#Security
Showing 60 of 4281 repositories tagged #security, ranked by stars
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
List of Computer Science courses with video lectures.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Comfortably monitor your Internet traffic π΅οΈββοΈ
Open-source AI penetration testing tool to find and fix your appβs vulnerabilities.
Opiniated RAG for integrating GenAI in your apps π§ Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
π΅οΈββοΈ All-in-one OSINT tool for analysing any website
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
The official NGINX Open Source repository.
π Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Set up a personal VPN in the cloud
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
An evolving how-to guide for securing a Linux server.
Proxmox VE Helper-Scripts (Community Edition)
βοΈ NGINX config generator on steroids π
The Single Sign-On Multi-Factor portal for web apps, now OpenID Certifiedβ’
Set up your own IPsec VPN server in just a few minutes, with IPsec/L2TP, Cisco IPsec and IKEv2. Supports Ubuntu, Debian, CentOS/RHEL, Alpine Linux and Raspberry Pi OS. Includes client config and management scripts.
Find secrets with Gitleaks π
KeePassXC is a cross-platform community-driven port of the Windows application βKeePass Password Safeβ.
Infisical is the open-source platform for secrets, certificates, and privileged access management.
OpenZeppelin Contracts is a library for secure smart contract development.
Find, verify, and analyze leaked credentials
817 structured cybersecurity skills for AI agents Β· Mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF & MITRE F3 (Fight Fraud) Β· agentskills.io standard Β· Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms Β· 29 security domains Β· Apache 2.0
eBPF-based Networking, Security, and Observability
UNIX-like reverse engineering framework and command-line toolset
SQL powered operating system instrumentation, monitoring, and analytics.
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Community guide to securing and improving privacy on macOS.
Simple and flexible tool for managing secrets
The authentication glue you need.
π A compiled checklist of 300+ tips for protecting digital security and privacy in 2026
Empowering People Ethically π β Matomo is hiring! Join us β https://matomo.org/jobs Matomo is the leading open-source alternative to Google Analytics, giving you complete control and built-in privacy. Easily collect, visualise, and analyse data from websites & apps. Star us on GitHub βοΈ β Pull Requests welcome!
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Security Guide for Developers
π An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
The easiest, and most secure way to access and protect all of your infrastructure.
Manage your dotfiles across multiple diverse machines, securely.
Weighs the soul of incoming HTTP requests to stop AI crawlers
π€ The Modern Port Scanner π€
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
open-source agentic AI data assistant for the next generation of AI + Data products.
Free and Open Source Reverse Engineering Platform powered by rizin
SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps π±!
Daemon to ban hosts that cause multiple authentication errors
Get Android app updates straight from the source.
Internet-scale OpenID Certifiedβ’ OpenID Connect and OAuth2.1 provider that integrates with your user management through headless APIs. Solve OIDC/OAuth2 user cases over night. Consume as a service on Ory Network or self-host. Trusted by OpenAI and many others for scale and security. Written in Go.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
A powerful obfuscator for JavaScript and Node.js
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Cryptomator for Windows, macOS, and Linux: Secure client-side encryption for your cloud storage, ensuring privacy and control over your data.
A collection of hacking tools, resources and references to practice ethical hacking.
The ZAP by Checkmarx Core project
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ https://windows-internals.com
The Rogue Access Point Framework