aws-security-viz
. Need a quick way to visualize your
current aws/amazon ec2 security group
configuration? aws-security-viz does
just that based on the EC2 security
group ingre...
Enter
Security VMS
. Features:Intuitive, Responsive and
Resource-effective . This is an
application that can also be fetched
from
https://sourceforge.net/projects/security-vms/....
Enter
SCAP Security Guide
. The purpose of this project is to
create security policy content for
various platforms, Red Hat Enterprise
Linux, Fedora, Ubuntu, Debian, SUSE
Linux Enterpri...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
Huorong Security
. Operation mode: EDR operation system,
network-wide threat awareness With the
Huorong terminal as the cornerstone,
while protecting users, it detects
various ...
Enter
Spring Security
. Spring Security is a powerful and
highly customizable authentication and
access-control framework. It is the
de-facto standard for securing
Spring-based appl...
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
DefectDojo
. DefectDojo is a security
orchestration and vulnerability
management platform. DefectDojo allows
you to manage your application security
program, maintain pro...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
Sihas
. Deffend.net Sihas aims to help small
companies and individuals to avoid cyber
security threats through cyber hygiene.
It runs on Windows desktop and looks fo...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
ZAP
. The OWASP Zed Attack Proxy (ZAP) is
one of the world’s most popular free
security tools and is actively
maintained by a dedicated international
team of volun...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
Sn1per
. Sn1per Professional is an all-in-one
offensive security platform that
provides a comprehensive view of your
internal and external attack surface and
offers a...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
OSCAL
. NIST is developing the Open Security
Controls Assessment Language (OSCAL), a
set of hierarchical, XML-, JSON-, and
YAML-based formats that provide a
standard...
Enter
FATE
. FATE (Federated AI Technology
Enabler) is the world's first
industrial grade federated learning open
source framework to enable enterprises
and instituti...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
lynis
. Lynis is a battle-tested security
tool for systems running Linux, macOS,
or Unix-based operating system. It
performs an extensive health scan of
your systems...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
BunkerWeb
. Being a full-featured web server
(based on NGINX under the hood), it will
protect your web services to make them
"secure by default". BunkerWeb
integ...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
OWASP Juice Shop
. It can be used in security trainings,
awareness demos, CTFs and as a guinea
pig for security tools! Juice Shop
encompasses vulnerabilities from the
entire OW...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
firejail
. Firejail is a SUID program that
reduces the risk of security breaches by
restricting the running environment of
untrusted applications using Linux
namespaces...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
Prueba
. This is an application that can also
be fetched from
https://sourceforge.net/projects/prueba/.
It has been hosted in OnWorks in order
to be run online in an ...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
OWASP Amass
. The OWASP Amass Project has developed
a tool to help information security
professionals perform network mapping of
attack surfaces and perform external
asset...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
Pacu
. Pacu (named after a type of Piranha
in the Amazon) is a comprehensive AWS
security-testing toolkit designed for
offensive security practitioners. While
sever...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
amazon-vpc-resource-controller-k8s
. Controller for managing Trunk &
Branch Network Interfaces on EKS Cluster
using Security Group For Pod feature and
IPv4 Addresses for Windows Node. Contro...
Enter
Application Inspector
. Microsoft Application Inspector is a
software source code characterization
tool that helps identify coding features
of first or third party software
componen...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name “Bro” as a
means...
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
WipeFreeSpace
. WipeFreeSpace is a program to
securely erase/wipe/overwrite the free
space on file systems to prevent
recovery of deleted sensitive data. This
allows protect...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program . In the interface font size is
big for ease of access. You can download
source code that can be found in
'sour...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
Java Sec Code
. Java sec code is a very powerful and
friendly project for learning Java
vulnerability code. This project can
also be called Java vulnerability code.
Each vul...
Enter
Java Client for Google Maps Services
. This library brings the Google Maps
API Web Services to your server-side
Java application. Each Google Maps Web
Service request requires an API key. API
keys...
