Top 3063 security open source projects

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

A security system written in python to run on a Raspberry Pi with motion detection and mobile notifications

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

How to improve NGINX performance, security, and other important things.

🔱 Collection and Roadmap for everyone who wants DevSecOps.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Managed .NET wrapper for unmanaged PKCS#11 libraries

🛡️ Make your web services secure by default !

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Python library and CLI for the Bug Bounty Recon API

Toolkit for Playing with Wi-Fi Probe Requests

Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

Kanidm: A simple, secure and fast identity management platform

KES is a simple, stateless and distributed key-management system

JSshell - JavaScript reverse/remote shell

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included

Exploit Development, Reverse Engineering & Cryptography

The security system is one of the most powerful parts of Symfony and can largely be controlled via its configuration.

A simple tool for interacting with OWASP ZAP from the commandline.

Easily Secure your Spring Boot Apps with Keycloak

A list of payload and bypass lists for penetration testing and red team infrastructure build.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

📖【停】米斯特白帽培训讲义

Make using Bouncy Castle with OpenPGP fun again!

A Kubernetes operator to produce egress gateway Envoy pods and control access to them with network policies

Basic guide to harden systemd services

🌏 Buttercup browser extension

raru: run as random user

Fuzzinator Random Testing Framework

Create On Demand Disposable OpenVPN Endpoints on AWS.

Personalized, user-focused recommendations for employee information security.

Spring Boot 2.X 最全课程代码

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

Advanced vulnerability scanning with Nmap NSE

Workshops organized to introduce students to security, AI, AR/VR, hardware and software

Distributed WPA PSK auditor

proxy poc implementation of STARTTLS stripping attacks

ANTLR v4 grammar-based test generator

Two-factor authentication for Symfony applications 🔐 (bunde version ≥ 5)

💔 Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement.

Vulnerability (CVE) scanner for Nix/NixOS.

Android library to reveal or obfuscate strings and assets at runtime

Quick unlock with Windows Hello for KeePass 2

A very aggressive filter-list that consolidates over 320 lists for use in AdGuard Home.

Agile Threat Modeling Toolkit

This package is a Laravel 5 driver for Lock

A command-line tool for querying the 'Have I been pwned?' service.

Suricata git repository maintained by the OISF

A basic tool to check security headers of a website

Open source vulnerability scanner for .NET Core projects

ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privacy.

OWASP Honeypot, Automated Deception Framework.

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

npm install could be dangerous

DevSec Windows Baseline - InSpec Profile

Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.

A simple tool for offline searching of default credentials for network devices, web applications and more.

🔑securely checks a password to see if it has been previously exposed in a data breach

全栈工程师学习笔记；Spring登录、shiro登录、CAS单点登录和Spring boot oauth2单点登录；Spring data cache 缓存，支持Redis和EHcahce; web安全，常见web安全漏洞以及解决思路；常规组件，比如redis、mq等；quartz定时任务，支持持久化数据库，动态维护启动暂停关闭；docker基本用法，常用image镜像使用，Docker-MySQL、docker-Postgres、Docker-nginx、Docker-nexus、Docker-Redis、Docker-RabbitMQ、Docker-zookeeper、Docker-es、Docker-zipkin、Docker-ELK等；mybatis实践、spring实践、spring boot实践等常用集成；基于redis的分布式锁；基于shared-jdbc的分库分表，支持原生jdbc和Spring Boot Mybatis

ASP.NET Core middleware for IP address filtering.