Top 3063 security open source projects

❄️ Firmware and simulator for Coldcard Hardware Wallet

ContainerSSH: Launch containers on demand

Smart Meter Security Testing Framework

Ansible modules for Palo Alto Networks NGFWs

SlowMist Vulnerability Research Advisories

Awesome Object Capabilities and Capability Security

Samples for the Google SafetyNet Attestation API

嵌入式 Linux 知识库 (elinux.org) 中文翻译计划；本项目发起人发布了《360° 剖析 Linux ELF》视频课程，欢迎订阅：https://www.cctalk.com/m/group/88089283

Kubernetes Auto Analyzer

👨‍🏫 Mike's Web Security Course

An attack tool designed to remotely disable CCTV camera streams (like in spy movies)

👤 Identity and Access Management Knowledge for Cloud Platforms

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

DevSec SSH Baseline - InSpec Profile

Python script to decode common encoded PowerShell scripts

Open source application to instantly remediate common security issues through the use of AWS Config

Open Cloud Security Posture Management Engine

Low code web framework for real world applications, in Python and Javascript

A completely free, open source and online course about Reverse Engineering iOS Applications.

WiFi security auditing tools suite

PowerShell script to monitor Active Directory groups and send an email when someone is changing the membership

Ansible role to apply a security baseline. Systemd edition.

信息安全方面面试清单

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Reverse shell generator written in Python 3.

📄 p2. - Simple and secure PDF to PNG server.

⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️

Runs the default Google Lighthouse tests with additional security tests

Blue Team Scripts

user.js -- Firefox configuration hardening

Safe, fast, small crypto using Rust

Virus Total Public/Private/Intel API

A browser extension (Chrome, Firefox) that toggles concealment of sensitive information found in the Azure Portal web page such as Subscription Id's

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Curated list of open-source Java Card applets and related applications for cryptographic smartcards

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

Copy/paste anything over the network.

Safely pass trusted data to untrusted environments and back.

AppLocker - simple lock screen for iOS Application ( Swift 4+, iOS 9.0+) Touch ID / Face ID

Paradox Magellan, Spectra and EVO, with MQTT, Signal, Pushbullet, Pushover and others

monitor macOS for malicious activity

📩🛡 Email privacy. Anonymously send and receive with alias forwarding.

Skynet - Advanced IP Blocking For ASUS Routers Using IPSet.

Version 1 of Technical Best Practices of Azure Databricks based on real world Customer and Technical SME inputs

OpenVPN 3 Linux client

Software licensing done right - license++ is a cross platform software licensing library that uses digital signatures to secure use of your application and its licensing

Directory of security contacts for blockchain companies

An open source database of disallowed usernames for software projects to prevent phishing and impersonation.

Privacy Online Test and Resource Compendium (POTARC) 🕵🏻

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

Google CTF

Wazuh - The Open Source Security Platform

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

[unmaintained] Post-exploitation tool

Repair and secure untrusted HTML

The DevSecOps toolset for REST APIs

Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)

Kafka consumer lag-checking application for monitoring, written in Scala and Akka HTTP; a wrap around the Kafka consumer group command. Integrations with Cloudwatch and Datadog. Authentication recently added

Express.js middleware for "Host" and "Referer" header validation to protect against DNS rebinding attacks.