C Security

Open-source C projects categorized as Security

Top 23 C Security Projects

  • radare2

    UNIX-like reverse engineering framework and command-line toolset

    Project mention: Introducing YaRadare - YARA scanning for cloud-native apps (containers) | reddit.com/r/cybersecurity | 2022-07-07
  • systeminformer

    A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

    Project mention: Please make my backups work again | reddit.com/r/backblaze | 2022-11-27

    Digging through their bug tracker surfaces https://github.com/winsiderss/systeminformer/issues/1500 ("DLL injection fails if kernel driver is loaded"), which is both weird as a bug, and weird that it would interfere here (since AFAIK you don't depend on DLL injection!), and there's a commit (b7a2dfe) referenced in https://github.com/winsiderss/systeminformer/issues/1515 as "resolving a reported application compatibility problem", though I don't see how the problem the commit is resolving could be breaking things here... but those seem like potential candidates for that interference.

  • Zigi

    Close all those tabs. Zigi will handle your updates.. Zigi monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Plus it reduces cycle time by up to 75%.

  • OpenVPN

    OpenVPN is an open source VPN daemon

    Project mention: Daily General Discussion - November 28, 2022 | reddit.com/r/ethfinance | 2022-11-28

    Not being facetious, but solution #1 is to consider upgrading your router to one that does have a native VPN server, such as the TP-Link Archer AX55. It's the easiest and most convenient solution. Solution #2 would be to install OpenVPN on a dedicated machine (e.g., a Raspberry Pi) and port forward to it. You mentioned having a NAS; it likely has a VPN server package available. Here's one for Synology.

  • nmap

    Nmap - the Network Mapper. Github mirror of official SVN repository.

    Project mention: Need to Document Network | reddit.com/r/sysadmin | 2022-11-22
  • capstone

    Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

    Project mention: Installing Triton in fresh linux VM step-by-step guide (hairpull-free edition) | reddit.com/r/RELounge | 2022-10-12

    $ git clone -b next https://github.com/capstone-engine/capstone $ cd capstone $ ./make.sh $ sudo ./make.sh install $ cd ..

  • system-bus-radio

    Transmits AM radio on computers without radio transmitting hardware.

    Project mention: 20 live radio websites to jam out to - Internet radio stations, Radio map of the world, radio websites per country | reddit.com/r/Stumbledon | 2022-08-26

    https://fulldecent.github.io/system-bus-radio/ - Tested on MacBook Air / Chrome with AM tuner at 1560 kHz. See field reports for other equipment and frequencies.

  • Unicorn Engine

    Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

    Project mention: Vita3K android running Tales of Hearts R - A Glimpse of What's to come | reddit.com/r/EmulationOnAndroid | 2022-10-11

    Macdu (Vita3K dev) also stated that this game is CPU bound so they used a CPU emulator known as unicorn2 , this is also the reason for the slow speed

  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.

  • Wazuh

    Wazuh - The Open Source Security Platform

    Project mention: GitHub - wazuh/wazuh: Wazuh - The Open Source Security Platform | reddit.com/r/devopsish | 2022-11-27
  • tpotce

    🍯 T-Pot - The All In One Honeypot Platform 🐝

    Project mention: Docker in Cyber Security | reddit.com/r/cybersecurity | 2022-11-22

    I use it to run Splunk at home for testing. You can also run honeypots or use TPot.


    OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

    Project mention: IDS Sistem | reddit.com/r/HackProtectSlo | 2022-11-29
  • aircrack-ng

    WiFi security auditing tools suite

    Project mention: how to capture packets from all networks except for a select network with airodump-ng | reddit.com/r/linuxquestions | 2022-02-20
  • AFLplusplus

    The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

    Project mention: November 2022 monthly "What are you working on?" thread | reddit.com/r/ProgrammingLanguages | 2022-11-03

    1: https://github.com/ArkScript-lang/Ark 2: https://github.com/AFLplusplus/AFLplusplus

  • motion

    Motion, a software motion detector. Home page: https://motion-project.github.io/ (by Motion-Project)

    Project mention: surveillance station | reddit.com/r/selfhosted | 2022-11-28


  • Suricata

    Suricata git repository maintained by the OISF

    Project mention: Help with server build | reddit.com/r/homelab | 2022-11-21

    Active measures may include an intrusion detection system / intrusion prevention systems (IDS/IPS) such as open-source Suricata on the firewall, and installing file system integrity monitoring, such as the open-source Wazuh on the exposed server. These are combined in one open-source solution, Security Onion

  • honggfuzz

    Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

    Project mention: How to fuzz java code with jazzar? | dev.to | 2022-07-22

    Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )

  • u2f-zero

    U2F USB token optimized for physical security, affordability, and style

    Project mention: OpenSource Self-made Hardware Security Key? | reddit.com/r/selfhosted | 2022-05-19

    FWIW, there is u2f-zero — a DIY U2F token.

  • pycryptodome

    A self-contained cryptographic library for Python

    Project mention: Weird error when running revdep-rebuild (failed to split pycryptodome package) | reddit.com/r/Gentoo | 2022-08-29
  • solo1

    Solo 1 firmware in C

    Project mention: TOTP tokens on my wrist with the smartest dumb watch | news.ycombinator.com | 2022-10-18
  • openssh-portable

    Portable OpenSSH

    Project mention: Alternatives to post-quantum cryptography? | reddit.com/r/cryptography | 2022-09-08

    However if you re interested, you should check the openssh repo on Github. Just type openssh-portable in the github search bar and look for a file named kexsntrup761x25519.c https://github.com/openssh/openssh-portable/blob/master/kexsntrup761x25519.c

  • winafl

    A fork of AFL for fuzzing Windows binaries

    Project mention: How to fuzz java code with jazzar? | dev.to | 2022-07-22

    Ex ( AFL, WinAFL, HonggFuzz, LibFuzzer, Jazzer )

  • OpenSC

    Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend

    Project mention: Tillitis Security Key – Mullvad spin-off inspired by measured boot and DICE | news.ycombinator.com | 2022-09-19


    Note that "production ready" does not equate to "follow a YouTube video and write 17 lines of TypeScript." You need to know Java, you need to know crypto, and you need a few bucks to throw at the appropriate hardware. That said, the entire US DoD is built on JavaCard so it is as production grade as you can get.

  • nanos

    A kernel designed to run one and only one application in a virtualized environment

    Project mention: A kernel designed to run only one application in a virtualized environment | news.ycombinator.com | 2022-06-28
  • c-toxcore

    The future of online communications.

    Project mention: I know Privacy Guides is the new version of Privacy Tools, but even if so, do the recommendations (or at least most of them) in the old site still apply today? | reddit.com/r/PrivacyGuides | 2022-07-30

    Signal isn't falling behind and Tox is an old service that has had issues with messages being spoofable since day 1

  • Scout APM

    Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-11-29.

C Security related posts


What are some of the best open-source Security projects in C? This list will help you:

Project Stars
1 radare2 17,196
2 systeminformer 8,230
3 OpenVPN 7,814
4 nmap 7,100
5 capstone 6,016
6 system-bus-radio 5,997
7 Unicorn Engine 5,905
8 Wazuh 5,206
9 tpotce 4,177
10 OSSEC 3,822
11 aircrack-ng 3,414
12 AFLplusplus 3,230
13 motion 3,197
14 Suricata 2,849
15 honggfuzz 2,662
16 u2f-zero 2,352
17 pycryptodome 2,193
18 solo1 2,139
19 openssh-portable 2,123
20 winafl 2,039
21 OpenSC 2,014
22 nanos 1,949
23 c-toxcore 1,842
Clean code begins in your IDE with SonarLint
Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.