Add your library
SuperTokens

Security: SuperTokens đź‘‘Link

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

Java
authentication
login
session-management
supertokens

Loading...

Overlay

Security: Overlay Link

Overlay is a browser extension helping developers evaluate open source packages before picking them

HTML
advisory
extension
supply-chain

Loading...

Kubescape

Security: Kubescape Link

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Go
kubernetes
security
nsa
mitre-attack

Loading...

Bitwarden

Security: Bitwarden Link

Bitwarden client applications (web, browser extension, desktop, and cli)

TypeScript
javascript
typescript
webextension
bitwarden

Loading...

Hanko

Security: Hanko Link

Authentication and user management for the passkey era.

TypeScript
authentication
passkeys
webauthn
fido2

Loading...

Sniffnet

Security: Sniffnet Link

Application to comfortably monitor your Internet traffic ?️‍♂️

Rust
network-analysis
networking
packet-sniffer
rust-crate

Loading...

KeyPass

Security: KeyPass Link

KeyPass: Open-source & offline password manager. Store, manage, take control securely.

Kotlin
kotlin
password-manager
andorid
password-generator

Loading...

Phase Console

Security: Phase Console Link

Open-source encryption and key management platform for app developers.

TypeScript
django
end-to-end-encryption
nodejs
open-source

Loading...

@node-oauth/oauth2-server

Security: @node-oauth/oauth2-server Link

The unofficial successor to oauthjs/oauth2-server. Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.

JavaScript
oauth2
nodejs
node
oauth

Loading...

Retraced

Security: Retraced Link

A fully open source audit logs service and embeddable UI easily deployed to your own Kubernetes cluster. Brought to you by replicated.com and boxyhq.com

TypeScript
enterprise-software
kubernetes
audit-logs
enterprise-ready

Loading...

Tiny Python Scripts

Security: Tiny Python Scripts Link

Tiny Python Scripts for Everyday Automation

Python
automation
python
scripts

Loading...

Infisical

Security: Infisical Link

♾ Infisical is an open-source, end-to-end encrypted platform for secret management: sync secrets across your team/infrastructure and prevent secret leaks.

TypeScript
cli
end-to-end-encryption
environment-variables
secret-management

Loading...

Cherrybomb

Security: Cherrybomb Link

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Rust
cli
blst
firecracker
cyber

Loading...

UAC (Unix-like Artifacts Collector)

Security: UAC (Unix-like Artifacts Collector) Link

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler…

Shell
incident-response
forensics
computer-forensics
triage

Loading...

Meerkat

Security: Meerkat Link

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

PowerShell
threat
hunt
red
blue

Loading...

Diceware

Security: Diceware Link

Generate secure passwords you can actually remember!

JavaScript
security
password
password-generator
diceware

Loading...

PrivateBin

Security: PrivateBin Link

A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.

PHP
self-hosted
security
self-hosting
pastebin

Loading...

phpseclib

Security: phpseclib Link

PHP Secure Communications Library

PHP
php
ssh
sftp
rsa

Loading...

SagerNet/SagerNet

Security: SagerNet/SagerNet Link

The universal proxy toolchain for Android

Kotlin
anti-censorship
android

Loading...

Doorkeeper Guides

Security: Doorkeeper Guides Link

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

Ruby
oauth
doorkeeper
oauth2-provider
oauth2-server

Loading...

gopass

Security: gopass Link

The slightly more awesome standard unix password manager for teams

Go
go
git
password-manager
gpg

Loading...

Smallstep

Security: Smallstep Link

?️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Go
security
tls
x509
certificates

Loading...

Tutanota

Security: Tutanota Link

Tutanota is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.

TypeScript
javascript
mithril
encryption
email

Loading...

AdAway

Security: AdAway Link

AdAway is a free and open source ad blocker for Android.

C
android
ad-blocker
hosts
vpn

Loading...

GitHub

Security: GitHub Link

Exploit Development and Reverse Engineering with GDB Made Easy

Python
python
gdb
peda
gdbinit

Loading...

OWASP Security Guide

Security: OWASP Security Guide Link

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Dockerfile
best-practices
guide
owasp
bugbounty

Loading...

Notesnook by Streetwriters LLC

Security: Notesnook by Streetwriters LLC Link

A fully open source & end-to-end encrypted note taking alternative to Evernote.

JavaScript
note-taking
notes-app
notes
notebook

Loading...

Wazuh

Security: Wazuh Link

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

C
security
compliance
log-analysis
vulnerability-detection

Loading...

Casdoor

Security: Casdoor Link

An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform powered by Casbin and AI gateway with web UI supporting OAuth 2.0, OIDC, SAML and OpenAI ChatGPT

Go
oidc
sso
oauth
oauth2

Loading...

veracrypt/VeraCrypt

Security: veracrypt/VeraCrypt Link

Disk encryption with strong security based on TrueCrypt

C
encryption
encryption-decryption
encryption-algorithms
veracrypt

Loading...

Laravel Socialite

Security: Laravel Socialite Link

Laravel wrapper around OAuth 1 & OAuth 2 libraries.

PHP
laravel
oauth

Loading...

beemdevelopment/Aegis

Security: beemdevelopment/Aegis Link

A free, secure and open source app for Android to manage your 2-step verification tokens.

Java
android
otp
totp
hotp

Loading...

OnionShare

Security: OnionShare Link

Securely and anonymously share files, host websites, and chat with friends using the Tor network

Python
tor
file-sharing
onionshare
onion-service

Loading...

aquasecurity/tfsec

Security: aquasecurity/tfsec Link

Security scanner for your Terraform code

Go
terraform
security
static-analysis
scanner

Loading...

Mandiant

Security: Mandiant Link

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

PowerShell
penetration-testing
windows
fireeye-flare
red-teaming

Loading...

Akamai

Security: Akamai Link

Infection Monkey - An open-source adversary emulation platform

Python
penetration-testing
security-tools
security-automation
infection-monkey

Loading...

CodeQL

Security: CodeQL Link

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

CodeQL
semmle-ql
codeql
github-advanced-security
github-security-lab

Loading...

Adversarial ASR

Security: Adversarial ASR Link

An ASR (Automatic Speech Recognition) adversarial attack repository.

Jupyter Notebook
adversarial-attacks
adversarial-machine-learning
asr
carlini-wagner

Loading...

SAML Jackson

Security: SAML Jackson Link

An Enterprise SAML single sign-on service designed as an OAuth 2.0 flow. Integrate SAML and OIDC SSO with just a few lines of code.

TypeScript
saml
enterprise-software
saml2
saml-service-provider

Loading...

Intents operator

Security: Intents operator Link

Manage network policies, Istio Authorization Policies, and Kafka ACLs in a Kubernetes cluster with ease.

Go
kafka
acl
ibac
intents

Loading...

w32miller

Security: w32miller Link

malware development kit for x86 windows based platforms with a linux compatible build system

C
malware-development
development-kit
build-linux
wiindows

Loading...

PastDSE

Security: PastDSE Link

DSE bypass using a leaked cert and adjusting the current clock.

C
bypass-dse
driver-mapping
manual-mapping
dse

Loading...

Detect it Easy

Security: Detect it Easy Link

Program for determining types of files for Windows, Linux and MacOS.

JavaScript
debugger
detect
unpacker
disassembler

Loading...

CTF Archives

Security: CTF Archives Link

CTF Archives: Collection of CTF Challenges.

Python

Loading...

CTF Writeups

Security: CTF Writeups Link

CTF Writeups: Collection of CTF "technical" writeups by PersianCats.

C++

Loading...

DeepCrawling

Security: DeepCrawling Link

Crawlium (DeepCrawling): A crawling platform based on Chrome (Chromium) browser to get a deeper look into the ecosystem of content inclusion on the Web.

Python

Loading...

Stegano

Security: Stegano Link

A pure Python steganography module.

Python
security
steganography
steganalysis
hidden-message

Loading...

Betterscan CE

Security: Betterscan CE Link

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

Python
code-quality
static-analysis
sast
code-quality-analyzer

Loading...

Delphi JWT Library

Security: Delphi JWT Library Link

Delphi implementation of JOSE (JSON Object Signing and Encryption) and JWT (JSON Web Token)

Pascal
auth
delphi
jwt
jwt-authentication

Loading...

Little Rat

Security: Little Rat Link

? Small chrome extension to monitor (and optionally block) other extensions' network calls

JavaScript
chrome-extension
javascript
browser
security-audit

Loading...

OWASP Wrongsecrets

Security: OWASP Wrongsecrets Link

Vulnerable app with examples showing how to not use secrets

Java
java
kubernetes
hashicorp-vault
terraform-aws

Loading...

ThreatMapper

Security: ThreatMapper Link

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Go
cloud-native
vulnerability-management
threat-analysis
devsecops

Loading...

mp-units

Security: mp-units Link

A Physical Quantities and Units library for C++

C++
units
dimensional-analysis
strongly-typed
quantity-manipulation

Loading...

Passwordless.ID

Security: Passwordless.ID Link

Ditch passwords, boost security! Use this public identity provider to leverage biometric authentication and increase security.

JavaScript

Loading...

Serverless AWS Secrets

Security: Serverless AWS Secrets Link

? Serverless plugin that reads environment variables and replaces secrets using AWS Secrets Manager ?

TypeScript
aws
aws-lambda
environment-variables
aws-secrets-manager

Loading...

cloudgrep

Security: cloudgrep Link

cloudgrep is grep for cloud storage

Python
aws
aws-s3
search
grep

Loading...