Security

#osint#subdomain-enumeration#data-enrichment

Forks208

Last commit17 hours ago

sn0intRust

A semi-automatic OSINT framework and package manager for gathering intelligence and enumerating attack surfaces.

Forks222

#taint-analysis#owasp#spotbugs-plugin

Find Security BugsJava

A SpotBugs plugin for detecting security vulnerabilities in Java web and Android applications.

#privacy-first#ipfs#storage

Forks479

Last commit1 month ago

PeergosJava

A peer-to-peer encrypted global filesystem and private web platform with secure file storage, social networking, and application hosting.

#suricata#pcap#opensearch-dashboards

Forks188

Last commit20 hours ago

MalcolmPython

A powerful, easily deployable network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.

#oauth2#authentication#openid-connect

Forks413

Last commit3 days ago

go-oidcGo

A Go package that adds OpenID Connect client support to the standard OAuth2 library.

Forks427

Last commit17 days ago

HWIOAuthBundlePHP

Adds OAuth1.0a and OAuth2 authentication support to Symfony applications with 58+ provider integrations.

#oauth#api#oauth2

Forks788

Last commit2 months ago

jwxGo

A complete Go implementation of JOSE (JWA/JWE/JWK/JWS/JWT) for signing, encryption, and key management.

#authentication#jwe#jwt

#app-security#mobile-security#standard

Forks191

Last commit12 hours ago

OWASP MASVSPython

The OWASP Mobile Application Security Verification Standard (MASVS) is the industry standard for mobile app security.

#bot-protection#web-security#unicode

Forks664

Last commit4 months ago

base64CaptchaGo

A flexible Go package for generating and verifying captchas as base64-encoded image or audio strings.

#bots#hacktoberfest#user-agent

Forks309

Last commit6 months ago

CrawlerDetectPHP

A PHP class for detecting bots, crawlers, and spiders via user agent and HTTP headers.

#resource-oriented#toy-implementation#move-language

Forks277

Last commit10 days ago

BasicCoinRust

A toy implementation of an ERC20-like fungible token demonstrating Move language capabilities for secure smart contracts.

#https-enforcement#http-middleware#web-security

Forks700

Last commit2 years ago

secureGo

A Go HTTP middleware that provides essential security headers and protections for web applications.

Forks146

openid-clientTypeScript

A universal JavaScript library for implementing OAuth 2.0 and OpenID Connect client flows across Node.js, browsers, Deno, and other runtimes.

#openid#oauth2#client

#network-routing#privacy-tools#anonymize

Forks410

Last commit11 days ago

NipePerl

A Perl engine that routes all your internet traffic through the Tor network for enhanced privacy and anonymity.

#cve#vulnerability#vulnerability-database

Forks334

Last commit7 days ago

js-vuln-db

A curated database of JavaScript engine CVEs with proof-of-concept exploits for security research.

#devops#production-deployment#performance-optimization

Forks404

Last commit6 years ago

production_rails

A comprehensive guide and collection of best practices for deploying, monitoring, and securing Ruby on Rails applications in production environments.

#osint#subdomain-enumeration#banner-grabbing

Forks140

Last commit24 days ago

xrayGo

A network OSINT tool that automates subdomain enumeration, service fingerprinting, and data collection via Shodan and ViewDNS APIs.

Forks299

Embedded and IoT Security

A curated list of software, hardware, books, and research for embedded and IoT security analysis.

#iot#embedded-security#hardware-hacking

#filetype#media-processing#validation

Forks281

Last commit2 years ago

filetypeGo

Fast, dependency-free Go package to infer binary file types by checking magic number signatures.

#react-frontend#openapi-integration#soar

Forks187

Last commit10 months ago

ShuffleJavaScript

An open-source security automation platform (SOAR) built for security professionals, focusing on collaboration and resource sharing.

wemake-django-templatePython

Forks403

Last commit2 days ago

A bleeding-edge Django project template focused on code quality, security, and modern development practices.

#caddy#pytest#project-template

A deliberately vulnerable CI/CD environment with 11 challenges to learn and practice CI/CD security.

#security-training#jenkins#devops

Forks399

hashesRust

A collection of cryptographic hash functions implemented in pure Rust, designed for interoperability and no_std environments.

#groestl#gost#sha2

#hacktoberfest#unicode#authentication

Forks315

Last commit17 hours ago

lettreRust

A Rust library for sending emails with multiple transport methods, SMTP security, and async support.

#nuget#authentication#jwt

Forks223

Last commit17 hours ago

Jwt.NetC#

A comprehensive JWT (JSON Web Token) implementation for .NET with support for encoding, decoding, and ASP.NET Core integration.

Forks466

#zero-trust#openid#oauth2

IAM

A curated list of resources covering Identity and Access Management (IAM) for cloud platforms, including authentication, authorization, and security.

Awesome List of IAM: Fraud links

Forks178

Last commit4 days ago

A curated list of resources covering Identity and Access Management (IAM) for cloud platforms, including authentication, authorization, and security.

#zero-trust#oauth2#authentication

#elk-stack#siem#enterprise-defense

Forks178

Last commit4 days ago

MozDefPython

An open-source security incident response platform that automates and coordinates enterprise defense workflows.

#oidc-client#oauth2#authentication

Forks325

Last commit4 years ago

OAuth2Ruby

A Ruby wrapper for OAuth 2.0, 2.1, and OpenID Connect (OIDC) client implementations.

#false-positive-reduction#source-to-sink-tracing#static-code-analysis

Forks624

Last commit5 days ago

gokartGo

A static analysis tool for Go that finds vulnerabilities using SSA form and source-to-sink tracing to reduce false positives.