Security: SuperTokens 👑

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

Security: Overlay

Overlay is a browser extension helping developers evaluate open source packages before picking them

Security: Kubescape

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Security: Bitwarden

Bitwarden client applications (web, browser extension, desktop, and cli)

Security: Hanko

Authentication and user management for the passkey era.

Security: Sniffnet

Application to comfortably monitor your Internet traffic ?️‍♂️

Security: KeyPass

KeyPass: Open-source & offline password manager. Store, manage, take control securely.

Security: Phase Console

Open-source encryption and key management platform for app developers.

Security: @node-oauth/oauth2-server

The unofficial successor to oauthjs/oauth2-server. Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.

Security: Retraced

A fully open source audit logs service and embeddable UI easily deployed to your own Kubernetes cluster. Brought to you by replicated.com and boxyhq.com

Security: Tiny Python Scripts

Tiny Python Scripts for Everyday Automation

Security: Infisical

♾ Infisical is an open-source, end-to-end encrypted platform for secret management: sync secrets across your team/infrastructure and prevent secret leaks.

Security: Cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Security: UAC (Unix-like Artifacts Collector)

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler…

Security: Meerkat

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Security: Diceware

Generate secure passwords you can actually remember!

Security: PrivateBin

A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.

Security: phpseclib

PHP Secure Communications Library

Security: SagerNet/SagerNet

The universal proxy toolchain for Android

Security: Doorkeeper Guides

Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

Security: gopass

The slightly more awesome standard unix password manager for teams

Security: Smallstep

?️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Security: Tutanota

Tutanota is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar entries on all your devices.

Security: AdAway

AdAway is a free and open source ad blocker for Android.

Security: GitHub

Exploit Development and Reverse Engineering with GDB Made Easy

Security: OWASP Security Guide

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Security: Notesnook by Streetwriters LLC

A fully open source & end-to-end encrypted note taking alternative to Evernote.

Security: Wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Security: Casdoor

An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform powered by Casbin and AI gateway with web UI supporting OAuth 2.0, OIDC, SAML and OpenAI ChatGPT

Security: veracrypt/VeraCrypt

Disk encryption with strong security based on TrueCrypt

Security: Laravel Socialite

Laravel wrapper around OAuth 1 & OAuth 2 libraries.

Security: beemdevelopment/Aegis

A free, secure and open source app for Android to manage your 2-step verification tokens.

Security: OnionShare

Securely and anonymously share files, host websites, and chat with friends using the Tor network

Security: aquasecurity/tfsec

Security scanner for your Terraform code

Security: Mandiant

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

Security: Akamai

Infection Monkey - An open-source adversary emulation platform

Security: CodeQL

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

Security: Adversarial ASR

An ASR (Automatic Speech Recognition) adversarial attack repository.

Security: SAML Jackson

An Enterprise SAML single sign-on service designed as an OAuth 2.0 flow. Integrate SAML and OIDC SSO with just a few lines of code.

Security: Intents operator

Manage network policies, Istio Authorization Policies, and Kafka ACLs in a Kubernetes cluster with ease.

Security: w32miller

malware development kit for x86 windows based platforms with a linux compatible build system

Security: PastDSE

DSE bypass using a leaked cert and adjusting the current clock.

Security: Detect it Easy

Program for determining types of files for Windows, Linux and MacOS.

Security: CTF Archives

CTF Archives: Collection of CTF Challenges.

Security: CTF Writeups

CTF Writeups: Collection of CTF "technical" writeups by PersianCats.

Security: DeepCrawling

Crawlium (DeepCrawling): A crawling platform based on Chrome (Chromium) browser to get a deeper look into the ecosystem of content inclusion on the Web.

Security: Stegano

A pure Python steganography module.

Security: Betterscan CE

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

Security: Delphi JWT Library

Delphi implementation of JOSE (JSON Object Signing and Encryption) and JWT (JSON Web Token)

Security: Little Rat

? Small chrome extension to monitor (and optionally block) other extensions' network calls

Security: OWASP Wrongsecrets

Vulnerable app with examples showing how to not use secrets

Security: ThreatMapper

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Security: mp-units

A Physical Quantities and Units library for C++

Security: Passwordless.ID

Ditch passwords, boost security! Use this public identity provider to leverage biometric authentication and increase security.

Security: Serverless AWS Secrets

? Serverless plugin that reads environment variables and replaces secrets using AWS Secrets Manager ?

Security: cloudgrep

cloudgrep is grep for cloud storage