security

Collaborative forensic timeline analysis

This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY

A collection of custom security tools for quick needs.

AI-safe .env files: Schemas for agents, Secrets for humans.

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Collection of blocklists to fill in the gaps

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

Connect any AI model to 600+ integrations; powered by MCP 📡 🚀

Basic rate-limiting middleware for the Express web server

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

The official repo for Blokada apps.

A self-contained cryptographic library for Python

Platform Security Assessment Framework

The Github home of Orbot: Tor on Android (Also available on gitlab!)

📱 Wire for iOS (iPhone and iPad)

The Application Engine for the AI Era. A multi-threaded, AI-native runtime with a persistent Scene Graph, enabling AI agents to introspect and mutate...

Investigate malicious Windows logon by visualizing and analyzing Windows event log

the TCPdump network dissector

Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Oso is a batteries-included framework for building authorization in your application.

A kernel designed to run one and only one application in a virtualized environment

Ethereum smart contract fuzzer

Safely pass trusted data to untrusted environments and back.

UICKeyChainStore is a simple wrapper for Keychain on iOS, watchOS, tvOS and macOS. Makes using Keychain APIs as easy as NSUserDefaults.

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

OWASP CRS (Official Repository)

Jasypt integration for Spring boot

InSpec: Auditing and Testing Framework

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernet...

A microservices API Gateway built on top of Express.js

ContainerSSH: Launch containers on demand

A compilation of sites with dumb password rules.

Open source smart card tools and middleware. PKCS#11/MiniDriver

:lock: Memorable site for testing clients against bad SSL configs.

Awesome Node.js Security resources

☁️ Ultra-fast, secure & lightweight self-hosted cloud storage — your files, photos, calendars & contacts, all in one place. Built in Rust.

Authorization service and frontend for Docker registry (v2)

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with...

Interesting APT Report Collection And Some Special IOCs

🔥Open source RASP solution

Setup guide for NextDNS, a DoH proxy with advanced capabilities

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audit...

edb is a cross-platform AArch32/x86/x86-64 debugger.

Open source AI terminal for cloud and infrastructure management, enabling you to deploy, troubleshoot, and automate services using natural language an...

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using dat...

user.js -- Firefox configuration hardening

A completely free, open source and online course about Reverse Engineering iOS Applications.

Projects for security students