Security

eBPF

A curated list of awesome projects, tutorials, and resources related to eBPF (extended Berkeley Packet Filter).

OSSECC

Open Source Host-based Intrusion Detection System performing log analysis, file integrity checking, rootkit detection, and active response.

CameradarGo

A penetration testing tool that discovers and accesses RTSP video surveillance cameras through network scanning and dictionary attacks.

W3afPython

An open-source web application security scanner that identifies and exploits 200+ vulnerabilities for developers and penetration testers.

KanidmRust

A simple, secure, and fast identity management platform for self-hosted authentication, supporting OAuth2, LDAP, RADIUS, and Unix integration.

NAXSIC

An open-source, high-performance Web Application Firewall (WAF) module for NGINX that blocks malicious web traffic by default.

shellhardenRust

A syntax highlighter and tool to semi-automatically rewrite shell scripts for ShellCheck conformance, focusing on proper quoting.

PomeriumGo

A zero-trust identity and context-aware reverse proxy for secure, clientless access to internal web apps without a VPN.

Password Manager ResourcesJavaScript

A collaborative collection of data and code quirks to improve password manager compatibility with websites.

OckamRust

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications at scale.

ockamRust

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications at scale.

JintC#

A JavaScript interpreter for .NET that runs on any modern .NET platform, enabling JavaScript execution within .NET applications.

TetragonC

eBPF-based real-time security observability and runtime enforcement for Kubernetes and Linux systems.

Awesome Threat Detection and Hunting

A curated list of awesome open-source tools, detection rules, datasets, and resources for threat detection and hunting.

SantaObjective-C++

A binary and file access authorization system for macOS that monitors and controls application execution.

DrozerPython

A security testing framework for Android that identifies vulnerabilities by interacting with apps, IPC endpoints, and the OS.

aya/aya-rsRust

A pure-Rust eBPF library focused on developer experience, operability, and compile-once-run-everywhere capabilities.

Buttercup DesktopTypeScript

A free, open-source, cross-platform password manager that securely encrypts credentials in vault files.

CerbosGo

An open-core, language-agnostic authorization solution for implementing and managing context-aware access control policies.

Awesome Pentest Cheat Sheets

A curated collection of cheat sheets and resources for penetration testing and security assessments.

zizmorRust

A static analysis tool that finds security vulnerabilities and misconfigurations in GitHub Actions workflows.

gowitnessGo

A Golang command-line utility that uses Chrome Headless to capture website screenshots and gather web data.

mythrilPython

A symbolic-execution-based security analysis tool for detecting vulnerabilities in Ethereum and EVM-compatible smart contracts.

Awesome vehicle security and car hacking

A curated list of resources for learning about vehicle security, car hacking, and automotive tinkering.

Awesome Security Talks & Videos

A curated collection of security conference talks and videos from events like DEF CON, Black Hat, and BSides.

ssh-auditPython

A security auditing tool for SSH server and client configurations, analyzing algorithms, vulnerabilities, and policy compliance.

HubbleMakefile

A fully distributed networking and security observability platform for Kubernetes, built on Cilium and eBPF.

ValetSwift

A Swift library for securely storing data in the Apple Keychain across iOS, macOS, tvOS, and watchOS with a simple API.

sanitize-htmlJavaScript

A fast HTML sanitizer that cleans user-submitted HTML while preserving whitelisted elements and attributes.

next-iron-sessionTypeScript

Secure, stateless, and cookie-based session library for Next.js and other JavaScript frameworks.

retire.jsJavaScript

A scanner that detects JavaScript libraries with known vulnerabilities and can generate a Software Bill of Materials (SBOM).

Dockerfile best practicesDockerfile

A production-ready Dockerfile template with security-focused best practices for building reliable container images.

ringAssembly

A Rust cryptography library derived from BoringSSL, designed as an experimental alternative to OpenSSL.

IVREPython

A self-hosted network reconnaissance framework for building alternatives to Shodan, ZoomEye, Censys, and GreyNoise.

django-guardianPython

Adds per-object permissions to Django's authorization system, enabling fine-grained access control.

2FAuthPHP

A self-hosted web app to manage your Two-Factor Authentication (2FA) accounts and generate security codes.