Security

The "Awesome Security" project is a curated collection of resources focused on enhancing security practices in the digital realm. This list encompasses a wide range of categories including security tools, libraries, frameworks, tutorials, and best practices for various platforms and technologies. It is designed to benefit security professionals, developers, and system administrators alike, providing valuable insights and tools to safeguard applications and data. Whether you are a beginner looking to understand security fundamentals or an experienced practitioner seeking advanced techniques, this project offers a wealth of information to help you improve your security posture and protect your digital assets.

cybersecuritysecurity-toolspenetration-testingencryptionnetwork-securityvulnerability-assessmentsecure-coding

RSS View on GitHub

14.2k stars2.2k forks0 contributorsUpdated

40 sections · 291 projects

Network architecture

1 projects

Network-segmentation-cheat-sheet

A comprehensive guide with diagrams and best practices for implementing corporate network segmentation across four security maturity levels.

3,4644 months ago

/ Pentesting

17 projects

OpenVAS

openvas.org

Metasploit Framework

An open-source penetration testing framework for developing and executing exploit code against remote targets.

Ruby38,34515 hours ago

A Linux packet crafting tool for generating attack signatures to test IDS/IPS and network security.

C4765 years ago

scapy

A curated list of tools, add-ons, articles, and exploits that use the Scapy packet manipulation library.

Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.

Go14,6711 month ago

Legion

Legion is a semi-automated network penetration testing framework for discovery, reconnaissance, and exploitation.

Python1,0561 year ago

Lonkero

A professional-grade web security scanner for penetration testing with intelligent, context-aware scanning and proof-based vulnerability detection.

Rust9281 day ago

Sublist3r

A Python tool for fast subdomain enumeration using OSINT and bruteforce, designed for penetration testers and bug hunters.

Python10,9481 year ago

RustScan

A modern, fast port scanner that finds all 65k ports in 3 seconds and features a scripting engine for extensibility.

Rust19,8954 days ago

monsoon

A fast and flexible HTTP fuzzer for content discovery, credential bruteforcing, and security testing.

Go4961 year ago

Netz

Discover internet-wide misconfigurations in services like Elasticsearch, databases, and web servers using high-speed scanning tools.

Go3985 years ago

ThreatMapper

Open source CNAPP that hunts for threats in cloud native platforms, ranks them by risk, and visualizes attack paths.

TypeScript5,2777 days ago

Deepfence SecretScanner

A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.

Go3,3573 months ago

Cognito Scanner

A Python script that implements security testing attacks against AWS Cognito, including account oracle and privilege escalation.

Python1112 years ago

Monitoring / Logging

13 projects

BoxyHQ

A fully open-source audit logs service with an embeddable UI, designed for easy deployment to your own Kubernetes cluster.

TypeScript4456 days ago

justniffer

justniffer.sourceforge.net

httpry

dumpsterventures.com

ngrep

ngrep.sourceforge.net

sagan

sagan.quadrantsec.com

ntopng

ntop.org

Fibratus

A Windows security tool for real-time adversary tradecraft detection, memory scanning, and forensics via behavior-driven rules.

Go2,49122 hours ago

opensnitch

An interactive GNU/Linux application firewall that monitors and controls outbound network connections.

Python13,7201 month ago

wazuh

An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.

C++15,8111 day ago

Matano

An open source, serverless security data lake for AWS that normalizes logs, enables detection-as-code, and supports petabyte-scale threat hunting.

A data pipeline engine for security teams to collect, transform, enrich, and route telemetry data at scale.

C++7421 day ago

Substation

A serverless toolkit for routing, normalizing, and enriching security event and audit logs in AWS.

Go4024 months ago

IDS / IPS / Host IDS / Host IPS

14 projects

blog.securityonion.net

denyhosts.sourceforge.net

An open-source, participative security engine that detects and blocks malicious IPs using crowdsourced threat intelligence.

Go13,7413 days ago

wazuh

An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.

C++15,8111 day ago

Honey Pot / Honey Net

10 projects

awesome-honeypots

A curated list of free and open-source honeypot resources, tools, and related components for cybersecurity research.

Python10,3347 days ago

HoneyPy

A low to medium interaction honeypot written in Python, designed for easy deployment and extensibility.

A medium interaction SSH honeypot that logs brute force attacks and attacker shell interactions.

Python1,7142 years ago

Kojoney

kojoney.sourceforge.net

T-Pot Honeypot Distro

dtag-dev-sec.github.io

Related Awesome Lists

📦

Hacking

The "Awesome Hacking" project is a curated resource list designed for those interested in the field of hacking, which involves exploring and exploiting vulnerabilities in computer systems and networks. This list encompasses a wide range of categories, including penetration testing tools, ethical hacking tutorials, security research papers, and community forums. It serves as a valuable resource for beginners looking to learn the basics of cybersecurity, as well as experienced professionals seeking advanced techniques and tools. Whether you are aiming to enhance your skills or stay updated on the latest security trends, this collection offers a wealth of information to support your hacking journey.

16.1k

📦

Malware Analysis

The "Awesome Malware Analysis" project is a curated resource list designed to assist security professionals and researchers in the field of malware analysis. Malware analysis involves examining malicious software to understand its behavior, functionality, and impact. This list includes tools for static and dynamic analysis, reverse engineering resources, malware databases, and educational materials such as tutorials and courses. It is valuable for both beginners looking to learn the basics and experienced analysts seeking advanced techniques and tools. Users can find a wealth of resources to enhance their skills and improve their malware analysis capabilities.

13.6k

📦

Web Security

The "Awesome Web Security" project is a curated collection of resources focused on the security of web applications and services. Web security encompasses practices and technologies designed to protect websites and online services from cyber threats, vulnerabilities, and attacks. This list includes tools for penetration testing, secure coding practices, frameworks, libraries, and educational materials such as articles and tutorials. It is valuable for developers, security professionals, and researchers who seek to enhance their understanding of web security and implement robust security measures. Users can find essential tools and knowledge to safeguard their web applications effectively and stay ahead of potential threats.

13.2k

📦

CTF

The "Awesome CTF" project is a curated collection of resources focused on Capture The Flag (CTF) competitions, which are events that challenge participants to solve cybersecurity problems and vulnerabilities. This list encompasses a variety of categories including CTF platforms, write-ups, tools, training materials, and community forums, catering to both newcomers and seasoned cybersecurity enthusiasts. Whether you are looking to sharpen your skills, participate in competitions, or learn from past challenges, this repository provides invaluable insights and resources. Dive into the world of CTFs and enhance your cybersecurity prowess with the tools and knowledge available here.

11.4k

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub