MCP Server (Rad Security)
. The RAD Security MCP Server is an MCP
server that provides AI-powered security
insights for Kubernetes and cloud
environments. It integrates with the RAD
Sec...
Enter
aws-security-viz
. Need a quick way to visualize your
current aws/amazon ec2 security group
configuration? aws-security-viz does
just that based on the EC2 security
group ingre...
Enter
E.System.Security
. E.System.Security is an actively
developed library for .NET that
simplifies integrating your
microservices with a Service Mesh and
provides enterprise-grade ...
Enter
MCP Server (Rad Security)
. The RAD Security MCP Server is an MCP
server that provides AI-powered security
insights for Kubernetes and cloud
environments. It integrates with the RAD
Sec...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
E.System.Security
. E.System.Security is an actively
developed library for .NET that
simplifies integrating your
microservices with a Service Mesh and
provides enterprise-grade ...
Enter
Security VMS
. Features:Intuitive, Responsive and
Resource-effective . This is an
application that can also be fetched
from
https://sourceforge.net/projects/security-vms/....
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
SCAP Security Guide
. The purpose of this project is to
create security policy content for
various platforms, Red Hat Enterprise
Linux, Fedora, Ubuntu, Debian, SUSE
Linux Enterpri...
Enter
Symfony Security Core
. Part of the Symfony framework, the
Security Core component provides the
foundational tools for managing
authentication, authorization, and
access control in ...
Enter
spring-security-jwt-guide
. This project is a comprehensive
example repository that demonstrates how
to secure a Spring Boot application
using Spring Security and JSON Web
Tokens (JWT)....
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
Claude Code Security Review
. The claude-code-security-review
repository implements a GitHub Action
that uses Claude (via the Anthropic API)
to perform semantic security audits of
code ch...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
Huorong Security
. Operation mode: EDR operation system,
network-wide threat awareness With the
Huorong terminal as the cornerstone,
while protecting users, it detects
various ...
Enter
Symfony Security Bundle
. Symfony Security Bundle is a powerful
tool for adding authentication and
authorization to Symfony applications.
It provides mechanisms for managing user
role...
Enter
Agentic Security
. The open-source Agentic LLM
Vulnerability Scanner.
Features:Customizable Rule Sets or Agent
based attacksDocumentation
availableExamples availableComprehensi...
Enter
Security VMS
. Features:Intuitive, Responsive and
Resource-effective . This is an
application that can also be fetched
from
https://sourceforge.net/projects/security-vms/....
Enter
Personal Security Checklist
. Personal Security Checklist is a
comprehensive, plain-language checklist
for improving personal digital security
and privacy across devices, accounts,
and ev...
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
SCAP Security Guide
. The purpose of this project is to
create security policy content for
various platforms, Red Hat Enterprise
Linux, Fedora, Ubuntu, Debian, SUSE
Linux Enterpri...
Enter
Symfony Security Core
. Part of the Symfony framework, the
Security Core component provides the
foundational tools for managing
authentication, authorization, and
access control in ...
Enter
Spring Security
. Spring Security is a powerful and
highly customizable authentication and
access-control framework. It is the
de-facto standard for securing
Spring-based appl...
Enter
spring-security-jwt-guide
. This project is a comprehensive
example repository that demonstrates how
to secure a Spring Boot application
using Spring Security and JSON Web
Tokens (JWT)....
Enter
Security Datasets
. Security?Datasets is a
community-driven repository maintained
by the Open Threat Research Forge (OTRF)
that curates publicly available
malicious and benign d...
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
Claude Code Security Review
. The claude-code-security-review
repository implements a GitHub Action
that uses Claude (via the Anthropic API)
to perform semantic security audits of
code ch...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Symfony Security Bundle
. Symfony Security Bundle is a powerful
tool for adding authentication and
authorization to Symfony applications.
It provides mechanisms for managing user
role...
Enter
Agentic Security
. The open-source Agentic LLM
Vulnerability Scanner.
