Top 3063 security open source projects

Keep That Mouse Moving!

Work in progress...

GCP CIS 1.1.0 Benchmark InSpec Profile

Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)

📗 How to write cross-platform Node.js code

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

easy-gpg-to-paper aims to make exporting your secret gpg key to paper, and then restoring from paper, an easy and painless process.

Standard Subresource Integrity library for Node.js

安全总是无处不在...

The Guard component brings many layers of authentication together, making it much easier to create complex authentication systems where you have total control.

Miscellaneous exploit code

BleachBit system cleaner for Windows and Linux

Command-line passphrase generator

A command line security audit tool for Amazon Web Services

Pillage filesystems for sensitive information with Go.

Framework agnostic set of sqlalchemy classes that make building applications that require permissions an easy task.

Toolkit for research purposes in AIS. See the website for the paper.

Generate secure passwords you can actually remember!

awsenv is intended as a local credential store for people using more than one AWS account at the same time

🔑 A keychain wrapper that is so easy to use that your cat could use it.

✔️ CTF problems and solutions solved by Qwaz

The public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers

HTTP Authentication library for Nim

A Slack bot for GitHub organization management -- and other things too

Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communication. You will provision a simple HTTP server and two client pods in a Kubernetes Engine cluster, then use a Network Policy restrict connections from client pods.

A free & open modern, fast email client with user-friendly encryption and privacy features

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

The OWASP ZAP core project

🔒 Sudo mode for your Rails controllers

Dockerized REST service to look up URLs in Google Safe Browsing v4 API

☄️ go-out - A Golang egress buster.

A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

CSRF protection middleware for Go.

Go packages built on go-tpm providing a high-level API for using TPMs

Kubernetes object analysis with recommendations for improved reliability and security

Run a security scan on your terraform with the very nice https://github.com/liamg/tfsec

chef-vault cookbook

Use omniauth for nginx auth_request

A Go library for DKIM, DMARC and Authentication-Results

Browser hacks to disable WebAssembly (WASM)

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.

nixarmor is a linux hardening automation project

The iOS Security Testing Framework

X-SpringBoot是一个轻量级的Java快速开发平台，能快速开发项目并交付【接私活利器】

A shell script that automates the process of signing Git sources via GPG

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases

Disabling kernel lockdown on Ubuntu without physical access

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates

从扫描器结果分离出的一些大公司泛解析ip列表

Secure MERN Stack CRUD Web Application using Passport.js Authentication

Prevent program and malware to bypass DNS filter by using DoH

Penetration Testing Platform