust semantic search tool for C and C++ codebases. It is

Rust1979apache-2.0

last year

Heimdall

Heimdall

Heimdall is a wrapper around the Security framework for simple encryption/decryp

Swift400mit

4 years ago

aesencrypted-messagesios

ironbee

Universal web application security sensor intended for real-time monitoring and

XSLT298apache-2.0

8 years ago

Vuldroid

Vuldroid

Vuldroid is a Vulnerable Android Application made with security issues in order

Java56mit

3 years ago

android-applicationandroid-securityapplication-security

klaro

klaro

Klaro! A privacy and security tool for your website.

JavaScript964other

2 years ago

ccpacmpconsent

bpflock

bpflock

bpflock - eBPF driven security for locking and auditing Linux machines

C132apache-2.0

2 years ago

bpfcontainersebpf

Logibit.Hawk

A F# Hawk implementation with a strongly typed API that guides your usage and mi

F#36other

6 years ago

NWebsec

Security libraries for ASP.NET

C#533bsd-3-clause

last year

packetpig

Packetpig - Open Source Big Data Security Analytics

Python298

6 years ago

awesome-sec-talks

A collected list of awesome security talks

3960

3 years ago

conferenceshackinginfosec

awesome-es

A collection of awesome resources for Splunk Enterprise Security

17cc0-1.0

4 years ago

awesomeawesome-listsplunk

DELTA

DELTA

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

Java78

last year

pentestingsdnsecurity-testing

corbfuzz

Code for ASE'21 Paper "CorbFuzz: Checking Browser Security Policies with Fuzzing

C3mit

3 years ago

browser-securityconcolic-executionfuzzing

raspberry-pi-kernel-hardened

Cross-compile the Linux kernel for Raspberry Pi with enhanced security in a sing

Shell19mit

2 years ago

linux-kernelraspberry-piraspberrypi-kernel