Features:Customizable Rule Sets or Agent
based attacksDocumentation
availableExamples availableComprehensi...
Enter
FMSec - File Manager Security
. FMSec (File Manager SECurity) is a
set of extensions to file managers that
enable some security-related operations
to be easily performed. The operations
are...
Enter
OWASP Juice Shop
. OWASP Juice Shop is probably the most
modern and sophisticated insecure web
application! It can be used in security
trainings, awareness demos, CTFs and as
a...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
FMSec - File Manager Security
. FMSec (File Manager SECurity) is a
set of extensions to file managers that
enable some security-related operations
to be easily performed. The operations
are...
Enter
DefectDojo
. DefectDojo is a security
orchestration and vulnerability
management platform. DefectDojo allows
you to manage your application security
program, maintain pro...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
KubeArmor
. KubeArmor is a runtime Kubernetes
security engine. It uses eBPF and Linux
Security Modules(LSM) for fortifying
workloads based on Cloud Containers,
IoT/Edge,...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
Deffend.net Otus
. Deffend.net Otus aims to help small
companies and individuals to avoid cyber
security threats through cyber hygiene.
It runs on Windows desktop and looks for...
Enter
Sihas
. Deffend.net Sihas aims to help small
companies and individuals to avoid cyber
security threats through cyber hygiene.
It runs on Windows desktop and looks fo...
Enter
Docker Scout CLI
. Designed to identify security issues,
outdated packages, and potential
compliance problems within container
images, Docker Scout surfaces dependency
vulnerab...
Enter
Kubescape
. An open-source Kubernetes security
platform for your clusters, CI/CD
pipelines, and IDE that seperates out
the security signal from the scanner
noise. Kubesc...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
KubeArmor
. KubeArmor is a runtime Kubernetes
security engine. It uses eBPF and Linux
Security Modules(LSM) for fortifying
workloads based on Cloud Containers,
IoT/Edge,...
Enter
ZAP
. The OWASP Zed Attack Proxy (ZAP) is
one of the world’s most popular free
security tools and is actively
maintained by a dedicated international
team of volun...
Enter
Stacklok Minder
. Minder by Stacklok is an open source
platform that helps development teams
and open source communities build more
secure software, and prove to others
that w...
Enter
Tetragon
. Tetragon is a flexible
Kubernetes-aware security observability
and runtime enforcement tool that
applies policy and filtering directly
with eBPF, allowing fo...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
Tracee
. Tracee is a runtime security and
observability tool that helps you
understand how your system and
applications behave. It is using eBPF
technology to tap int...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
Arkime
. Arkime is an open source,
large-scale, full packet capturing,
indexing, and database system designed
to augment existing security
infrastructure by storing a...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
Sn1per
. Sn1per Professional is an all-in-one
offensive security platform that
provides a comprehensive view of your
internal and external attack surface and
offers a...
Enter
Custom Erase Algorithm by Mariano Ortu
. This project provides a secure file
deletion algorithm designed to
permanently erase data by overwriting
files with customizable patterns. It
ensures that de...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
Algo VPN
. Introducing Algo, a self-hosted
personal VPN server designed for ease of
deployment and security. Algo
automatically deploys an on-demand VPN
service in the ...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
Sploitware
. sploitware is a curated repository
that maps the world of exploit
development, offensive security, and
binary exploitation into organized
learning material. ...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
Tracee
. Tracee is a runtime security and
observability tool that helps you
understand how your system and
applications behave. It is using eBPF
technology to tap int...
Enter
firejail
. Firejail is a SUID program that
reduces the risk of security breaches by
restricting the running environment of
untrusted applications using Linux
namespaces...
Enter
OSCAL
. NIST is developing the Open Security
Controls Assessment Language (OSCAL), a
set of hierarchical, XML-, JSON-, and
YAML-based formats that provide a
standard...
Enter
lynis
. Lynis is a battle-tested security
tool for systems running Linux, macOS,
or Unix-based operating system. It
performs an extensive health scan of
your systems...
Enter
Arkime
. Arkime is an open source,
large-scale, full packet capturing,
indexing, and database system designed
to augment existing security
infrastructure by storing a...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
Is Website Vulnerable
. A command-line tool that scans
websites for known security
vulnerabilities in their frontend
dependencies by checking against the
Snyk vulnerability database...
Enter
fleet
. Fleet exposes familiar concepts from
traditional MDMs like custom attributes
and dynamic grouping, but in a way that
lets you work directly with data and eve...
Enter
FATE
. FATE (Federated AI Technology
Enabler) is the world's first
industrial grade federated learning open
source framework to enable enterprises
and instituti...
Enter
GuardDog
. guarddog is an open-source security
tool by DataDog designed to detect risks
in open-source dependencies. It helps
developers analyze software supply chain
r...
Enter
Custom Erase Algorithm by Mariano Ortu
. This project provides a secure file
deletion algorithm designed to
permanently erase data by overwriting
files with customizable patterns. It
ensures that de...
Enter
OSS-Fuzz
. OSS-Fuzz is a large-scale fuzz
testing platform developed by Google to
improve the security and reliability of
widely used open source software. Fuzz
testing...
Enter
Paseto
. Paseto (Platform-Agnostic Security
Tokens) is an open-source security token
format designed as a more secure
alternative to JWT (JSON Web Tokens).
Unlike JWT...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
Algo VPN
. Introducing Algo, a self-hosted
personal VPN server designed for ease of
deployment and security. Algo
automatically deploys an on-demand VPN
service in the ...
Enter
Infosec Reference
. Infosec Reference is a curated
knowledge base and resource repository
for information security practitioners.
It aggregates cheat sheets, tooling
guides, pro...
Enter
Prueba
. This is an application that can also
be fetched from
https://sourceforge.net/projects/prueba/.
It has been hosted in OnWorks in order
to be run online in an ...
Enter
Sploitware
. Sploitware is a curated repository
that maps the world of exploit
development, offensive security, and
binary exploitation into organized
learning material. ...
Enter
firejail
. Firejail is a SUID program that
reduces the risk of security breaches by
restricting the running environment of
untrusted applications using Linux
namespaces...
Enter
Laravel CSP
. By default, all scripts on a webpage
are allowed to send and fetch data to
any site they want. This can be a
security problem. Imagine one of your
JavaScript...
Enter
LSG - Linux SecureGuard
. Professional antivirus solution
developed for Linux systems. Protects
your Linux servers and desktop systems
with real-time protection, network
security and ...
Enter
BunkerWeb
. Being a full-featured web server
(based on NGINX under the hood), it will
protect your web services to make them
"secure by default". BunkerWeb
integ...
Enter
Is Website Vulnerable
. A command-line tool that scans
websites for known security
vulnerabilities in their frontend
dependencies by checking against the
Snyk vulnerability database...
Enter
fleet
. Fleet exposes familiar concepts from
traditional MDMs like custom attributes
and dynamic grouping, but in a way that
lets you work directly with data and eve...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
Deckhouse
. Deckhouse is a Kubernetes platform
that allows you to create homogeneous
K8s clusters on any infrastructure. It
manages clusters comprehensively and
“automag...
Enter
Vault
. Manage secrets and protect sensitive
data. Secure, store and tightly control
access to tokens, passwords,
certificates, encryption keys for
protecting secret...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
GuardDog
. guarddog is an open-source security
tool by DataDog designed to detect risks
in open-source dependencies. It helps
developers analyze software supply chain
r...
Enter
Wazuh
. Wazuh is an open-source, unified
security platform that delivers extended
detection and response (XDR) and SIEM
capabilities for on-premises, cloud,
containe...
Enter
OWASP Amass
. The OWASP Amass Project has developed
a tool to help information security
professionals perform network mapping of
attack surfaces and perform external
asset...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
Paseto
. Paseto (Platform-Agnostic Security
Tokens) is an open-source security token
format designed as a more secure
alternative to JWT (JSON Web Tokens).
