XML-Security Plug-In
The Eclipse XML-Security Plug-In allows you to experiment with the W3C recommendations on digital signatures and encryption and to learn all about their backgr
Enter
MCP Server (Rad Security)
The RAD Security MCP Server is an MCP server that provides AI-powered security insights for Kubernetes and cloud environments. It integrates with the RAD Secur
Enter
E.System.Security
E.System.Security is an actively developed library for .NET that simplifies integrating your microservices with a Service Mesh and provides enterprise-grade se
Enter
visualNets Graphical Network Security
visualNets is a log analysis utility that graphically plots network packets over time. Plot source or destination IP or port addresses in a graphical format wi
Enter
WS-Security Wrapper
WS-Security Wrapper is an adapter between XML applications and SOAP Web services implementing WS-Security. It handles all aspects of SOAP/WS-Security encoding
Enter
Web Security Basics
Web Security Basics is a beginner-friendly review of essential web security concepts that equips web developers with foundational knowledge about protecting ap
Enter
Folder Security Viewer
This software supports network administrators to access the correct security role for a specific folder without having to load windows explorer which will load
Enter
project Cubic Security
Audience: Security. User interface: Win32 (MS Windows). Programming Language: C#. Database Environment: SQL-based. Categories: Desktop Publishing
Enter
JWT Spring Security Demo
This is a demo for using JWT (JSON Web Token) with Spring Security and Spring Boot. I completely rewrote my first version. Now this solution is based on the co
Enter
Huorong Security
Operation mode: EDR operation system, network-wide threat awareness With the Huorong terminal as the cornerstone, while protecting users, it detects various th
Enter
Security VMS
Features: Intuitive, Responsive and Resource-effective . This is an application that can also be fetched from https: //sourceforge.net/projects/security-vms/.
Enter
phpcs-security-audit v3
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rul
Enter
SCAP Security Guide
The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise
Enter
Symfony Security Core
Part of the Symfony framework, the Security Core component provides the foundational tools for managing authentication, authorization, and access control in PH
Enter
phpBB-Security Enhanced
A phpBB BBS modded version, with security in mind. If you are looking for a secure phpBB, you are in the right Project. Audience: End Users/Desktop. Programmin
Enter
Spring Security
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applic
Enter
spring-security-jwt-guide
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). I
Enter
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It ca
Enter
Claude Code Security Review
The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code chan
Enter
Symfony Security Bundle
Symfony Security Bundle is a powerful tool for adding authentication and authorization to Symfony applications. It provides mechanisms for managing user roles,
Enter
Agentic Security
The open-source Agentic LLM Vulnerability Scanner. Features: Customizable Rule Sets or Agent based attacksDocumentation availableExamples availableComprehensiv
Enter
Opportunistic E-Mail-Security-System
Securing mails without involving user. Secures them as often as possible if it is possible. Shows security-state and process of mails and mail-partners. Audien
Enter
SMSec - Simplicity Makes Security
SMSec is a free , open source, GPLed implementation of two-factor authentication via SMS (Short Message Service). It uses SMSD to "talk" to GSM modems,
Enter
Secure layers for improving security
Squrelayerproxy is a project aimed for adding more privacy for existing messengers, proxy and security features. For windows you have a free and good HTTP prox
Enter
Security Code Scan
Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (X
Enter
Enterprise Laptop Security System
It was made for Universities/Colleges to manage their students' laptops in order to prevent theft cases. If your university or college is prone to such cas
Enter
FMSec - File Manager Security
FMSec (File Manager SECurity) is a set of extensions to file managers that enable some security-related operations to be easily performed. The operations are:
Enter
iSpy Camera Security Software
iSpy uses your USB webcams, IP cams, capture cards, desktops and microphones to detect and record movement or sound and provides security, surveillance, monito
Enter