Enter
QuickPasswordGenerator
. This program generate random password
of a specified length, with numbers,
upper and lowercase letters and special
symbols. Features:Small size.Easy
interfac...
Enter
FOSUserBundle
. The FOSUserBundle adds support for a
database-backed user system in
Symfony2+. It provides a flexible
framework for user management that aims
to handle commo...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
nodejsscan
. Static security code scanner (SAST)
for Node.js applications powered by
libsast and semgrep. nodejsscan is a
static security code scanner for Node.js
applica...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
Django Hijack
. With Django Hijack, admins can log in
and work on behalf of other users
without having to know their
credentials. 3.x docs are available in
the docs folder. ...
Enter
Payloads All The Things
. A list of useful payloads and
bypasses for Web Application Security.
Feel free to improve with your payloads
and techniques. The API key is a unique
identifi...
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name “Bro” as a
means...
Enter
SonarQube
. SonarQube empowers all developers to
write cleaner and safer code. Thousands
of automated Static Code Analysis rules,
protecting your app on multiple fronts,...
Enter
Outline Server
. Access to the free and open Internet.
Outline makes it easy to create a VPN
server, giving anyone access to the free
and open Internet. Outline allows anyone...
Enter
Arduino IDE
. This repository contains the source
code of the Arduino IDE 2.x, which is
currently in the beta stage. The Arduino
IDE 2.x is a major rewrite, sharing no
cod...
Enter
OpenWAF
. The first all-round open source Web
security protection system, more
protection than others. OpenWAF is the
first fully open source Web application
protectio...
Enter
Trivy
. Trivy is the most popular open source
security scanner, reliable, fast, and
easy to use. Use Trivy to find
vulnerabilities & IaC
misconfigurations, SBOM ...
Enter
drozer
. drozer (formerly Mercury) is the
leading security testing framework for
Android. drozer allows you to search for
security vulnerabilities in apps and
devices...
Enter
boundman
. Boundman is an advanced,
user-friendly, and sleek application
designed to take control over your
network connections. It allows you to
efficiently manage and...
Enter
truffleHog
. truffleHog searches through git
repositories for high entropy strings
and secrets, digging deep into commit
history. TruffleHog runs behind the
scenes to sca...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program. The interface font size is big
for ease of access. You can download
source code that can be found in
'source c...
Enter
tfsec
. tfsec is a static analysis security
scanner for your Terraform code.
Designed to run locally and in your CI
pipelines, developer-friendly output and
fully do...
Enter
Rancher
. From datacenter to cloud to edge,
Rancher lets you deliver
Kubernetes-as-a-Service. Rancher is a
complete software stack for teams
adopting containers. It ad...
Enter
DVWA
. Damn Vulnerable Web App (DVWA) is a
PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an
aid for security professionals to test
the...
Enter
DevSec Hardening
. Hardening adds a layer into your
automation framework, that configures
your operating systems and services. It
takes care of difficult settings,
compliance g...
Enter
Java Sec Code
. Java sec code is a very powerful and
friendly project for learning Java
vulnerability code. This project can
also be called Java vulnerability code.
Each vul...
Enter
CrowdSec
. CrowdSec - an open-source massively
multiplayer firewall able to analyze
visitor behavior & provide an
adapted response to all kinds of
attacks. It also ...
Enter
Java Client for Google Maps Services
. This library brings the Google Maps
API Web Services to your server-side
Java application. Each Google Maps Web
Service request requires an API key. API
keys...
Enter
frida
. Dynamic instrumentation toolkit for
developers, reverse-engineers, and
security researchers. Inject your own
scripts into black box processes. Hook
any funct...
Enter
FOSUserBundle
. The FOSUserBundle adds support for a
database-backed user system in
Symfony2+. It provides a flexible
framework for user management that aims
to handle commo...
Enter
rkt
. rkt (pronounced like a
"rocket") is a CLI for running
application containers on Linux. rkt is
designed to be secure, composable, and
standards-based....
Enter
Wapiti
. Wapiti is a vulnerability scanner for
web applications. It currently search
vulnerabilities like XSS, SQL and XPath
injections, file inclusions, command
exec...
Enter
CloudQuery
. CloudQuery extracts, transforms and
loads your cloud assets into normalized
PostgreSQL tables. CloudQuery enables
you to assess, audit, and monitor the
confi...
Enter
InQL Scanner
. A security testing tool to facilitate
GraphQL technology security auditing
efforts. InQL can be used as a
stand-alone script or as a Burp Suite
extension. Si...
Enter
Django Hijack
. With Django Hijack, admins can log in
and work on behalf of other users
without having to know their
credentials. 3.x docs are available in
the docs folder. ...
Enter
drozer
. drozer (formerly Mercury) is the
leading security testing framework for
Android. drozer allows you to search for
security vulnerabilities in apps and
devices...
Enter
OpenWAF
. The first all-round open source Web
security protection system, more
protection than others. OpenWAF is the
first fully open source Web application
protectio...
Enter
SonarQube
. SonarQube empowers all developers to
write cleaner and safer code. Thousands
of automated Static Code Analysis rules,
protecting your app on multiple fronts,...
Enter
Slim Toolkit
. Inspect, Optimize and Debug Your
Containers. You don't have to change
anything in your application images to
make them smaller! Keep doing what you
are d...
Enter
truffleHog
. truffleHog searches through git
repositories for high entropy strings
and secrets, digging deep into commit
history. TruffleHog runs behind the
scenes to sca...
Enter
LibSecRm - Secure Removal Library
. LibSecRm (LIBrary for SECure ReMoval)
is a set of replacements for these
standard C functions which cause data
removing from files. The data is first
securel...
Enter
Rancher
. From datacenter to cloud to edge,
Rancher lets you deliver
Kubernetes-as-a-Service. Rancher is a
complete software stack for teams
adopting containers. It ad...
Enter
multiOTP open source
. multiOTP is a PHP class, a powerful
command line utility and a web interface
developed by SysCo systčmes de
communication sa in order to provide a
completely...
Enter
Lantern
. Can't access your favorite apps?
Download Lantern to easily access
videos, messaging, and other popular
apps while at school or work. Lantern is
an appli...
Enter
DVWA
. Damn Vulnerable Web App (DVWA) is a
PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an
aid for security professionals to test
the...
Enter
Keeper Wallet
. High-security wallet with swapping
capabilities. Keeper Wallet is your
entry point to the Waves blockchain and
Waves-powered web services. Seed phrases
and p...
Enter
Wapiti
. Wapiti is a vulnerability scanner for
web applications. It currently search
vulnerabilities like XSS, SQL and XPath
injections, file inclusions, command
exec...
Enter
CloudQuery
. CloudQuery extracts, transforms and
loads your cloud assets into normalized
PostgreSQL tables. CloudQuery enables
you to assess, audit, and monitor the
confi...
Enter
Ajv JSON schema validator
. Security and reliability for
JavaScript applications. Ensure your
data is valid as soon as it's
received. Instead of having your data
validation and sani...
Enter
InQL Scanner
. A security testing tool to facilitate
GraphQL technology security auditing
efforts. InQL can be used as a
stand-alone script or as a Burp Suite
extension. Si...
Enter
Online Songbook
. The Online Songbook is a web
interface to a database of songs. Allows
users to collaboratively edit songs in
ChordPro format, create and share
collections of...
Enter
Zero Site Protector
. The zero-site-protector plugin is a
powerful security tool for your website
that provides multiple layers of
protection to safeguard against
unauthorized acc...
Enter
microsoft telemetry-tools
. complete set of tools for windows
security analysis and protection.
Categories:Security, Vulnerability
Scanners...
Enter
mimikatz
. mimikatz is a tool that makes some
"experiments" with Windows
security. It's well-known to extract
plaintexts passwords, hash, PIN code and
kerbe...
Enter
Authme
. Features:Secure: Your codes is
secured by AES 256bit encrypton and your
own password.Import: You can directly
import from Google Authenticator or from
any 2F...
