Top 3063 security open source projects

Share sensitive info without leaving a trace in your chat logs or email accounts.

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Shodan API client

Some thoughts on how Node.js might respond to a changing security environment

NebulousAD automated credential auditing tool.

Sets secure response headers for Next.js.

Source code for Hacker101.com - a free online web and mobile security class.

⚙️ NGINX config generator on steroids 💉

Secure software enclave for storage of sensitive information in memory.

Fully featured, open source, privacy friendly email app for Android

Captcha for Laravel 5/6/7/8

SIEM Tactics, Techiques, and Procedures

🔒 Laravel validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.

Fuzzing and Data Manipulation Framework (for GNU/Linux)

edb is a cross-platform AArch32/x86/x86-64 debugger.

Find out which of your friends are online on Tinder

🔐 Server API to support End-to-End Encryption

CS 253 Web Security course at Stanford University

Security library for Sparkjava: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

Usable Privacy Box

awesome-windows-security-development

Find leaked emails with your passwords

Security + Governance Workshop

CIF v3 -- the fastest way to consume threat intelligence

An easy to use, light-weight, on-demand virus scanner for Linux systems

Web hacking framework with tools, exploits by python

detectem - detect software and its version on websites.

可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆，提高逆向分析难度。

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Tool made to automate tasks of pentesting.

A repository for ebooks， including C, C plus plus, Linux Kernel, Compiler, OS, Algorithm, Security, Database, Network, ML and DL

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

BeyondCorp-inspired Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

End-To-End File & Message Encryption For Discord

🎯 Server Side Template Injection Payloads

Golang (GO) implementation of Javascript Object Signing and Encryption specification

Android安全实践

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

A simple daemon to help you with falco's outputs.

.NET 5 Nuget Packages.

Docker files for the Lemur certificate orchestration tool

Enine boyuna siber güvenlik

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Як не стати кібер-жертвою

Terraform utility to mask select output from `terraform plan` and `terraform apply`

Tool for viewing and analyzing execution traces

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

Windows Hardening settings and configurations

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

How often does your password appear in the Pwned Passwords database? Uses the k-anonymity API.

Code execution via Python package installation.

A static code analysis for WordPress (and PHP)

Benchmarking repo for secrets scanning

Custom memory allocator that helps discover reads from uninitialized memory

gopass CLI + UI = visual cross-platform password manager for teams

Attacking and Defending Kubernetes Clusters: A Guided Tour

Web 端口敲门的奇思妙想

Framework agnostic validation library for PHP

Turn your Burp suite into headless active web application vulnerability scanner