Code Quality and Security for C#
Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast an
Enter
Deffend.net Otus
Deffend.net Otus aims to help small companies and individuals to avoid cyber security threats through cyber hygiene. It runs on Windows desktop and looks for m
Enter
Sihas
Deffend.net Sihas aims to help small companies and individuals to avoid cyber security threats through cyber hygiene. It runs on Windows desktop and looks for
Enter
Code Quality and Security for Java
Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Cover
Enter
KubeArmor
KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, a
Enter
Docker Scout CLI
Designed to identify security issues, outdated packages, and potential compliance problems within container images, Docker Scout surfaces dependency vulnerabil
Enter
Prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and fo
Enter
Mythril
Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roost
Enter
Cloud Scanner of Death
Cloud Scanner of Death is a professional-grade cloud security assessment tool designed to identify vulnerabilities, misconfigurations, and compliance issues ac
Enter
TinySecuritySuite
Tiny Security Suite is a simple collection of portable security tools that are essentials. It consist of Clamwin Antivrius, PAPI Firewall, and the developer ow
Enter
fsociety
fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses
Enter
VeraCrypt
VeraCrypt is a free disk encryption software brought to you by IDRIX (https: //www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algo
Enter
secator
Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools i
Enter
CodeBurn
CodeBurn is a security-focused tool designed to evaluate and stress-test codebases using adversarial techniques, often leveraging AI to identify vulnerabilitie
Enter
deepsec
deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using codi
Enter
LibreWolf-for-Void
A fork of Firefox, focused on privacy, security and freedom. This project is an independent fork of Firefox, with the primary goals of privacy, security and us
Enter
Terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infras
Enter
Tracee
Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into
Enter
Windows Defender Remover
This is a command?line tool and executable that fully disables or removes Microsoft Defender and associated Windows security components. It disables the Window
Enter
Tsunami
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. When s
Enter
Arkime
Arkime is an open source, large-scale, full packet capturing, indexing, and database system designed to augment existing security infrastructure by storing and
Enter
Custom Erase Algorithm by Mariano Ortu
This project provides a secure file deletion algorithm designed to permanently erase data by overwriting files with customizable patterns. It ensures that dele
Enter
Enlightn
Enlightn scans your Laravel app code to provide you actionable recommendations on improving its performance, security & more. We'll perform over 100 ch
Enter
OSCAL
NIST is developing the Open Security Controls Assessment Language (OSCAL), a set of hierarchical, XML-, JSON-, and YAML-based formats that provide a standardiz
Enter
Obscura
Obscura is a security-focused project aimed at providing tools and techniques for enhancing privacy, anonymity, and operational security in digital environment
Enter
Algo VPN
Introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cl
Enter
Infosec Reference
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, proto
Enter
Catnip
Servlet container extensions that help web developers write full featured Java web applications. Features: Security: XSS Filter/Valve infrastructure for Apache
Enter
Sploitware
Sploitware is a curated repository that maps the world of exploit development, offensive security, and binary exploitation into organized learning material. It
Enter
firejail
Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces a
Enter
PentestAgent
PentestAgent is an open-source autonomous security testing platform designed to help organizations identify vulnerabilities and assess security posture by simu
Enter
Anthropic Cybersecurity Skills
Anthropic Cybersecurity Skills is a collection of structured prompts, tools, and workflows designed to enhance the cybersecurity capabilities of AI systems. It
Enter
Simple Event Correlator
Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other ta
Enter
Is Website Vulnerable
A command-line tool that scans websites for known security vulnerabilities in their frontend dependencies by checking against the Snyk vulnerability database.
Enter
Cr3dOv3r
Cr3dOv3r is a penetration testing and security auditing tool designed to demonstrate and analyze the risks associated with credential reuse across multiple onl
Enter
fleet
Fleet exposes familiar concepts from traditional MDMs like custom attributes and dynamic grouping, but in a way that lets you work directly with data and event
Enter
EMBA
EMBA is designed as the central firmware analysis tool for penetration testers and product security teams. It supports the complete security analysis process s
Enter
Vault
Manage secrets and protect sensitive data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets
Enter
CodeQL
CodeQL is a semantic code analysis engine that treats programs as queryable databases, enabling users to write expressive queries that identify security vulner
Enter
GuardDog
guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain ris
Enter
XRAY
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services f
Enter
OWASP Amass
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset d
Enter
Paseto
Paseto (Platform-Agnostic Security Tokens) is an open-source security token format designed as a more secure alternative to JWT (JSON Web Tokens). Unlike JWT,
Enter
Claw Hunter
Claw Hunter is an open-source security tool designed to detect, analyze, and mitigate risks associated with autonomous AI agents, specifically those built on p
Enter
Prueba
This is an application that can also be fetched from https: //sourceforge.net/projects/prueba/. It has been hosted in OnWorks in order to be run online in an e
Enter
SecurityHeaderAudit
SecurityHeaderAudit is a beginner-friendly defensive security tool that checks websites for common HTTP security headers and reports missing protections. Categ
Enter
var-lib-apt-lists
This is an application that can also be fetched from https: //sourceforge.net/projects/var-lib-apt-lists/. It has been hosted in OnWorks in order to be run onl
Enter
Laravel CSP
By default, all scripts on a webpage are allowed to send and fetch data to any site they want. This can be a security problem. Imagine one of your JavaScript d
Enter
Digital Signer (a PDF Signing software)
Digital Signer is a powerful and user-friendly software designed to secure and authenticate your digital documents with ease. Ideal for individuals, businesses
Enter
SSH-MITM
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in
Enter
PoisonTap
PoisonTap is a security research project that demonstrates risks involving USB networking, locked computers, browser sessions, and internal network exposure. I
Enter
Sippts
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. Sippts is programmed in Python and it allows us to check the security of a VoIP
Enter
pfyshnet
Pfyshnet is a public anonymous peer to peer network and file-system. Security is its primary concern, and it provides security for all aspects of participating
Enter
Universal Password Manager
Universal Password Manager allows you to store all your passwords in one highly secure encrypted database. Its strengths are simplicity, portability and securi
Enter
SIPVicious
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-
Enter
Sec-Context
Sec-Context is a curated security research project that distills common code anti-patterns and vulnerabilities that generative AI tends to produce, presenting
Enter
Wazuh
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container,
Enter
pwd.sh
pwd.sh is a lightweight command-line utility designed to generate strong, secure passwords using simple and reproducible methods directly from the terminal. Th
Enter
Claude BugHunter
Claude-BugHunter is a Claude Code skill bundle focused on bug hunting, security testing, and external red-team research workflows. It packages a large collecti
Enter
Sobelow
Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points-
Enter
CookieGuardAudit
CookieGuardAudit is a simple Python command-line security tool that checks a website's cookies for common security flag issues. It helps users quickly spot
Enter
FedStage FedSAML
FedStage FedSAML is a software aiming to implement security SAML2.0 standard, supporting low ((de)serialization) and higher level (easy way of creating and ver
Enter
Tailsnitch
tailsnitch is a security auditing tool for Tailscale networks (tailnets) that scans configurations and device setups to detect risky or overly permissive setti
Enter
AWS EKS Terraform module
Terraform module which creates AWS EKS (Kubernetes) resources. Windows-based node support is limited to a default user data template that is provided due to th
Enter
url-checker-php-sdk
The EmailVeritas URL Checker PHP SDK provides real-time phishing and malicious link detection through the official EmailVeritas API. It enables developers to c
Enter
thc-hydra
Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and s
Enter
Ragna Scribe
Ragna Scribe is a versatile text editor which can hold multiple documents at the same time and each document organises a set of articles in a tree order. The d
Enter
Nebular
Nebular is a customizable Angular UI library that contains 40+ UI components, four visual themes, and Auth and Security modules. Recognized at the prestigious
Enter
Lighthouse Ethereum
Lighthouse is an Ethereum consensus client that connects to other Ethereum consensus clients to form a resilient and decentralized proof-of-stake blockchain. L
Enter
amazon-vpc-resource-controller-k8s
Controller for managing Trunk & Branch Network Interfaces on EKS Cluster using Security Group For Pod feature and IPv4 Addresses for Windows Node. Controll
Enter
secure-electron-template
A current electron app template with the most popular frameworks, designed and built with security in mind. Once cloned, install the dependencies for the repo
Enter
Spring Boot Demo
This repository is a hands-on, “deep learning by doing” collection of Spring Boot demos that you can run and study module by module. It currently includes 66 p
Enter
Trivy Operator
The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes
Enter
Sigma
Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detectio
Enter
Cibet
The cibet framework provides developers with functionality of the following topics: - Dual Control (4-Eyes Principle .) - Extended Authorisation (Enhance Sprin
Enter
PHP thumbnail Photo Gallery
A graphical PHP coded thumbnail image gallery using either a simple text file database OR Mysql database. really easy to install. features include multiple ima
Enter
Falco
Falco is a open source project to detect abnormal application behavior in a cloud native environment like Kubernetes. This cloud native runtime security projec
Enter
BrowserBox
Remote isolated browser API for security, automation visibility and interactivity. Run-on our cloud, or bring your own. Full scope double reverse web proxy wit
Enter
Raccoon
Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security
Enter
nuclei
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuc
Enter
HexStrike AI MCP Agents
HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” an
Enter
Media-Cert
The Re-launch is now ready and live. Feel free to try and enjoy it out. Should you experience any issues just create a ticket and I will look into it asap. The
Enter
bearer
Welcome to the Bearer documentation. Bearer is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to di
Enter
UserUnlock
There is an age old issue with security / windows domains / shared workstations. If several users share a workstation, then from an audit / security standpoint
Enter
NPQ
npq is a security-focused package manager that analyzes npm dependencies for potential vulnerabilities before installation. It helps developers ensure the safe
Enter
Trail of Bits Skills Marketplace
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI
Enter
Go Safe Web
go-safeweb is a security-focused HTTP framework for Go that bakes in secure defaults so common web vulnerabilities are harder to introduce. Instead of leaving
Enter
FileHashler
Java based API and console utility for cross-platform file encryption and archiving (currently encrypts single files up to 9.2 EB length). Uses Twofish (CBC) a
Enter
Secure P2P Framework (SePP)
This project develops a secure P2P framework in Java (SePP). Existing P2P frameworks are not covering security by design but rather implement only some high la
Enter
Vulnhuntr
Vulnhuntr is an open source security tool that uses large language models to analyze codebases and identify remotely exploitable vulnerabilities. It focuses on
Enter
BigBountyRecon
BigBountyRecon is an open source reconnaissance tool designed to assist security researchers, penetration testers, and bug bounty hunters during the early stag
Enter
Application Inspector
Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third party software components
Enter
Commius
Community-based interoperability Utility for SMEs. Commius main objective is to support the SMEs with a zero, or very low-cost, entry into interoperability, ba
Enter
CaptfEncoder
Captfencoder is a rapid cross-platform network security tool suite, providing network security-related code conversion, classical cryptography, cryptography, a
Enter
LLM Guard
LLM Guard is an open-source security toolkit designed to protect large language model applications from various security risks and adversarial attacks. The lib
Enter
QuickPasswordGenerator
This program generate random password of a specified length, with numbers, upper and lowercase letters and special symbols. Features: Small size.Easy interface
Enter
Effacor
When a file is deleted from a device the space for that file is merely de-allocated. In short: The DATA contained in that file still remains, and can be recove
Enter
APIthet
APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare t
Enter
Arcjet
Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification, and defense against common
Enter
Infection Monkey
Infection Monkey is a open source automated security testing tool for testing a network's security baseline. Monkey is a tool that infects machines and pro
Enter
Bandit
Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate pl
Enter
inventory-scoring
A tool (adobe air) to do maturity scoring of solutions. This is an offspring of projet ESIS, we use this tool with customer to assess which solutions could be
Enter
nodejsscan
Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applicati
Enter
Payloads All The Things
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier
Enter
Zeek
Zeek has a long history in the open source and digital security worlds. Vern Paxson began developing the project in the 1990s under the name “Bro” as a means t
Enter
Passbolt API
Passbolt API is an open-source password manager designed for teams. It allows users to securely store and share passwords using end-to-end encryption. Passbolt
Enter
Interwhat?
A Firefox tutorial add-on for adult absolute beginners, to provide information on and to build up understanding of the threats and features of the web. Suggest
Enter
Cipherbox
Cipherbox is what I consider to be a cryptographic swiss knife. It utilizes six encryption algorithms, and it's also a vault that's locked with four RF
Enter
Mobile Verification Toolkit
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potentia
Enter
Aqeria
Aqeria is a documentation and records-management utility for psychiatric clinics, designed to expedite creation, management, and viewing of patient records, pr
Enter
boundman
Boundman is an advanced, user-friendly, and sleek application designed to take control over your network connections. It allows you to efficiently manage and b
Enter
Lexik JWT Authentication Bundle
LexikJWTAuthenticationBundle is a Symfony bundle that provides JWT (JSON Web Token) authentication for RESTful APIs. It simplifies the process of generating an
Enter
Powerful files and text searcher
Last release: 29/7/2023. Enhanced program. The interface font size is big for ease of access. You can download source code that can be found in 'source cod
Enter
windows_hardening
This repository, also known as HardeningKitty, is a comprehensive Windows hardening checklist for personal and enterprise environments. It translates security
Enter
phpStickyBoard
phpStickyBoard aimed at creating a forum program in simple, quick and easy-to-use interfaces. Security(of structure, contents) is concerned as the most importa
Enter
SafeBox
A free and Open-Source File Encryption and Decryption app with GUI (Graphical User Interface) and CLI (Command Line Interface) that help you to protect your pr
Enter
tirreno
tirreno is an open-source security framework. tirreno [tir.?r?.no] helps understand, monitor, and protect your product from threats, fraud, and abuse. While cl
Enter
Java Sec Code
Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulne
Enter
Java Client for Google Maps Services
This library brings the Google Maps API Web Services to your server-side Java application. Each Google Maps Web Service request requires an API key. API keys a
Enter
MagSpoof
MagSpoof is a hardware and security research project that demonstrates magnetic stripe emulation. It was created to explore how magnetic stripe systems work an
Enter
FOSUserBundle
The FOSUserBundle adds support for a database-backed user system in Symfony2+. It provides a flexible framework for user management that aims to handle common
Enter
Anya
Anya is a privacy-first static malware analysis tool for Windows, Linux, and macOS. It combines PE, ELF, and Mach-O binary analysis with MITRE ATT&CK mappi
Enter
rkt
rkt (pronounced like a "rocket") is a CLI for running application containers on Linux. rkt is designed to be secure, composable, and standards-based. S
Enter
Django Hijack
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials. 3.x docs are available in the docs folder. Th
Enter
malware_training_vol1
malware_training_vol1 is an educational repository for Windows malware analysis training. It is designed to help learners understand common malware techniques
Enter
SonarQube
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, a
Enter
nebula
Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect computers anywhere in the wor
Enter
truffleHog
truffleHog searches through git repositories for high entropy strings and secrets, digging deep into commit history. TruffleHog runs behind the scenes to scan
Enter
readpe
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for pr
Enter
Master Spring and Spring Boot
Master Spring and Spring Boot is a comprehensive educational project that teaches how to build enterprise-grade Java applications using the Spring ecosystem. I
Enter
DeathStar
DeathStar is a Python-based red-team automation project that integrates with the Empire REST API for Active Directory security assessment. Its main purpose is
Enter
drozer
drozer (formerly Mercury) is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices b
Enter
OpenWAF
The first all-round open source Web security protection system, more protection than others. OpenWAF is the first fully open source Web application protection
Enter
Lantern
Can't access your favorite apps? Download Lantern to easily access videos, messaging, and other popular apps while at school or work. Lantern is an applica
Enter
Rancher
From datacenter to cloud to edge, Rancher lets you deliver Kubernetes-as-a-Service. Rancher is a complete software stack for teams adopting containers. It addr
Enter
Slim Toolkit
Inspect, Optimize and Debug Your Containers. You don't have to change anything in your application images to make them smaller! Keep doing what you are doi
Enter
Defending Code Reference Harness
Defending Code Reference Harness is a reference implementation for autonomous vulnerability discovery and remediation with Claude. It is designed for security
Enter
Stegcore
Stegcore combines cryptography and steganography to hide encrypted data inside ordinary files. It encrypts your payload before embedding it, so the hidden cont
Enter
Wapiti
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execut
Enter
The Book of Secret Knowledge
The Book of Secret Knowledge is a large curated knowledge base for developers, system administrators, security learners, and technical power users. It collects
Enter
SkillSpector
SkillSpector is a security scanner built to evaluate AI agent skills before they are installed or trusted. It helps teams inspect skills used by tools such as
Enter
Full Stack Computer Scanner
The Full Stack Computer Scanner is a read-only Windows security diagnostics tool for system awareness. No ads. No accounts. No data collection. Fully offline.