Unlike JWT...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
url-checker-php-sdk
. The EmailVeritas URL Checker PHP SDK
provides real-time phishing and
malicious link detection through the
official EmailVeritas API. It enables
developers to...
Enter
Prueba
. This is an application that can also
be fetched from
https://sourceforge.net/projects/prueba/.
It has been hosted in OnWorks in order
to be run online in an ...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
thc-hydra
. Number one of the biggest security
holes are passwords, as every password
security study shows. This tool is a
proof of concept code, to give
researchers and...
Enter
Laravel CSP
. By default, all scripts on a webpage
are allowed to send and fetch data to
any site they want. This can be a
security problem. Imagine one of your
JavaScript...
Enter
Spring Boot Demo
. This repository is a hands-on, “deep
learning by doing” collection of Spring
Boot demos that you can run and study
module by module. It currently includes
66...
Enter
Sigma
. Welcome to the Sigma main rule
repository. The place where detection
engineers, threat hunters and all
defensive security practitioners
collaborate on detect...
Enter
Pacu
. Pacu (named after a type of Piranha
in the Amazon) is a comprehensive AWS
security-testing toolkit designed for
offensive security practitioners. While
sever...
Enter
Trivy Operator
. The Trivy Operator leverages Trivy to
continuously scan your Kubernetes
cluster for security issues. The scans
are summarised in security reports as
Kubernet...
Enter
BoringSSL
. BoringSSL is a Google-maintained fork
of OpenSSL, designed specifically to
meet the security, performance, and
maintainability needs of Google’s
infrastructu...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
Digital Signer (a PDF Signing software)
. Digital Signer is a powerful and
user-friendly software designed to
secure and authenticate your digital
documents with ease. Ideal for
individuals, business...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
HexStrike AI MCP Agents
. HexStrike AI is an MCP server that
lets LLM agents autonomously operate a
large catalog of offensive-security
tools. Its goal is to bridge “language
models” ...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
NPQ
. npq is a security-focused package
manager that analyzes npm dependencies
for potential vulnerabilities before
installation. It helps developers ensure
the sa...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
Go Safe Web
. go-safeweb is a security-focused HTTP
framework for Go that bakes in secure
defaults so common web vulnerabilities
are harder to introduce. Instead of
leavin...
Enter
Application Inspector
. Microsoft Application Inspector is a
software source code characterization
tool that helps identify coding features
of first or third party software
componen...
Enter
Wazuh
. Wazuh is an open-source, unified
security platform that delivers extended
detection and response (XDR) and SIEM
capabilities for on-premises, cloud,
containe...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
Arcjet
. Arcjet helps developers protect their
apps in just a few lines of code.
Implement rate limiting, bot protection,
email verification, and defense against
comm...
Enter
tirreno
. The open-source security analytics.
tirreno helps you to understand,
monitor, and protect your platforms from
cyber fraud, account threats, and abuse.
Proact...
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name “Bro” as a
means...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
url-checker-php-sdk
. The EmailVeritas URL Checker PHP SDK
provides real-time phishing and
malicious link detection through the
official EmailVeritas API. It enables
developers to...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
amazon-vpc-resource-controller-k8s
. Controller for managing Trunk &
Branch Network Interfaces on EKS Cluster
using Security Group For Pod feature and
IPv4 Addresses for Windows Node. Contro...
Enter
thc-hydra
. Number one of the biggest security
holes are passwords, as every password
security study shows. This tool is a
proof of concept code, to give
researchers and...
Enter
StackRox Kubernetes
. The StackRox Kubernetes Security
Platform performs a risk analysis of the
container environment, delivers
visibility and runtime alerts, and
provides recomme...
Enter
Passbolt API
. Passbolt API is an open-source
password manager designed for teams. It
allows users to securely store and share
passwords using end-to-end encryption.
Passbo...
Enter
secure-electron-template
. A current electron app template with
the most popular frameworks, designed
and built with security in mind. Once
cloned, install the dependencies for the
rep...
