security

Collaborative forensic timeline analysis

This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY

A collection of custom security tools for quick needs.

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

Collection of blocklists to fill in the gaps

Connect any AI model to 600+ integrations; powered by MCP 📡 🚀

Basic rate-limiting middleware for the Express web server

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

The official repo for Blokada apps.

A self-contained cryptographic library for Python

AI-safe .env files: Schemas for agents, Secrets for humans.

Platform Security Assessment Framework

📱 Wire for iOS (iPhone and iPad)

The Github home of Orbot: Tor on Android (Also available on gitlab!)

The Application Engine for the AI Era. A multi-threaded, AI-native runtime with a persistent Scene Graph, enabling AI agents to introspect and mutate...

the TCPdump network dissector

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services

Oso is a batteries-included framework for building authorization in your application.

A kernel designed to run one and only one application in a virtualized environment

Ethereum smart contract fuzzer

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Safely pass trusted data to untrusted environments and back.

UICKeyChainStore is a simple wrapper for Keychain on iOS, watchOS, tvOS and macOS. Makes using Keychain APIs as easy as NSUserDefaults.

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Jasypt integration for Spring boot

InSpec: Auditing and Testing Framework

OWASP CRS (Official Repository)

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernet...

A microservices API Gateway built on top of Express.js

A compilation of sites with dumb password rules.

ContainerSSH: Launch containers on demand

Open source smart card tools and middleware. PKCS#11/MiniDriver

:lock: Memorable site for testing clients against bad SSL configs.

Awesome Node.js Security resources

Authorization service and frontend for Docker registry (v2)

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with...

Interesting APT Report Collection And Some Special IOCs

🔥Open source RASP solution

☁️ Ultra-fast, secure & lightweight self-hosted cloud storage — your files, photos, calendars & contacts, all in one place. Built in Rust.

Setup guide for NextDNS, a DoH proxy with advanced capabilities

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audit...

edb is a cross-platform AArch32/x86/x86-64 debugger.

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using dat...

user.js -- Firefox configuration hardening

Open source AI terminal for cloud and infrastructure management, enabling you to deploy, troubleshoot, and automate services using natural language an...

A completely free, open source and online course about Reverse Engineering iOS Applications.

Projects for security students