Security

#web-security#token-authentication#data-signing

itsdangerousPython

Cryptographically sign and verify data to safely pass it between trusted and untrusted environments.

UICKeyChainStoreObjective-C

Forks241

Last commit11 months ago

A simple wrapper for Apple's Keychain APIs on iOS, watchOS, tvOS, and macOS, making secure storage as easy as NSUserDefaults.

#keychain#ios#biometric-authentication

Forks378

#microsoft-office#libreoffice#windows-security

HardenToolsGo

A Windows security tool that reduces the attack surface by disabling risky features in Windows, Office, Adobe Reader, and LibreOffice.

Forks258

Last commit10 months ago

Kube-ScoreGo

Static code analysis tool for Kubernetes YAML and Helm charts that provides recommendations to improve reliability and security.

#helm#devops#reliability

Express GatewayJavaScript

Forks197

Last commit20 days ago

A microservices API gateway built on Node.js and Express.js for securing and exposing services in cloud-native architectures.

#api-gateway#expressjs#express-gateway

Forks353

#hacktoberfest#api#communicate-passwords

passwordPusherRuby

Securely share passwords, text, files, and URLs via self-destructing links with full audit logs.

Dumb Password RulesNunjucks

Forks445

Last commit1 day ago

A crowdsourced collection of websites with frustrating and counterproductive password requirements.

#hacktoberfest#passwords#password-policies

#keychain#ios#data-protection

Forks307

Last commit13 days ago

keychain-swiftSwift

A Swift library providing simple helper functions for securely storing text and data in the iOS/macOS Keychain.

Forks365

#expression-parser#policy-engine#macros

cel-goGo

A non-Turing complete expression language for fast, safe, and portable evaluation with C-like syntax.

#php-security#waf#web-security

Forks292

Last commit4 days ago

OpenRASPC++

Open source Runtime Application Self-Protection (RASP) solution that integrates security directly into application servers via instrumentation.

#team-collaboration#progressive-web-app#end-to-end-encryption

Forks620

Last commit8 months ago

PadlockJavaScript

A modern, open-source password manager for individuals and teams with end-to-end encryption and self-hosting capabilities.

Stars2.9k

Forks265

Last commit1 year ago

LocksmithSwift

A protocol-oriented Swift library for interacting with the iOS/macOS keychain with type-safe results.

#keychain#ios#authentication

Stars2.9k

Forks269

Roave Security Advisories

A Composer package that blocks installation of PHP dependencies with known security vulnerabilities.

#supply-chain-security#composer#devops

Stars2.9k

Forks109

#iot#cryptography-api#rtos

wolfsslC

A lightweight, portable TLS/SSL library written in ANSI C for embedded systems, RTOS, and cloud applications.

#data-list#domain-names#dns

Forks985

Last commit2 days ago

The Public Suffix ListGo

A comprehensive list of all known public suffixes (like .com, .co.uk) under which internet users can directly register domain names.

Forks1.6k

Last commit12 days ago

SSH

A curated list of SSH applications, libraries, and resources for developers and system administrators.

#mosh#devops#ssh-key

Forks180

#cybersecurity-labs#randomization#cybok

SecGenPython

A framework that generates randomly vulnerable virtual machines for security education, labs, and CTF events.

#lambda#ssh-security#ssh-certificate-authority

Forks327

Last commit12 days ago

blessPython

An SSH Certificate Authority that runs as an AWS Lambda function for ephemeral, IAM-controlled SSH access.

#dependency-checker#patch-management#bundler-audit

Forks228

Last commit1 year ago

bundle-auditRuby

A security audit tool for Ruby projects that checks Gemfile.lock for vulnerable gem versions and insecure sources.

#cold-boot-protection#crypto#data-protection

Forks245

Last commit5 days ago

memguardGo

A Go library that creates a secure software enclave to protect sensitive data in memory from exposure and attacks.

Stars2.7k

Forks135

#privacy-compliance#code-security#data-flow-analysis

BearerGo

Static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

A static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

#privacy-compliance#code-security#data-flow-analysis

An open-source password manager built with Flutter, compatible with KeePass 2.x (KDBX 3 and KDBX 4) across all major platforms.

#dart#keepass#hacktoberfest

Stars2.7k

Forks275

#hacktoberfest#kubernetes#security-scanning

KICSOpen Policy Agent

KICS is an open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in Infrastructure as Code.

Forks373

Last commit10 days ago

AstraPython

An automated security testing framework for REST APIs that detects vulnerabilities like SQL injection, XSS, and CSRF.

#owasp#web-security#sdlc

Forks413

KrakenD API Gateway (.5k)Go

An ultra-high performance, stateless, declarative API Gateway written in Go for microservices and secure communications.

#api-gateway#reverse-proxy#high-performance

Forks497

#httpclient#authentication#jwt

angular2-jwtTypeScript

An Angular HTTP interceptor library for automatically attaching JSON Web Tokens (JWTs) to HttpClient requests.

Elastic Detection RulesPython

Forks470

Last commit18 days ago

A public repository for developing, testing, and maintaining detection rules for Elastic Security's SIEM, with tools for Detections as Code.

#siem#security-automation#security

Forks664

#kms#devops#secrets-management

chamberGo

A CLI tool for managing secrets using AWS SSM Parameter Store and Secrets Manager as backends.

#bot-protection#service-provider#composer

Forks183

Last commit4 months ago

captchaPHP

A Laravel service provider for generating and validating CAPTCHA images, including math-based challenges.

A retired iOS action extension that enabled 1Password to fill credentials and other data into third-party apps.

#ios#action-extension#retired-project

#security-training#social-engineering#self-hosted-security

Forks311

Last commit4 years ago

King PhisherPython

A phishing campaign toolkit for simulating real-world attacks to test and promote user security awareness.

Forks581

#web-security#source-code-extraction#repository-recovery

git-dumperPython

A Python tool to dump a git repository from a website, even when directory listing is disabled.

#spring-mvc#oauth#web-security

Forks301

Last commit28 days ago

pac4jJava

A comprehensive security framework for Java applications, supporting authentication, authorization, and integration with multiple protocols and frameworks.

Forks712

#rule-engine#windows-security#adversary

FibratusGo

A Windows security tool for real-time adversary tradecraft detection, memory scanning, and forensics via behavior-driven rules.