Enter
Spring Boot Demo
. This repository is a hands-on, “deep
learning by doing” collection of Spring
Boot demos that you can run and study
module by module. It currently includes
66...
Enter
Trivy Operator
. The Trivy Operator leverages Trivy to
continuously scan your Kubernetes
cluster for security issues. The scans
are summarised in security reports as
Kubernet...
Enter
GPS Track Server
. A small server-side application is
dedicated to provide TCP-packets
response and basic logging functionality
from operating low cost commercially
available G...
Enter
Sigma
. Welcome to the Sigma main rule
repository. The place where detection
engineers, threat hunters and all
defensive security practitioners
collaborate on detect...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
Lexik JWT Authentication Bundle
. LexikJWTAuthenticationBundle is a
Symfony bundle that provides JWT (JSON
Web Token) authentication for RESTful
APIs. It simplifies the process of
generating ...
Enter
WipeFreeSpace
. WipeFreeSpace is a program to
securely erase/wipe/overwrite the free
space on file systems to prevent
recovery of deleted sensitive data. This
allows protect...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program . In the interface font size is
big for ease of access. You can download
source code that can be found in
'sour...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
HexStrike AI MCP Agents
. HexStrike AI is an MCP server that
lets LLM agents autonomously operate a
large catalog of offensive-security
tools. Its goal is to bridge “language
models” ...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Media-Cert
. The Re-launch is now ready and live.
Feel free to try and enjoy it out.
Should you experience any issues just
create a ticket and I will look into it
asap. T...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
NPQ
. npq is a security-focused package
manager that analyzes npm dependencies
for potential vulnerabilities before
installation. It helps developers ensure
the sa...
Enter
SafeBox
. A free and Open-Source File
Encryption and Decryption app with GUI
(Graphical User Interface) and CLI
(Command Line Interface) that help you
to protect your ...
Enter
Go Safe Web
. go-safeweb is a security-focused HTTP
framework for Go that bakes in secure
defaults so common web vulnerabilities
are harder to introduce. Instead of
leavin...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
Application Inspector
. Microsoft Application Inspector is a
software source code characterization
tool that helps identify coding features
of first or third party software
componen...
Enter
CaptfEncoder
. Captfencoder is a rapid
cross-platform network security tool
suite, providing network
security-related code conversion,
classical cryptography, cryptography,...
Enter
Java Sec Code
. Java sec code is a very powerful and
friendly project for learning Java
vulnerability code. This project can
also be called Java vulnerability code.
Each vul...
Enter
Java Client for Google Maps Services
. This library brings the Google Maps
API Web Services to your server-side
Java application. Each Google Maps Web
Service request requires an API key. API
keys...
Enter
QuickPasswordGenerator
. This program generate random password
of a specified length, with numbers,
upper and lowercase letters and special
symbols. Features:Small size.Easy
interfac...
Enter
LibreSign
. Simplify your digital signatures and
document management safely and
efficiently. Beyond offering agility and
security in digital signatures and
document mana...
Enter
FOSUserBundle
. The FOSUserBundle adds support for a
database-backed user system in
Symfony2+. It provides a flexible
framework for user management that aims
to handle commo...
Enter
rkt
. rkt (pronounced like a
"rocket") is a CLI for running
application containers on Linux. rkt is
designed to be secure, composable, and
standards-based....
Enter
Zen Browser
. Experience tranquillity while
browsing the web without people tracking
you. Beautifully designed,
privacy-focused, and packed with
features. We care about yo...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
SonarQube
. SonarQube empowers all developers to
write cleaner and safer code. Thousands
of automated Static Code Analysis rules,
protecting your app on multiple fronts,...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
Django Hijack
. With Django Hijack, admins can log in
and work on behalf of other users
without having to know their
credentials. 3.x docs are available in
the docs folder. ...
Enter
tirreno
. The open-source security analytics.
tirreno helps you to understand,
monitor, and protect your platforms from
cyber fraud, account threats, and abuse.
