Awesome Open Source
Awesome Open Source
Application Programming Interfaces
Command Line Interface
Integrated Development Environments
Lists Of Projects
User Interface Components
Web User Interface
The Top 1,599 Security Open Source Projects
A collection of various awesome lists for hackers, pentesters and security researchers
Become A Software Engineer At Top Companies
Identify your strengths with a free online coding quiz, and skip resume and recruiter screens at multiple companies at once. It's free, confidential, includes a free flight and hotel, along with help to study to pass interviews and negotiate a high salary!
An open-source x64/x32 debugger for windows.
The Book Of Secret Knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Fast, multi-platform web server with automatic HTTPS
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Security Guide For Developers
Security Guide for Developers (实用性开发人员安全须知)
Set up a personal VPN in the cloud
SQL powered operating system instrumentation, monitoring, and analytics.
Macos Security And Privacy Guide
Guide to securing and improving privacy on macOS
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
Cs Video Courses
List of Computer Science courses with video lectures.
Api Security Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Setup Ipsec Vpn
Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
UNIX-like reverse engineering framework and command-line toolset
Nginx Admins Handbook
How to improve NGINX performance, security, and other important things.
Source code for Hacker101.com - a free online web and mobile security class.
⚙️ NGINX config generator on steroids 💉
How To Secure A Linux Server
An evolving how-to guide for securing a Linux server.
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.
Free cross-platform password manager compatible with KeePass
The Rogue Access Point Framework
OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language.
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
Secure Access for Developers that doesn't get in the way.
The Practical Linux Hardening Guide
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
OpenZeppelin Contracts is a library for secure smart contract development.
Exploitation Framework for Embedded Devices
A free & open modern, fast email client with user-friendly encryption and privacy features
Free and Open Source Reverse Engineering Platform powered by radare2
Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
The OWASP ZAP core project
The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
Help secure Express apps with various HTTP headers
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
Test Your Sysadmin Skills
A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
Scan git repos for secrets using regex and entropy 🔑
eBPF-based Networking, Security, and Observability
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
A static analysis security vulnerability scanner for Ruby on Rails applications
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
OSS-Fuzz - continuous fuzzing of open source software.
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Free and open source log management
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
Daemon to ban hosts that cause multiple authentication errors
Awesome Web Security
🐶 A curated list of Web Security materials and resources.
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
OpenVPN is an open source VPN daemon
WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
System Bus Radio
Transmits AM radio on computers without radio transmitting hardware.
Open-Source Phishing Toolkit
A curated list of CTF frameworks, libraries, resources and softwares
Android Security Awesome
A collection of android security related resources
Simple and flexible tool for managing secrets
Kubernetes clusters for the hobbyist.
Guide to using YubiKey for GPG and SSH
An adversarial example library for constructing attacks, building defenses, and benchmarking both
Reconnaissance tool for GitHub organizations
My Arsenal Of Aws Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
Monero: the secure, private, untraceable cryptocurrency
Damn Vulnerable Web Application (DVWA)
Multi-platform transparent client-side encryption of your files in the cloud
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
Moloch is an open source, large scale, full packet capturing, indexing, and database system.
Scalable fuzzing infrastructure.
An Efficient Enterprise-class Container Engine
Security 101 For Saas Startups
security tips for startups
A curated list of resources for learning about application security
Nmap - the Network Mapper. Github mirror of official SVN repository.
Web path scanner
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Automated Mass Exploiter
Let's Encrypt client and ACME library written in Go
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
Securely and anonymously send and receive files, and publish onion sites
一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Smart Contract Best Practices
A guide to smart contract security best practices
Awesome Threat Intelligence
A curated list of Awesome Threat Intelligence resources
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
✔️ Secure, simple key-value storage for Android
Malicious traffic detection system
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
Docker Ipsec Vpn Server
Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
A Tool for Domain Flyovers
Awesome Incident Response
A curated list of tools for incident response
Valet lets you securely store data in the iOS, tvOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy. We promise.
Remote Administration Tool for Windows
Performant type-checking for python.
Golang security checker
Tutanota is an email client with a strong focus on security and privacy that lets you encrypt emails on all your devices.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
1-100 of 1,599 projects