Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 C Security Projects
-
systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
Unicorn Engine
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
-
capstone
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
-
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
-
Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
-
honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
-
unikraft
A next-generation cloud native kernel designed to unlock best-in-class performance, security primitives and efficiency savings.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
System Informer is a versatile system management tool designed to seamlessly monitor and analyze system resources, troubleshoot software issues, and identify potential malware threats. Offers system activity overviews, intuitive graphs, real-time statistics, active network connection monitoring, detailed disk access information, intricate stack trace analysis, and much more. evily2k describes it "like process explorer on steroids. Allows me to kill process that task manager would say access denied."
OpenVPN is hiring! https://openvpn.net/
C++ Developer in the United States. Full-time| Fully remote| Flexible work schedules
Link to look at vacancy details and apply:
Project mention: NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite | news.ycombinator.com | 2024-01-26https://github.com/nmap/nmap/issues/635
This looks like a reasonable mitigation for the lack of native JSON output.
There is currently no feature for excluding specific SCA rules however this feature has been requested here and would be added to the roadmap for future releases.
Project mention: Unicorn: Lightweight multi-platform, multi-architecture CPU emulator framework | news.ycombinator.com | 2023-11-19
Project mention: Rise: Accelerate the Development of Open Source Software for RISC-V | news.ycombinator.com | 2023-05-31Maybe then they can help us with the Capstone[1][2] disassembly engine auto-sync (automatic synchronization from the LLVM TableGen files) effort[3]. ARMv7, ARMv8/9, PowerPC are nearly finished, and MIPS in in near-term plans. Nobody stepped in for RISC-V yet.
[1] http://www.capstone-engine.org/
[2] https://github.com/capstone-engine/capstone
[3] https://github.com/capstone-engine/capstone/issues/2015
As opposed to AM: https://fulldecent.github.io/system-bus-radio/
Have a look at tpot created by Deutsche Telekom. https://github.com/telekom-security/tpotce
Project mention: Official /r/rust "Who's Hiring" thread for job-seekers and job-offerers [Rust 1.70] | /r/rust | 2023-06-03I contribute to open-source WiFi cybersecurity related projects such as aircrack-ng and hcxdumptool. Besides that, embedded systems are close to my heart so I always work on some STM32 or ESP32 based side project. Some of them are available on GitHub:
Project mention: Decoding C/C++ Compilation Process: From Source Code to Binary | /r/cpp | 2023-06-08It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.
Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.
I am a bit confused, there are three sites:
* https://nanos.org/
* https://nanovms.com/
* https://ops.city/
And I am not sure what "thing" I am using. Is there some disambiguation? I know is OPS is the orchestration CLI, but I am confused at the difference between Nanos and NanoVMs. What should I call the section of my README that deals with this tech? Currently gone with Nanos/OPS but I am confused.
Just for the record, for nicer inspection of files with such debug information, including compressed sections, and debuginfod support, Rizin[1] can be used, since starting from the 0.7.0 release[2] all of those were added.
[1] https://rizin.re
[2] https://github.com/rizinorg/rizin/releases/tag/v0.7.0
Project mention: How do you put your private key files (.ppk) on a security key (HYPERFIDO U2F/FIDO2/HOTP) ? | /r/sysadmin | 2023-10-25
Project mention: Thetis, Yubikey, Solokey, Nitrokey, Onlykey, etc. Differences and Compatability? | /r/PrivacyGuides | 2023-05-03
C Security related posts
- Sandboxing All the Things with Flatpak and BubbleBox
- Are hackers watching your screen right now?
- Tox Core is one of the nicest-to-read C codebases
- Gaining kernel code execution on an MTE-enabled Pixel 8
- Aho-Corasick Algorithm
- EncroChat
- Popular XMPP App "Conversations" Removed from PlayStore by Google
-
A note from our sponsor - InfluxDB
www.influxdata.com | 27 Apr 2024
Index
What are some of the best open-source Security projects in C? This list will help you:
Project | Stars | |
---|---|---|
1 | radare2 | 19,601 |
2 | systeminformer | 10,239 |
3 | OpenVPN | 9,911 |
4 | nmap | 9,256 |
5 | Wazuh | 9,161 |
6 | Unicorn Engine | 7,141 |
7 | capstone | 7,025 |
8 | system-bus-radio | 6,138 |
9 | tpotce | 5,872 |
10 | aircrack-ng | 4,794 |
11 | AFLplusplus | 4,637 |
12 | OSSEC | 4,261 |
13 | Suricata | 4,034 |
14 | honggfuzz | 2,974 |
15 | openssh-portable | 2,807 |
16 | pycryptodome | 2,664 |
17 | tcpdump | 2,546 |
18 | nanos | 2,468 |
19 | rizin | 2,436 |
20 | OpenSC | 2,413 |
21 | u2f-zero | 2,390 |
22 | unikraft | 2,287 |
23 | solo1 | 2,260 |
Sponsored