Security

Golang Security CheckerGo

A static analysis tool that scans Go source code for security vulnerabilities by analyzing the AST and SSA representations.

#ast-analysis#taint-analysis#security-automation

A lightweight multi-architecture disassembly framework for binary analysis and reverse engineering.

#c-library#disassembly#powerpc

Stars8.8k

Forks1.7k

Top 10 (and more) core contributorsPHP

A rapid development PHP framework using MVC and design patterns to build robust web applications quickly.

#composer#orm#rapid-development

An open-source implementation of the Matter standard, a unified IP-based connectivity protocol for secure and interoperable smart home devices.

#iot#device-interoperability#connected-home

Stars8.8k

Forks2.4k

Last commit1 day ago

Gixy - Nginx configuration static analyzerPython

A static analysis tool for detecting security misconfigurations and flaws in Nginx configuration files.

#devops#web-server#vulnerability-detection

Stars8.6k

Forks451

#ruby-gem#rails-authentication#authorization

PunditRuby

A minimal authorization library for Ruby on Rails using plain Ruby classes and object-oriented design.

Stars8.5k

Forks645

#sensor#blacklist-feeds#security

MaltrailPython

A malicious traffic detection system that monitors network traffic for blacklisted threats and suspicious activities using public feeds and heuristics.

A simple Swift wrapper for the iOS/macOS Keychain that provides an easy-to-use API for secure credential storage.

#keychain#ios#touch-id

Stars8.2k

Forks840

Last commit2 years ago

Pocket IDGo

A simple OIDC provider that enables passkey-only authentication for self-hosted services.

#passkeys#authentication#openid-connect

An open-source implementation of lightweight VMs that perform like containers but offer VM-level isolation and security.

#firecracker#container-runtime#multi-architecture

Query APIs, cloud services, and code directly with SQL using a zero-ETL approach—no database required.

#cloud-infrastructure#devops#plugin-system

Stars7.8k

Forks337

#native-module#data-protection#authentication

node.bcrypt.jsC++

A native Node.js library for hashing passwords using the bcrypt algorithm with async support and security best practices.

Stars7.8k

Forks551

Last commit1 month ago

eBPFGo

A pure Go library for loading, compiling, debugging, and attaching eBPF programs to Linux kernel hooks.

#observability#cilium#go-library

Stars7.8k

Forks873

Last commit6 days ago

Scout SuitePython

An open-source multi-cloud security auditing tool that assesses cloud environment security posture via provider APIs.

#compliance-auditing#infrastructure-security#multi-cloud

Stars7.7k

Forks1.2k

Last commit8 months ago

Awesome Shodan Search Queries

A curated collection of interesting, funny, and concerning search queries for Shodan.io to find exposed devices and services.

#iot#vulnerability-discovery#search-queries

Stars7.5k

Forks1.0k

Last commit2 years ago

Json Web TokenPHP

A PHP library for creating, parsing, and validating JSON Web Tokens (JWT) and JSON Web Signatures (JWS).

#hacktoberfest#rfc 7519#authentication

An open-source, large-scale network packet capture, indexing, and analysis system with a web interface.

#pcap#network-forensics#pcap-indexing

Stars7.4k

Forks1.2k

Last commit3 days ago

MolochC

An open-source, large-scale network packet capture, indexing, and analysis system for security and network monitoring.

#pcap#network-forensics#pcap-indexing

Stars7.4k

Forks1.2k

Last commit3 days ago

brakemanRuby

A static analysis security vulnerability scanner for Ruby on Rails applications.

#vulnerabilities#rails#vulnerability-detection

Stars7.2k

Forks770

#type-check#developer-tools#taint-analysis

pyre-checkOCaml

A performant, incremental type checker for Python with integrated security analysis via Pysa.

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

#google-cloud-platform#multi-cloud#azure

#rego#google-cloud-platform#multi-cloud

TfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

#google-cloud-platform#multi-cloud#azure

tfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

#google-cloud-platform#azure#terraform-security

tfsecGo

A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.

#open-source#tor-onion-service#privacy

OnionSharePython

Securely and anonymously share files, host websites, and chat via the Tor network.

#crypto#developer-tools#hashing

Forks702

Last commit5 days ago

Cryptography

A curated list of cryptography resources, libraries, tools, and educational materials for developers and security professionals.

#crypto#developer-tools#hashing

Forks762

Last commit8 days ago

Cryptography

A curated list of cryptography resources, libraries, tools, and educational materials for developers and researchers.

#isomorphic#rbac#isomorphic-javascript

Forks762

Last commit8 days ago

casl-aureliaTypeScript

An isomorphic JavaScript authorization library that restricts user access to resources with incremental adoption and scalability.

#secure-coding#security-experts#owasp

Forks303

Last commit14 days ago

AppSecPHP

A curated list of books, articles, websites, and tools for learning application security across multiple programming languages.

Forks795

#secure-coding#security-experts#owasp

Application SecurityPHP

A curated list of books, articles, websites, and tools for learning application security across multiple programming languages.

Forks795

#hacktoberfest#unix-like#open-source

gopassGo

A command-line password manager for teams, built as a drop-in replacement for pass with GPG encryption and git versioning.

#autotype#keepass#macpass

Forks540

Last commit2 days ago

MacPassObjective-C

A native macOS KeePass client for managing passwords with a native macOS experience.

Forks470