security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
Repositories (1449)
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Do you think you are safe using private browsing or incognito mode?. :smile: :imp: This will prove that you're wrong. Previously hosted at nothingpr...
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writ...
Hacker tools on Go (Golang)
Run any Linux process in a secure, unprivileged sandbox using Landlock. Think firejail, but lightweight, user-friendly, and baked into the kernel.
👤 Identity and Access Management knowledge for cloud platforms
Terminal security for developers and AI agents. Intercepts homograph URLs, pipe-to-shell, ANSI injection, obfuscated payloads, data exfiltration, and...
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
A static analysis tool for securing Go code
🔐 oauth2 - A Ruby wrapper for the OAuth 2.0, & 2.1 Authorization Frameworks, including OpenID Connect (OIDC)
Venom - A Multi-hop Proxy for Penetration Testers
A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
IAM Least Privilege Policy Generator
Active Directory and Internal Pentest Cheatsheets
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAut...
Authentication, authorization, traceability and auditability for SSH accesses.
OWASP Web Application Security Testing Checklist
Security scanner for AI agents, MCP servers and agent skills.
Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your...
Hands on labs and code to help you learn, measure, and build using architectural best practices.
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provi...
An NFC research toolkit application for Android
Tool to scan for secret files on HTTP servers
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
Collection of quality safety articles. Awesome articles.
Spring Boot 2.X 最全课程代码
常规Java工具,算法,加密,数据库,面试题,源代码分析,解决方案
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
Easy to use alarm system integration for Home Assistant
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (LSM-BPF, AppA...
Everything about federated learning, including research papers, books, codes, tutorials, videos and beyond
LLVM Obfuscator
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Completely free, private, UI based Tech Documentation MCP server. Designed for coders and software developers in mind. Easily integrate into Cursor, W...
A novel Android app store focused on security, privacy, and usability
DNS Takeover tool written in Go
Hidden parameters discovery suite
面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams
Advanced DNS filter/blocklists for privacy, security, and clean browsing.
Curated List of Privacy Respecting Services and Software
This is a step-by-step guide to implementing a DevSecOps program for any size organization
Reverse Shell as a Service
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
Nuclei POC,每2小时更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分...
finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
Create On Demand Disposable OpenVPN Endpoints on AWS.
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc