Awesome Open Source
Awesome Open Source
Application Programming Interfaces
Command Line Interface
Integrated Development Environments
Lists Of Projects
User Interface Components
Web User Interface
The Top 1,715 Security Open Source Projects
A collection of various awesome lists for hackers, pentesters and security researchers
Become A Software Engineer At Top Companies
Identify your strengths with a free online coding quiz, and skip resume and recruiter screens at multiple companies at once. It's free, confidential, includes a free flight and hotel, along with help to study to pass interviews and negotiate a high salary!
An open-source x64/x32 debugger for windows.
The Book Of Secret Knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Fast, multi-platform web server with automatic HTTPS
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Set up a personal VPN in the cloud
Security Guide For Developers
Security Guide for Developers (实用性开发人员安全须知)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Macos Security And Privacy Guide
Guide to securing and improving privacy on macOS
SQL powered operating system instrumentation, monitoring, and analytics.
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
Cs Video Courses
List of Computer Science courses with video lectures.
Api Security Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Setup Ipsec Vpn
Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
UNIX-like reverse engineering framework and command-line toolset
Nginx Admins Handbook
How to improve NGINX performance, security, and other important things.
Source code for Hacker101.com - a free online web and mobile security class.
⚙️ NGINX config generator on steroids 💉
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
How To Secure A Linux Server
An evolving how-to guide for securing a Linux server.
OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Compatible with MITREid.
This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.
Free cross-platform password manager compatible with KeePass
The Rogue Access Point Framework
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
OpenZeppelin Contracts is a library for secure smart contract development.
Secure Access for Developers that doesn't get in the way.
Exploitation Framework for Embedded Devices
Free and Open Source Reverse Engineering Platform powered by radare2
The Practical Linux Hardening Guide
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
A free & open modern, fast email client with user-friendly encryption and privacy features
The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
The OWASP ZAP core project
Help secure Express apps with various HTTP headers
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
Test Your Sysadmin Skills
A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
eBPF-based Networking, Security, and Observability
Scan git repos for secrets using regex and entropy 🔑
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.
A static analysis security vulnerability scanner for Ruby on Rails applications
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
OSS-Fuzz - continuous fuzzing of open source software.
Simple and flexible tool for managing secrets
Daemon to ban hosts that cause multiple authentication errors
Free and open source log management
Awesome Web Security
🐶 A curated list of Web Security materials and resources.
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
OpenVPN is an open source VPN daemon
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
My Arsenal Of Aws Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Open-Source Phishing Toolkit
A curated list of CTF frameworks, libraries, resources and softwares
Guide to using YubiKey for GPG and SSH
Performant type-checking for python.
Android Security Awesome
A collection of android security related resources
System Bus Radio
Transmits AM radio on computers without radio transmitting hardware.
Web path scanner
Reconnaissance tool for GitHub organizations
An adversarial example library for constructing attacks, building defenses, and benchmarking both
Kubernetes clusters for the hobbyist.
Multi-platform transparent client-side encryption of your files in the cloud
Damn Vulnerable Web Application (DVWA)
Monero: the secure, private, untraceable cryptocurrency
How To Secure Anything
How to systematically secure anything: a repository about security engineering
Nmap - the Network Mapper. Github mirror of official SVN repository.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Scalable fuzzing infrastructure.
An Efficient Enterprise-class Container Engine
A curated list of resources for learning about application security
Let's Encrypt client and ACME library written in Go
Security 101 For Saas Startups
security tips for startups
Automated Mass Exploiter
Securely and anonymously share files, host websites, and chat with friends using the Tor network
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
Awesome Threat Intelligence
A curated list of Awesome Threat Intelligence resources
Smart Contract Best Practices
A guide to smart contract security best practices
Awesome Incident Response
A curated list of tools for incident response
Malicious traffic detection system
A Tool for Domain Flyovers
Remote Administration Tool for Windows
Golang security checker
✔️ Secure, simple key-value storage for Android
Docker Ipsec Vpn Server
Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec
Tutanota is an email client with a strong focus on security and privacy that lets you encrypt emails on all your devices.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
1-100 of 1,715 projects