Top 3063 security open source projects

Fast and efficient osquery management

Evaluate the security of S3 buckets

WWDCNotes.com content ✨

.Net library for Two Factor Authentication (TFA / 2FA)

Reusable domain layers. Shipped with industry standard infrastructure.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

Simple websites vulnerable to Server Side Template Injections(SSTI)

Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记

PCI-DSS compliant Debian 9/10 hardening

📝 The third MOSEC mobile security technology summit 第三届 MOSEC 移动安全技术峰会参会分享

🔗 React-Native LinkedIn, a simple LinkedIn login library for React-Native or Expo with WebView and Modal

Multiplatform payload dropper

osquery extensions by Trail of Bits

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

Awesome Vulnerable Applications

CSRF Protector library: standalone library for CSRF mitigation

A middleware to check authorization

Provides familiar Spring abstractions for HashiCorp Vault

List of real-world threats against endpoint protection software

ADAPT is a tool that performs automated Penetration Testing for WebApps.

Implementation of Universal Token for Assets and Payments

Encrypted, taggable, searchable cloud storage

Code from Blackhat Python book

Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).

Penetration testing utility, and antivirus assessment tool.

Welcome to Janssen: the world's fastest cloud native identity and access management platform

Find phishing kits which use your brand/organization's files and image.

Application Layer DoS Testing Framework

Intelligence and Reconnaissance Package/Bundle installer.

An operator to fetch secrets from cloud services and inject them in Kubernetes

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

Sandbox for automated Linux malware analysis.

A collection of public security audits.

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

🔒 Memorable site for testing clients against bad SSL configs.

System Architecture Mapper

🚀⚡ Kotlin SharedPreferences wrapper & cryptographic preferences android library.

Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora and CentOS.

Notable - a simple note taking application

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

🔐 Out of the box stateless openvpn-server docker image which starts in less than 2 seconds

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Authentication module for the Bottle and Flask web frameworks

Advanced buffer overflow and memory corruption security challenges

Exhaustive list of hacking tools

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).

Yar is a tool for plunderin' organizations, users and/or repositories.

Tool for catching and logging different types of requests.

PHP frontend for security.symfony.com

The official repo for Blokada for Android and iOS.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

Default signature for Jaeles Scanner

Spying using Smartwatch and Deep Learning

Authorizer is a Password Manager for Android. It emulates an HID keyboard over USB and enters your credentials on your target device. Additionally it supports OTP 🔑📴