Proact...
Enter
Arcjet
. Arcjet helps developers protect their
apps in just a few lines of code.
Implement rate limiting, bot protection,
email verification, and defense against
comm...
Enter
nodejsscan
. Static security code scanner (SAST)
for Node.js applications powered by
libsast and semgrep. nodejsscan is a
static security code scanner for Node.js
applica...
Enter
Trivy
. Trivy is the most popular open source
security scanner, reliable, fast, and
easy to use. Use Trivy to find
vulnerabilities & IaC
misconfigurations, SBOM ...
Enter
nebula
. Nebula is a scalable overlay
networking tool with a focus on
performance, simplicity and security. It
lets you seamlessly connect computers
anywhere in the w...
Enter
truffleHog
. truffleHog searches through git
repositories for high entropy strings
and secrets, digging deep into commit
history. TruffleHog runs behind the
scenes to sca...
Enter
readpe
. readpe (formerly known as pev) is a
multiplatform toolkit to work with PE
(Portable Executable) binaries. Its main
goal is to provide feature-rich tools
for ...
Enter
Payloads All The Things
. A list of useful payloads and
bypasses for Web Application Security.
Feel free to improve with your payloads
and techniques. The API key is a unique
identifi...
Enter
LibHideIP - An IP-hiding library
. LibHideIP is a library that
on-the-fly (by preloading) prevents
programs from knowing your IP address.
This makes them unable to know and
reveal your locatio...
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name “Bro” as a
means...
Enter
Passbolt API
. Passbolt API is an open-source
password manager designed for teams. It
allows users to securely store and share
passwords using end-to-end encryption.
Passbo...
Enter
Outline Server
. Access to the free and open Internet.
Outline makes it easy to create a VPN
server, giving anyone access to the free
and open Internet. Outline allows anyone...
Enter
Cipherbox
. Cipherbox is what I consider to be a
cryptographic swiss knife. It utilizes
six encryption algorithms, and it's
also a vault that's locked with four
...
Enter
Arduino IDE
. This repository contains the source
code of the Arduino IDE 2.x, which is
currently in the beta stage. The Arduino
IDE 2.x is a major rewrite, sharing no
cod...
Enter
OpenWAF
. The first all-round open source Web
security protection system, more
protection than others. OpenWAF is the
first fully open source Web application
protectio...
Enter
drozer
. drozer (formerly Mercury) is the
leading security testing framework for
Android. drozer allows you to search for
security vulnerabilities in apps and
devices...
Enter
Wapiti
. Wapiti is a vulnerability scanner for
web applications. It currently search
vulnerabilities like XSS, SQL and XPath
injections, file inclusions, command
exec...
Enter
boundman
. Boundman is an advanced,
user-friendly, and sleek application
designed to take control over your
network connections. It allows you to
efficiently manage and...
Enter
Lexik JWT Authentication Bundle
. LexikJWTAuthenticationBundle is a
Symfony bundle that provides JWT (JSON
Web Token) authentication for RESTful
APIs. It simplifies the process of
generating ...
Enter
Rancher
. From datacenter to cloud to edge,
Rancher lets you deliver
Kubernetes-as-a-Service. Rancher is a
complete software stack for teams
adopting containers. It ad...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program. The interface font size is big
for ease of access. You can download
source code that can be found in
'source c...
Enter
frida
. Dynamic instrumentation toolkit for
developers, reverse-engineers, and
security researchers. Inject your own
scripts into black box processes. Hook
any funct...
Enter
windows_hardening
. This repository, also known as
HardeningKitty, is a comprehensive
Windows hardening checklist for personal
and enterprise environments. It
translates securit...
Enter
tfsec
. tfsec is a static analysis security
scanner for your Terraform code.
Designed to run locally and in your CI
pipelines, developer-friendly output and
fully do...
Enter
DevSec Hardening
. Hardening adds a layer into your
automation framework, that configures
your operating systems and services. It
takes care of difficult settings,
compliance g...
Enter