Enter
MaddCrypt
. MaddCrypt is a simple application
that focuses on protection, encryption,
and obfuscation for dotNET application.
Designed with high-end features,
MaddCrypt ...
Enter
Tiki Wiki CMS Groupware
. "Software made the wiki way"
A full-featured, web-based, tightly
integrated, all-in-one
Wiki+CMS+Groupware, Free Source Software
(GNU/LGPL), using PH...
Enter
Naeon
. Naeon is a secure cloud storage
solution that uses unbreakable
military-grade encryption and
zero-knowledge privacy to protect
confidential data in an untrus...
Enter
Arm Mbed OS
. Arm Mbed OS is an open source
embedded operating system specifically
designed for the Internet of Things.
It’s packed with all the features you
need to devel...
Enter
Tutanota
. Tutanota is an open source email
client focused on security and privacy.
It is built with end-to-end encryption
and 2FA, so you can be assured of utmost
emai...
Enter
AWS Nitro Enclaves SDK for C
. This repo provides a C API for AWS
Nitro Enclaves, including a KMS SDK that
integrates it with attestation. The
simplest way to use this SDK is by using
one ...
Enter
apk-mitm
. Inspecting a mobile app's HTTPS
traffic using a proxy is probably the
easiest way to figure out how it works.
However, with the Network Security
Configur...
Enter
CrossC2 framework
. Support CobaltStrike's security
assessment of other platforms
(Linux/MacOS/.), and include the
development support of Unix
post-penetration module. Featu...
Enter
HPN-SSH
. HPN-SSH is a series of performance
patches for OpenSSH. By addressing
network limitations and CPU limitations
significant throughput performance can
be reali...
Enter
Authme
. Features:Secure: Your codes is
secured by AES 256bit encrypton and your
own password.Import: You can directly
import from Google Authenticator or from
any 2F...
Enter
Stegcore
. Stegcore is a crypto-stego
application that carries out
steganography using text cryptography
and the least significant bit method to
secure text data such a...
Enter
Naeon
. Naeon is a secure cloud storage
solution that uses unbreakable
military-grade encryption and
zero-knowledge privacy to protect
confidential data in an untrus...
Enter
TwitterOAuth
. The most popular PHP library for use
with the Twitter OAuth REST API. The
recommended and easy as pie method is
Composer. Setup require in your projects
comp...
Enter
accounts-js
. Fullstack authentication and
accounts-management for Javascript.
Since accounts-js is very flexible, it
can be used with multiple transports.
For now we prov...
Enter
Damn Vulnerable GraphQL Application
. Damn Vulnerable GraphQL Application
is an intentionally vulnerable
implementation of Facebook's GraphQL
technology, to learn and practice
GraphQL Securit...
Enter
GoofCord
. Take control of your Discord
experience with GoofCord, the highly
configurable and privacy-focused Discord
client. Privacy first: GoofCord blocks
all trackin...
Enter
ClusterFuzz
. ClusterFuzz is a scalable fuzzing
infrastructure that finds security and
stability issues in software. Google
uses ClusterFuzz to fuzz all Google
products an...
Enter
express-openapi-validator
. Auto-validates api requests,
responses, and securities using
ExpressJS and an OpenAPI 3.x
specification. Express-openapi-validator
is an unopinionated librar...
Enter
Retire.js
. There is a plethora of JavaScript
libraries for use on the web and in
node.js apps out there. This greatly
simplifies, but we need to stay updated
on securit...
Enter
Tutanota
. Tutanota is an open source email
client focused on security and privacy.
It is built with end-to-end encryption
and 2FA, so you can be assured of utmost
emai...
Enter
E-Certify
. It is a blockchain-based project for
online certificate validation. The major
problem of counterfeit certificates can
be tackled with the help of E-Certify, ...
Enter
html-pdf-chrome
. HTML to PDF or image (jpeg, png,
webp) converter via Chrome/Chromium.
This library is NOT meant to accept
untrusted user input. Doing so may have
serious sec...
Enter
Open Policy Agent
. Policy-based control for cloud-native
environments. Flexible, fine-grained
control for administrators across the
stack. Stop using a different policy
languag...
Enter
Ring
. This repo contains unofficial
packages to enable interaction and
automation with the majority of Ring
products. The ring-client-API is a
TypeScript package d...
Enter
Boulder
. This is an implementation of an
ACME-based CA. The ACME protocol allows
the CA to automatically verify that an
applicant for a certificate actually
controls ...
Enter
Notesnook
. Notesnook makes it impossible for
anyone to spy on your notes. Unlike
Evernote and other note taking apps,
your data is private, not open for
everyone to see...
Enter
sWAF
. sWAF is a simple Web Application
Firewall docker image, pre-configured to
be easily used within your web services
architecture. It runs NGINX as a
dedicated ...
Enter
FullDiskHash
. Get and save hashes (MD5 and SHA256)
of files in a drive or folder. In later
stages of the project, it will be
possible to compare the hashes with
previous s...
Enter
Harbor
. Harbor is an open-source trusted
cloud native registry project that
stores, signs, and scans content. Harbor
extends the open-source Docker
Distribution by a...
Enter
Zuul
. Zuul is an L7 application gateway
that offers many capabilities, including
dynamic routing, monitoring, security,
resiliency and more. It is used in the
back...
Enter
Reliese Laravel Model Generator
. Reliese Laravel Model Generator aims
to speed up the development process of
Laravel applications by providing some
convenient code-generation capabilities.
T...
Enter
John The Ripper For Windows
. John the Ripper is a free password
cracking software tool. It was designed
to test password strength, brute-force
encrypted (hashed) passwords, and crack
pas...
Enter
Spree Commerce
. Spree Commerce is a complete, free
and open source e-commerce solution
built with Ruby on Rails. It offers a
modern, mobile-first UX, optional PWA
frontend, ...
Enter
Wfuzz
. Wfuzz provides a framework to
automate web applications security
assessments and could help you to secure
your web applications by finding and
exploiting web...
Enter
Wemake Django Template
. What this project is all about? The
main idea of this project is to provide
a fully configured template for django
projects, where code quality, testing,
doc...
Enter
WAFW00F
. The Web Application Firewall
Fingerprinting Tool. Sends a normal HTTP
request and analyses the response; this
identifies a number of WAF solutions. If
that i...
Enter
apk-mitm
. Inspecting a mobile app's HTTPS
traffic using a proxy is probably the
easiest way to figure out how it works.
However, with the Network Security
Configur...
Enter
Svix
. Build a secure, reliable, and
scalable webhook platform in minutes
using the Svix webhook service. Webhooks
require a lot more engineering time,
resources an...
Enter
Tarantool
. In OLTP scenarios, Tarantool can be
used instead of relational databases.
Such a solution will work many times
faster. With Tarantool, you can replace
the tr...
Enter
CrossC2 framework
. Support CobaltStrike's security
assessment of other platforms
(Linux/MacOS/.), and include the
development support of Unix
post-penetration module. Featu...
Enter
Brim
. Desktop application to efficiently
search and analyze super-structured
data. Powered by Zed. Zed is a system
that makes data easier by utilizing our
new supe...
Enter
Step Certificates
. Open Source step-ca provides the
infrastructure, automations, and
workflows to securely create and operate
a private certificate authority. step-ca
makes it ...
Enter
Stacks
. Stacks 2.0 is a layer-1 blockchain
that connects to Bitcoin for security
and enables decentralized apps and
predictable smart contracts. Stacks 2.0
implement...
Enter
GoKart
. GoKart is a static analysis tool for
Go that finds vulnerabilities using the
SSA (single static assignment) form of
Go source code. It is capable of tracing
...
Enter
multiOTPCredentialProvider
. multiOTP Credential Provider for
multiOTP is a free and open source
implementation of a V2 Credential
Provider for the multiOTP strong
two-factor authenticat...
Enter
s2n
. s2n-tls is a C99 implementation of
the TLS/SSL protocols that is designed
to be simple, small, fast, and with
security as a priority. It is released
and lice...
Enter
Genode OS Framework
. The Genode OS Framework is a tool kit
for building highly secure
special-purpose operating systems. It
scales from embedded systems with as
little as 4 MB of...
Enter
HPN-SSH
. HPN-SSH is a series of performance
patches for OpenSSH. By addressing
network limitations and CPU limitations
significant throughput performance can
be reali...
Enter
OrientDB
. OrientDB is an Open Source
Multi-Model NoSQL DBMS with the support
of Native Graphs, Documents, Full-Text
search, Reactivity, Geo-Spatial and
Object Oriented...
Enter
Comodo Antivirus 2023 Latest Version
. Comodo Antivirus 2023 Latest Version
blocks threats like worms, trojans,
rootkits, spyware, bots, & more.
Save on Free protection against threats
to your...
Enter
cert-manager
. Automate certificate management in
cloud native environments. Cert-manager
builds on top of Kubernetes, introducing
certificate authorities and certificates
...
Enter
Google APIs Node.js Client
. Google's officially supported
Node.js client library for accessing
Google APIs. Support for authorization
and authentication with OAuth 2.0, API
Keys and...
Enter
Open-Source auth provider
. Add secure login and session
management to your apps. SDKs available
for popular languages and front-end
frameworks e.g. Node.js, Go, Python,
React.js, React...
Enter
Devtron
. Devtron deeply integrates with
products across the lifecycle of
microservices,i.e., CI, CD, security,
cost, debugging, and observability via
an intuitive web...
Enter
nopCommerce
. nopCommerce is the best open-source
eCommerce shopping cart solution.
nopCommerce is free, and it is the most
popular ASP.NET eCommerce platform. The
product...
Enter
DrWeb Antivirus 2023 Latest Version
. DrWeb Antivirus 2023 Latest Version
blocks threats like worms, trojans,
rootkits, spyware, bots, & more.
Save on Free protection against threats
to your ...
Enter
Bitwarden Client Applications
. Bitwarden client applications (web,
browser extension, desktop, and cli).
This repository houses all Bitwarden
client applications except the mobile
applicat...
Enter
Nextcloud Server
. Nextcloud server is a free and open
source server software that allows you
to store all of your data in a server of
your choosing. With Nextcloud you can
eas...
Enter
AWS Toolkit for JetBrains
. The AWS Toolkit for JetBrains makes
it easier to write applications built on
Amazon Web Services. If you come across
bugs with the toolkit or have feature re...
Enter
Clair
. Clair is an application for parsing
image contents and reporting
vulnerabilities affecting the contents.
This is done via static analysis and not
at runtime....
Enter
OpenProject
. Open source project management
software. Efficient classic, agile or
hybrid project management in a secure
environment. Take control of your data
and stay se...
Enter
cronsun
. cronsun is a distributed cron-style
job system. It's similar with
crontab on stand-alone *nix. The goal of
this project is to make it much easier
to mana...
Enter
TwitterOAuth
. The most popular PHP library for use
with the Twitter OAuth REST API. The
recommended and easy as pie method is
Composer. Setup require in your projects
comp...
Enter
cargo-crev
. A cryptographically verifiable code
review system for the cargo (Rust)
package manager. cargo-crev is an
implementation of Crev as a command-line
tool integr...
Enter
Secure
. Secure is an HTTP middleware for Go
that facilitates some quick security
wins. It's a standard net/http
Handler, and can be used with many
frameworks or ...
Enter
accounts-js
. Fullstack authentication and
accounts-management for Javascript.
Since accounts-js is very flexible, it
can be used with multiple transports.
For now we prov...
Enter
McAfee Antivirus 2023 Latest Version
. McAfee Antivirus 2023 Latest Version
blocks threats like worms, trojans,
rootkits, spyware, bots, & more.
Save on Free protection against threats
to your...
Enter
Damn Vulnerable GraphQL Application
. Damn Vulnerable GraphQL Application
is an intentionally vulnerable
implementation of Facebook's GraphQL
technology, to learn and practice
GraphQL Securit...
Enter