C Security

Open-source C projects categorized as Security

Top 23 C Security Projects

  • radare2

    UNIX-like reverse engineering framework and command-line toolset

  • systeminformer

    A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

    Project mention: System Informer | /r/ITProTuesday | 2023-09-03

    System Informer is a versatile system management tool designed to seamlessly monitor and analyze system resources, troubleshoot software issues, and identify potential malware threats. Offers system activity overviews, intuitive graphs, real-time statistics, active network connection monitoring, detailed disk access information, intricate stack trace analysis, and much more. evily2k describes it "like process explorer on steroids. Allows me to kill process that task manager would say access denied."

  • Onboard AI

    ChatGPT with full context of any GitHub repo. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at app.getonboardai.com.

  • OpenVPN

    OpenVPN is an open source VPN daemon

    Project mention: Ask HN: Who is hiring? (October 2023) | news.ycombinator.com | 2023-10-02

    OpenVPN is hiring! https://openvpn.net/

    C++ Developer in the United States. Full-time| Fully remote| Flexible work schedules

    Link to look at vacancy details and apply:

  • nmap

    Nmap - the Network Mapper. Github mirror of official SVN repository.

    Project mention: NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite | news.ycombinator.com | 2024-01-26


    This looks like a reasonable mitigation for the lack of native JSON output.

  • Wazuh

    Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

    Project mention: Exclude certain CIS (sca) rules from agents | /r/Wazuh | 2023-12-11

    There is currently no feature for excluding specific SCA rules however this feature has been requested here and would be added to the roadmap for future releases.

  • Unicorn Engine

    Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

    Project mention: Unicorn: Lightweight multi-platform, multi-architecture CPU emulator framework | news.ycombinator.com | 2023-11-19
  • capstone

    Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

    Project mention: Rise: Accelerate the Development of Open Source Software for RISC-V | news.ycombinator.com | 2023-05-31

    Maybe then they can help us with the Capstone[1][2] disassembly engine auto-sync (automatic synchronization from the LLVM TableGen files) effort[3]. ARMv7, ARMv8/9, PowerPC are nearly finished, and MIPS in in near-term plans. Nobody stepped in for RISC-V yet.

    [1] http://www.capstone-engine.org/

    [2] https://github.com/capstone-engine/capstone

    [3] https://github.com/capstone-engine/capstone/issues/2015

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • system-bus-radio

    Transmits AM radio on computers without radio transmitting hardware.

    Project mention: Web FM synthesizer made with HTML5 | news.ycombinator.com | 2023-10-29

    As opposed to AM: https://fulldecent.github.io/system-bus-radio/

  • tpotce

    🍯 T-Pot - The All In One Honeypot Platform 🐝

    Project mention: Honeypot in a home lab | /r/homelab | 2023-09-06

    Have a look at tpot created by Deutsche Telekom. https://github.com/telekom-security/tpotce

  • aircrack-ng

    WiFi security auditing tools suite

    Project mention: Official /r/rust "Who's Hiring" thread for job-seekers and job-offerers [Rust 1.70] | /r/rust | 2023-06-03

    I contribute to open-source WiFi cybersecurity related projects such as aircrack-ng and hcxdumptool. Besides that, embedded systems are close to my heart so I always work on some STM32 or ESP32 based side project. Some of them are available on GitHub:

  • AFLplusplus

    The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

    Project mention: Decoding C/C++ Compilation Process: From Source Code to Binary | /r/cpp | 2023-06-08

    It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.


    OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

    Project mention: Local ignore rule on manager not working | /r/Wazuh | 2023-05-04
  • Suricata

    Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

    Project mention: Suricata VS zeek - a user suggested alternative | libhunt.com/r/suricata | 2024-01-02
  • honggfuzz

    Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

  • openssh-portable

    Portable OpenSSH

    Project mention: Terrapin Attack for prefix injection in SSH | news.ycombinator.com | 2023-12-19

    Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.

  • pycryptodome

    A self-contained cryptographic library for Python

  • u2f-zero

    U2F USB token optimized for physical security, affordability, and style

  • OpenSC

    Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend

    Project mention: How do you put your private key files (.ppk) on a security key (HYPERFIDO U2F/FIDO2/HOTP) ? | /r/sysadmin | 2023-10-25
  • rizin

    UNIX-like reverse engineering framework and command-line toolset.

    Project mention: Revng translates (i386, x86-64, MIPS, ARM, AArch64, s390x) binaries to LLVM IR | news.ycombinator.com | 2024-01-12

    Rizin[1] is also able to uplift native code to the new RzIL, which is based on the BAP Core Theory[2] and is essentially an extension of SMT theories of bitvectors, bitvector-indexed arrays of bitvectors and effects[3].

    [1] https://rizin.re/

    [2] https://binaryanalysisplatform.github.io/bap/api/master/bap-...

    [3] https://github.com/rizinorg/rizin/blob/dev/doc/rzil.md

  • solo1

    Solo 1 firmware in C

    Project mention: Thetis, Yubikey, Solokey, Nitrokey, Onlykey, etc. Differences and Compatability? | /r/PrivacyGuides | 2023-05-03
  • winafl

    A fork of AFL for fuzzing Windows binaries

    Project mention: Trying to get AFL to compile | /r/fuzzing | 2023-03-19

    I cloned the repository from https://github.com/googleprojectzero/winafl.git

  • nanos

    A kernel designed to run one and only one application in a virtualized environment

    Project mention: Kolibri OS: fits on a floppy disk, programmed using interrupts | news.ycombinator.com | 2023-11-30

    I work with https://nanos.org && https://ops.city - we can run thousands of these on commodity hardware.

  • wolfssl

    The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!

  • WorkOS

    The modern API for authentication & user identity. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-01-26.

C Security related posts


What are some of the best open-source Security projects in C? This list will help you:

Project Stars
1 radare2 19,275
2 systeminformer 10,026
3 OpenVPN 9,642
4 nmap 8,922
5 Wazuh 8,346
6 Unicorn Engine 6,996
7 capstone 6,885
8 system-bus-radio 6,115
9 tpotce 5,679
10 aircrack-ng 4,607
11 AFLplusplus 4,459
12 OSSEC 4,210
13 Suricata 3,790
14 honggfuzz 2,944
15 openssh-portable 2,690
16 pycryptodome 2,623
17 u2f-zero 2,373
18 OpenSC 2,357
19 rizin 2,320
20 solo1 2,260
21 winafl 2,203
22 nanos 2,143
23 wolfssl 2,123
The modern API for authentication & user identity.
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.