security

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Cov...

A laboratory for learning secure web and mobile development in a practical manner.

Vulnerability Patterns Detector for C# and VB.NET

A collective list of public APIs for use in security. Contributions welcome

🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

secureCodeBox (SCB) - continuous secure delivery out of the box

:key: Hash type identifier (CLI & lib)

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detector...

XToolBox - A collection of 150+ Windows 10/11 optimization and tweaking apps!

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primari...

Free Elasticsearch security plugin and Kibana security plugin: super-easy Kibana multi-tenancy, Encryption, Authentication, Authorization, Auditing

Awesome Python Security resources 🕶🐍🔐

Generate links that users can use to submit messages encrypted with your public key.

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Pytools: Some useful tools written by pure python.

Privacy-first, end-to-end encrypted Mail, Pages, Drive, and Calendar.

The LinuxBoot project is working to enable Linux to replace your firmware on all platforms.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

A security scanner for your LLM agentic workflows

Ansible Role - Security

Open-Source Security Architecture | 开源安全架构

🔑 Free Offline-first Password Manager

Platform-Agnostic Security Tokens implementation in GO (Golang)

Infosec Wordlists and more.

Pure PHP polyfill for ext/sodium

一个方便安全研究人员获取每日安全日报的爬虫和推送程序，目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区以及绿盟、腾讯玄...

Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed Web...

(Formerly Solium) Code quality & Security Linter for Solidity

Project Calico's per-host agent Felix, responsible for programming routes and security policy.

A vulnerable version of Rails that follows the OWASP Top 10

Dangerously fast DNS/network/port scanner

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

A stupid game for learning about containers, capabilities, and syscalls.

Open Source Tripwire®

[DEPRECATED] Detect threats with log data and improve cloud security posture

The Hitchhiker’s Guide to Online Anonymity

A memory scanning evasion technique

HULK DoS tool ported to Go with some additional features.

Run programs on linux with selectively restricted permissions.

🦄🔒 Awesome list of secrets in environment variables 🖥️

ZAP Add-ons

Java RMI Vulnerability Scanner

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

NetCat for Windows

Digital Forensics Investigation Platform

OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup

Smart Contract Weakness Classification and Test Cases

Automated HTTP Request Repeating With Burp Suite

OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core

Share passwords securely