Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Security Open-Source Projects
-
the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
-
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
-
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
-
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
-
hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
-
-
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
-
-
-
-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
8. Security Knowledge Base: - Utilize resources like The-book-of-secret-knowledge (e.g., https://github.com/trimstray/the-book-of-secret-knowledge) and Awesome-Hacking (e.g., https://github.com/Hack-with-Github/Awesome-Hacking) to build a knowledge base. - Extract relevant security information and create a structured knowledge base within SecurIoT. - Implement functionality to query and retrieve security information from the knowledge base. - Thoroughly test the knowledge base integration, ensuring accurate retrieval of security knowledge.
8. Security Knowledge Base: - Utilize resources like The-book-of-secret-knowledge (e.g., https://github.com/trimstray/the-book-of-secret-knowledge) and Awesome-Hacking (e.g., https://github.com/Hack-with-Github/Awesome-Hacking) to build a knowledge base. - Extract relevant security information and create a structured knowledge base within SecurIoT. - Implement functionality to query and retrieve security information from the knowledge base. - Thoroughly test the knowledge base integration, ensuring accurate retrieval of security knowledge.
course Computer science is very wast field the fundamental remains same, learn basic fundamentals, data structures, concepts of object oriented programming.
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
These projects use Caddy as my local development server, Dart Sass for converting my Sass files to CSS, elm, elm-format, elm-optimize-level-2, elm-review, elm-test (only in Calculator), ShellCheck to find bugs in my shell scripts, and Terser to mangle and compress JavaScript code.
Metasploit
sqlmap
Project mention: Show HN: WireHole New UI Makes Managing WireGuard Clients Easy | news.ycombinator.com | 2023-10-27
Cross Site Scripting Prevention Cheat Sheet from OWASP Cheat Sheet Series
Not by default but a blocklist can be found here https://github.com/StevenBlack/hosts
// SPDX-License-Identifier: GPL-3.0 pragma solidity ^0.8.20; import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v5.0.0/contracts/token/ERC20/ERC20.sol"; interface Sfs { function register(address _recipient) external returns (uint256 tokenId); } contract ModeToken is ERC20 { address feeReceiver = msg.sender; constructor() ERC20("ModeTokenSFSTest", "SFST2") { //Example amount to mint our ERC20 _mint(msg.sender, 1000 10 * 18); // This is the SFS contract address on testnet Sfs sfsContract = Sfs(0xBBd707815a7F7eb6897C7686274AFabd7B579Ff6); //Registers this contract and assigns the NFT //to the deployer of this contract sfsContract.register(msg.sender); } }
Project mention: Can't get it to run after installation, although running vpn from this pi before | /r/pivpn | 2023-12-06I can't connect to VPN. I have run VPN on this Raspberry Pi via IPsec. All of a sudden it stopped working. I tried installing IPsec on another Raspberry Pi, with no success, the same problem. I can't connect.
4. Trivy: https://github.com/aquasecurity/trivy Trivy is a versatile tool that scans for vulnerabilities in your containers, and also checks for vulnerabilities in your application dependencies.
Perhaps the OP means OsQuery: https://github.com/osquery/osquery
OsQuery is an SQLite extension consisting of hundreds of virtual tables
In this article we'll be using Keycloak to secure a Vue.js Web application. We're going to leverage oidc-client-ts to integrate OIDC authentication with the Vue app. The oidc-client-ts package is a well-maintained and used library. It provides a lot of utilities for building out a fully production app.
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
Project mention: Passkey Implementation: Misconceptions, pitfalls and unknown unknowns | news.ycombinator.com | 2024-05-02
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Security related posts
-
To developers: you must not reqire a password from users
-
Passkey Implementation: Misconceptions, pitfalls and unknown unknowns
-
How to Implement Authorization in React JS
-
New startup sells coffee through SSH and exclusively through SSH
-
Access Google Cloud Secret Manager via Google Apps Script
-
Cloud Security and Resilience: DevSecOps Tools and Practices
-
Systemd Wants to Expand to Include a Sudo Replacement
-
A note from our sponsor - InfluxDB
www.influxdata.com | 3 May 2024
Index
What are some of the best open-source Security projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | the-book-of-secret-knowledge | 129,664 |
| 2 | Awesome-Hacking | 77,501 |
| 3 | cs-video-courses | 64,846 |
| 4 | PayloadsAllTheThings | 56,831 |
| 5 | Caddy | 53,904 |
| 6 | x64dbg | 43,229 |
| 7 | mitmproxy | 34,408 |
| 8 | Metasploit | 32,848 |
| 9 | SQLMap | 30,623 |
| 10 | algo | 28,315 |
| 11 | nginxconfig.io | 27,083 |
| 12 | CheatSheetSeries | 26,553 |
| 13 | hosts | 25,494 |
| 14 | openzeppelin-contracts | 24,143 |
| 15 | setup-ipsec-vpn | 24,026 |
| 16 | API-Security-Checklist | 21,983 |
| 17 | trivy | 21,388 |
| 18 | OSQuery | 21,361 |
| 19 | macOS-Security-and-Privacy-Guide | 20,889 |
| 20 | Keycloak | 19,946 |
| 21 | radare2 | 19,637 |
| 22 | authelia | 19,578 |
| 23 | keepassxc | 19,253 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com