Enter
Sureness
Sureness allows you to security any server written with jvm modern frameworks such as Spring, Spring Boot, Spring WebFlux, Javalin, Quarkus, Micronaut, Solon,
Enter
Fake Name Generator
Program generates as many fake names as you want in lots of different languages. Works in Linux, *BSD & Windows. Version 2.0x saves the names to a file cal
Enter
Ajv JSON schema validator
Security and reliability for JavaScript applications. Ensure your data is valid as soon as it's received. Instead of having your data validation and saniti
Enter
Heartbleed
Heartbleed contains a compact, purpose-built implementation for detecting the infamous Heartbleed vulnerability in OpenSSL’s TLS heartbeat extension (CVE-2014-
Enter
SpringBoot Labs
SpringBoot-Labs is a comprehensive learning and reference repository created by yudaocode that explores advanced concepts, features, and best practices in Spri
Enter
CrowdSec
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also le
Enter
NextDNS
NextDNS protects you from all kinds of security threats, blocks ads and trackers on websites and in apps and provides a safe and supervised Internet for kids,
Enter
CloudQuery
CloudQuery extracts, transforms and loads your cloud assets into normalized PostgreSQL tables. CloudQuery enables you to assess, audit, and monitor the configu
Enter
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their
Enter
OmniEdge
OmniEdge is an Open source p2p layer 2 , zero-config mesh VPN infrastructure, a traditional VPN, AWS VPC, Ngrok, DDNS alternative. No central server, easy to s
Enter
SpringAll
SpringAll is a comprehensive learning project that gathers a wide range of Spring, Spring Boot, and Spring Cloud demos in one repository. It is designed for de
Enter
Single Web Page to Edit any MySQL table
Add a single web page to edit any mysql table. Just put in the DB credentials, the file handles the rest. Optionally: * Put the credentials in a secure /etc/ f
Enter
Username Anarchy
Username Anarchy is an open source command line tool designed to generate possible usernames for use in penetration testing and security assessments. It focuse
Enter
Keeper Wallet
High-security wallet with swapping capabilities. Keeper Wallet is your entry point to the Waves blockchain and Waves-powered web services. Seed phrases and pri
Enter
Skill Scanner
This repository is a public security-focused scanning tool intended to analyze and assess AI agent skills for potential issues, quality concerns, and vulnerabi
Enter
Al-Khaser
al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the
Enter
LINKERD
Enterprise power without enterprise complexity. Linkerd adds security, observability, and reliability to any Kubernetes cluster. 100% open source, CNCF graduat
Enter
Pterodactyl Panel
Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game serve
Enter
Harpoon
Harpoon is a command line tool designed to assist with open source intelligence (OSINT) and threat intelligence investigations. It helps security professionals
Enter
Awesome Stars
awesome-hacking-lists is a curated directory of penetration-testing tools and productivity utilities spanning multiple security domains. Curated lists across m
Enter
Visitor ID Management System
Everything You Need to Print Professional-Quality Cards Set up your card printing system and begin producing photo IDs in minutes with this Solution—no softwar
Enter
InQL Scanner
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Sinc
Enter
Monkey Code
Monkey Code is an enterprise-grade AI programming assistant designed to transform how development teams collaborate, build, and manage code across complex envi
Enter
Conscrypt
Conscrypt is a modern TLS/SSL provider for Java that replaces the default JCE/JCA crypto stack with one backed by BoringSSL for better performance and security
Enter
ByteHook
ByteHook is a ByteDance-hosted project whose name suggests a hooking or instrumentation library, likely used for hooking system calls or API calls for monitori
Enter
uncover
Uncover is an open source reconnaissance tool designed to quickly discover exposed hosts on the internet by querying multiple search engine APIs through a unif
Enter
gitGraber
gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It
Enter
CrossLinked
CrossLinked is an open source LinkedIn enumeration tool designed to collect employee names associated with a target organization. Instead of accessing LinkedIn
Enter
Zero Site Protector
The zero-site-protector plugin is a powerful security tool for your website that provides multiple layers of protection to safeguard against unauthorized acces
Enter
Domain Password Spray
DomainPasswordSpray is a focused security tool designed to perform enterprise-scale password spraying assessments against Active Directory environments. It aut
Enter
