Top 23 C++ Security Projects

Security

• Add a project

1. x64dbg

   1 34 48,564 9.6 C++

   An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

   

2. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

3. keepassxc

   2 578 27,522 8.9 C++

   KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

   

   Project mention: Preparing for KDE Plasma's Last X11-Supported Release | news.ycombinator.com | 2026-06-02

4. OSQuery

   3 48 23,288 8.7 C++

   SQL powered operating system instrumentation, monitoring, and analytics.

   

   Project mention: Show HN: Network Monitor – a GUI to spot anomalous connections on your Linux | news.ycombinator.com | 2025-11-24

   Cool project, I wish we had more GUIs for these OS functions. How was your experience with GTK4 and Rust?

   And it's a bit sad that in the year of our lord 2025, the best way to get such fundamental information is by using regexes to parse a table[1], generated by a 6000-line C program[2], which is verified by (I hope I'm wrong!) a tiny test suite[3]. OSQuery[4] is also pretty cool, but it builds upon this fragile stack.

   That's something I miss from Windows, at least PowerShell has built-in commands that give you structured output.

   [1] https://github.com/grigio/network-monitor/blob/9dc470553bfdd...

   [2] https://github.com/iproute2/iproute2/blob/main/misc/ss.c

   [3] https://github.com/iproute2/iproute2/blob/main/testsuite/tes...

   [4] https://osquery.io/

5. cutter

   4 41 18,918 8.2 C++

   Free and Open Source Reverse Engineering Platform powered by rizin

   

   Project mention: Ghidra by NSA | news.ycombinator.com | 2026-02-13

6. Wazuh

   5 160 15,804 10.0 C++

   Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

   

   Project mention: Securing Test Environments from PII Leaks on a Zero-Budget Strategy | dev.to | 2026-02-03

   Use open-source auditing tools like Wazuh for intrusion detection and compliance checks.

7. monero

   6 557 10,585 9.8 C++

   Monero: the secure, private, untraceable cryptocurrency

   

   Project mention: Play Flash games on mobile with Ruffle Virtual Keyboard | dev.to | 2025-07-25

   About Monero: https://getmonero.org

8. falco

   7 55 9,022 9.3 C++

   Cloud Native Runtime Security

   

   Project mention: Postmortem: Supply Chain Attack via Compromised NPM Package 11 Caused a Production Data Leak | dev.to | 2026-04-28

   Static scanning tools like Snyk and Dependabot will always lag behind zero-day supply chain attacks – our malicious package 11.2.4 was in the wild for 72 hours before any static tool flagged it. You need runtime monitoring to catch exfiltration attempts in real time, even if a malicious package slips past your CI checks. For Node.js projects, use the runtime-exfil-monitor.js script (Code Example 3) which hooks process.env access and network requests via JS Proxies to block unauthorized access to sensitive environment variables and C2 communication. We deployed this to all production ECS tasks and reduced mean time to detection (MTTD) for supply chain incidents from 72 hours to 11 seconds. For lower-level monitoring across all workloads, use Falco (https://github.com/falcosecurity/falco), an eBPF-based tool that detects suspicious network connections, file writes, and process executions from containerized workloads. In our benchmarks, Falco detected the malicious postinstall script's network request to c2-leak-metrics.xyz in 400ms, vs 11 seconds for the JS proxy (due to Node.js startup time). A common concern is performance overhead: our JS proxy added 0.2% CPU overhead and 12MB of memory per Node.js process, which is negligible for production workloads. Falco adds <1% CPU overhead for most workloads. Never rely solely on static scans – the 2024 Verizon Data Breach Investigations Report found that 68% of supply chain attacks that caused data leaks bypassed static SCA tools entirely. Runtime monitoring is the only way to catch these zero-day exploits before data is exfiltrated.

9. zeek

   8 1 7,695 9.9 C++

   Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

   

10. i2pd

    9 57 4,082 9.7 C++

    🛡 I2P: End-to-End encrypted and anonymous Internet

    

    Project mention: I2P is currently facing an ongoing attack on its network | news.ycombinator.com | 2026-02-05

    Tens of thousands of malicious routers have been deployed on the peer-to-peer anonymous network, I2P. These malicious routers are not contributing transit, causing severely degraded performance and anonymity for all. It is unknown whether this is the result of state actors, botnets, or researchers at this time.

    https://www.reddit.com/r/i2p/comments/1qvalmq/megathread_ongoing_attack_on_i2p_network_causing/

    https://github.com/PurpleI2P/i2pd/issues/2312

11. nsjail

    10 7 3,942 8.5 C++

    A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.

    

12. Snort

    11 2 3,343 9.6 C++

    Snort++

    

13. openrasp

    12 1 2,958 3.5 C++

    🔥Open source RASP solution

    

14. edb-debugger

    13 5 2,915 5.7 C++

    edb is a cross-platform AArch32/x86/x86-64 debugger.

    

    Project mention: Ghidra by NSA | news.ycombinator.com | 2026-02-13

15. keystone

    14 1 2,567 0.0 C++

    Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings (by keystone-engine)

    

16. wtf

    15 1 1,765 4.6 C++

    wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!). (by 0vercl0k)

    

17. sandboxed-api

    16 5 1,749 9.6 C++

    Generate sandboxes for C/C++ libraries automatically

    

18. concrete

    17 6 1,554 8.5 C++

    Concrete: TFHE Compiler that converts python programs into FHE equivalent

    

    Project mention: Show HN: Ncrypt – Query encrypted files privately with FHE | news.ycombinator.com | 2025-07-04

    Hey HN,

    We're building ncrypt, an open-source encrypted file manager that allows you to store, manage, and privately query your files using fully homomorphic encryption (FHE). This project originally started as a simple SFTP-like CLI for my personal S3 buckets which I used to send and retrieve encrypted files and have more granular control over key rotation.

    As the number of files that I was storing grew, file discovery started to become a problem, and I found myself frequently having to download and decrypt files to inspect their contents. Rather than leaving them unencrypted in S3 and therefore easier to search, I started looking into the concept of searching over encrypted data using fully homomorphic encryption. This led me to Zama's concrete-python library (https://github.com/zama-ai/concrete), which provides a simple Python interface for performing FHE operations.

    FHE is notoriously slow, so rather than trying to search over entire files I focused on a more tractable problem, indexing and searching over file metadata (summaries, keywords, embeddings, etc) which was small enough to make search practical. While still not fast compared to traditional file management tools, ncrypts search performance is decent if you keep directory sizes relatively small (under 25 files), and most of the heavy lifting happens during metadata extraction, not at search time.

    The two types of encrypted queries we currently support are keyword search and cosine similarity search over vector embeddings, which are generated using user-specified huggingface models. Ncrypt currently supports metadata extraction for text, image, and audio files. Check out our code and give it a try at https://github.com/ncryptai/ncrypt.

    We love feedback!

19. usbguard

    18 24 1,339 5.9 C++

    USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

    

20. BLUESPAWN

    19 1 1,332 0.0 C++

    An Active Defense and EDR software to empower Blue Teams

    

21. stegseek

    20 6 1,257 5.2 C++

    :zap: Worlds fastest steghide cracker, chewing through millions of passwords per second :zap:

    

22. Bareos

    21 1 1,212 9.9 C++

    Bareos is a cross-network Open Source backup solution (licensed under AGPLv3) which preserves, archives, and recovers data from all major operating systems.

    

    Project mention: Building my first MCP server: teaching AI assistants about backups | dev.to | 2026-02-15

    Today I built a Model Context Protocol (MCP) server to connect AI assistants with Bareos backup infrastructure. Join me as I walk through building this integration and share what I learned along the way.

23. herpaderping

    22 1 1,188 3.2 C++

    Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

    

24. openvpn3

    23 2 1,155 9.0 C++

    OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.

    

C++ Security related posts

• Preparing for KDE Plasma's Last X11-Supported Release

  10 projects | news.ycombinator.com | 2 Jun 2026

• Postmortem: Supply Chain Attack via Compromised NPM Package 11 Caused a Production Data Leak

  3 projects | dev.to | 28 Apr 2026

• Codename: TEMPEST — The real magnitude of an 80-year-old threat

  1 project | dev.to | 24 Apr 2026

• Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor in AI Workflows

  1 project | dev.to | 25 Mar 2026

• I2PChat

  1 project | news.ycombinator.com | 9 Feb 2026

• Show HN: Sklad – Secure, offline-first snippet manager (Rust, Tauri v2)

  2 projects | news.ycombinator.com | 2 Feb 2026

• Lock-Picking Robot

  2 projects | news.ycombinator.com | 12 Jan 2026
• A note from our sponsor - SaaSHub
  www.saashub.com | 6 Jun 2026

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending C++ projects with our weekly report!