The Top 1,599 Security Open Source Projects

Awesome Open Source

Awesome Open Source

Combined Topics

The Top 1,599 Security Open Source Projects

Categories > Security > Security

Awesome Hacking ⭐39,948

A collection of various awesome lists for hackers, pentesters and security researchers

X64dbg ⭐35,367

An open-source x64/x32 debugger for windows.

The Book Of Secret Knowledge ⭐33,188

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Caddy ⭐29,498

Fast, multi-platform web server with automatic HTTPS

Mitmproxy ⭐19,524

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Security Guide For Developers ⭐19,143

Security Guide for Developers (实用性开发人员安全须知)

Set up a personal VPN in the cloud

Osquery ⭐16,979

SQL powered operating system instrumentation, monitoring, and analytics.

Macos Security And Privacy Guide ⭐16,039

Guide to securing and improving privacy on macOS

Payloadsallthethings ⭐15,870

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hosts ⭐15,827

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Cs Video Courses ⭐14,999

List of Computer Science courses with video lectures.

Api Security Checklist ⭐14,818

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Setup Ipsec Vpn ⭐14,056

Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS

Cheatsheetseries ⭐13,271

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Radare2 ⭐12,897

UNIX-like reverse engineering framework and command-line toolset

Nginx Admins Handbook ⭐11,463

How to improve NGINX performance, security, and other important things.

Hacker101 ⭐11,429

Source code for Hacker101.com - a free online web and mobile security class.

Nginxconfig.io ⭐10,763

⚙️ NGINX config generator on steroids 💉

How To Secure A Linux Server ⭐10,464

An evolving how-to guide for securing a Linux server.

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

Keeweb ⭐9,051

Free cross-platform password manager compatible with KeePass

Wifiphisher ⭐9,038

The Rogue Access Point Framework

OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language.

Docker Slim ⭐8,896

DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Teleport ⭐8,421

Secure Access for Developers that doesn't get in the way.

The Practical Linux Hardening Guide ⭐8,295

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Openzeppelin Contracts ⭐8,276

OpenZeppelin Contracts is a library for secure smart contract development.

Routersploit ⭐8,190

Exploitation Framework for Embedded Devices

Mailpile ⭐8,187

A free & open modern, fast email client with user-friendly encryption and privacy features

Cutter ⭐7,948

Free and Open Source Reverse Engineering Platform powered by radare2

Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices

Zaproxy ⭐7,610

The OWASP ZAP core project

Bettercap ⭐7,564

The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.

Helmet ⭐7,270

Help secure Express apps with various HTTP headers

Identityserver4 ⭐6,839

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

Test Your Sysadmin Skills ⭐6,823

A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.

Gitleaks ⭐6,111

Scan git repos for secrets using regex and entropy 🔑

Cilium ⭐5,964

eBPF-based Networking, Security, and Observability

Awesome Security ⭐5,874

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

Brakeman ⭐5,790

A static analysis security vulnerability scanner for Ruby on Rails applications

Keychainaccess ⭐5,739

Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

Dompurify ⭐5,547

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Oss Fuzz ⭐5,437

OSS-Fuzz - continuous fuzzing of open source software.

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Graylog2 Server ⭐5,402

Free and open source log management

Opensnitch ⭐5,353

OpenSnitch is a GNU/Linux port of the Little Snitch application firewall

Fail2ban ⭐5,217

Daemon to ban hosts that cause multiple authentication errors

Awesome Web Security ⭐5,127

🐶 A curated list of Web Security materials and resources.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Openvpn ⭐5,113

OpenVPN is an open source VPN daemon

Wpscan ⭐5,073

WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their WordPress websites.

Spring Security ⭐5,063

Spring Security

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

System Bus Radio ⭐4,960

Transmits AM radio on computers without radio transmitting hardware.

Gophish ⭐4,889

Open-Source Phishing Toolkit

Javascript Obfuscator ⭐4,882

A powerful obfuscator for JavaScript and Node.js

Awesome Ctf ⭐4,786

A curated list of CTF frameworks, libraries, resources and softwares

Android Security Awesome ⭐4,743

A collection of android security related resources

Simple and flexible tool for managing secrets

Kubernetes clusters for the hobbyist.

Yubikey Guide ⭐4,710

Guide to using YubiKey for GPG and SSH

Cleverhans ⭐4,673

An adversarial example library for constructing attacks, building defenses, and benchmarking both

Gitrob ⭐4,659

Reconnaissance tool for GitHub organizations

My Arsenal Of Aws Security Tools ⭐4,593

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI

Monero ⭐4,437

Monero: the secure, private, untraceable cryptocurrency

Damn Vulnerable Web Application (DVWA)

Cryptomator ⭐4,403

Multi-platform transparent client-side encryption of your files in the cloud

Capstone ⭐4,364

Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

Moloch ⭐4,302

Moloch is an open source, large scale, full packet capturing, indexing, and database system.

Clusterfuzz ⭐4,287

Scalable fuzzing infrastructure.

An Efficient Enterprise-class Container Engine

Security 101 For Saas Startups ⭐4,243

security tips for startups

Awesome Appsec ⭐4,197

A curated list of resources for learning about application security

Nmap - the Network Mapper. Github mirror of official SVN repository.

Dirsearch ⭐4,190

Web path scanner

Nishang ⭐4,181

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Autosploit ⭐4,167

Automated Mass Exploiter

Let's Encrypt client and ACME library written in Go

Security_monkey ⭐4,011

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

Onionshare ⭐3,975

Securely and anonymously send and receive files, and publish onion sites

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Smart Contract Best Practices ⭐3,760

A guide to smart contract security best practices

Awesome Threat Intelligence ⭐3,689

A curated list of Awesome Threat Intelligence resources

Cloudmapper ⭐3,683

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

✔️ Secure, simple key-value storage for Android

Maltrail ⭐3,660

Malicious traffic detection system

Unicorn ⭐3,638

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)

Docker Ipsec Vpn Server ⭐3,560

Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec

Processhacker ⭐3,551

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.

Aquatone ⭐3,543

A Tool for Domain Flyovers

Awesome Incident Response ⭐3,521

A curated list of tools for incident response

Valet lets you securely store data in the iOS, tvOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy. We promise.

Quasar ⭐3,461

Remote Administration Tool for Windows

Pyre Check ⭐3,460

Performant type-checking for python.

Golang security checker

Tutanota ⭐3,404

Tutanota is an email client with a strong focus on security and privacy that lets you encrypt emails on all your devices.

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

1-100 of 1,599 projects