Top 23 HTML Security Projects

Security

• Add a project

1. KeeWeb

   1 61 12,592 7.7 HTML

   Free cross-platform password manager compatible with KeePass

   

   Project mention: Bitwarden SDK relicensed from proprietary to GPLv3 | news.ycombinator.com | 2024-10-24

   It is actually sort of how I used it as well, though through nextcloud. It did still remain a hassle. It also requires all different apps to be maintained and equally safe.

   Keeweb for example has not had an active maintainer since 2022 https://github.com/keeweb/keeweb/issues/2022

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. YubiKey-Guide

   2 112 11,744 8.9 HTML

   Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.

   

4. school-of-sre

   3 2 7,992 4.2 HTML

   At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.

   

5. cve

   4 13 7,045 9.8 HTML

   Gather and update all available and newest CVEs with their PoC.

   

6. Security-101

   5 1 5,275 6.6 HTML

   8 Lessons, Kick-start Your Cybersecurity Learning.

   

7. js-xss

   6 5 5,270 4.8 HTML

   Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

   

   Project mention: Security Best Practices for Your Node.js Application | dev.to | 2024-07-17

   Encode output data before user-controllable data is written to a page to prevent it from being interpreted as HTML or JavaScript. You can use tools like xss for this purpose.

8. kubernetes-goat

   7 19 4,824 6.0 HTML

   Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

   

   Project mention: PURPOSELY Exploiting A Kubernetes Cluster | dev.to | 2024-08-22

   git clone https://github.com/madhuakula/kubernetes-goat.git

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. supercookie

    8 34 4,662 2.8 HTML

    ⚠️ Browser fingerprinting via favicon!

    

    Project mention: Simple Browser Tracking | dev.to | 2025-05-03

    Tracking users is a touchy topic. Should you rely on screen size? Favicon loading hacks (like this one)? Or something more exotic?

11. Web-Security-Learning

    9 1 4,236 0.0 HTML

    Web-Security-Learning

    

12. django-DefectDojo

    10 7 4,074 9.9 HTML

    DevSecOps, ASPM, Vulnerability Management. All on one platform.

    

    Project mention: Django-DefectDojo: Unified DevSecOps Platform for Vulnerability Management | news.ycombinator.com | 2024-08-09

13. reverse-shell-generator

    11 7 3,440 5.3 HTML

    Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

    

14. badssl.com

    12 35 2,914 1.0 HTML

    :lock: Memorable site for testing clients against bad SSL configs.

    

    Project mention: (Occasionally) Useful Web Tools For Android Developers | dev.to | 2024-12-22

    Link: badssl.com

15. OnionBrowser

    13 46 2,404 8.3 HTML

    An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network

    

16. sig-security

    14 22 2,189 8.5 HTML

    🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

    

    Project mention: Show HN: Attune – Build and publish APT repositories in seconds | news.ycombinator.com | 2025-04-18

    Anything requiring or targeting CNCF SSCP compliance or similar use cases.

    https://github.com/cncf/tag-security/blob/main/community/wor...

17. security-txt

    15 14 1,826 10.0 HTML

    A proposed standard that allows websites to define security policies.

    

    Project mention: Most IT companies fail to serve security.txt for RFC 9116 in 2025 | news.ycombinator.com | 2025-03-02

    Been in or around tech my whole life and this is the first time I've heard of security.txt. This article is trying to shame or something over what even https://securitytxt.org/ is calling "A proposed standard..."?

18. ICS-Security-Tools

    16 2 1,792 4.3 HTML

    Tools, tips, tricks, and more for exploring ICS Security.

    

19. 1Hosts

    17 32 1,757 0.0 HTML

    Advanced DNS filter/blocklists for privacy, security, and clean browsing.

    

20. portable-secret

    18 11 1,729 5.7 HTML

    Better privacy without special software

    

21. railsgoat

    19 2 891 0.0 HTML

    A vulnerable version of Rails that follows the OWASP Top 10

    

22. awesome-anti-forensic

    20 2 880 3.2 HTML

    Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.

    

23. ffprofile

    21 8 815 4.6 HTML

    A tool to create firefox profiles with personalized defaults.

    

24. aws-secure-environment-accelerator

    22 4 759 8.2 HTML

    The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

    

25. i2pdbrowser

    23 8 733 5.8 HTML

    i2pd browser bundle

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

HTML Security related posts

• Most IT companies fail to serve security.txt for RFC 9116 in 2025

  1 project | news.ycombinator.com | 2 Mar 2025

• Running WordPress on Containers

  4 projects | dev.to | 18 Sep 2024

• Better Dotfiles

  5 projects | news.ycombinator.com | 6 Sep 2024

• Password protect a static HTML page, decrypted in-browser in JavaScript

  6 projects | news.ycombinator.com | 30 Aug 2024

• PURPOSELY Exploiting A Kubernetes Cluster

  1 project | dev.to | 22 Aug 2024

• Firefox zero day: You can't leave this web page

  1 project | news.ycombinator.com | 16 Aug 2024

• Django-DefectDojo: Unified DevSecOps Platform for Vulnerability Management

  1 project | news.ycombinator.com | 9 Aug 2024
• A note from our sponsor - SaaSHub
  www.saashub.com | 25 Jun 2025

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

www.influxdata.com

Do not miss the trending HTML projects with our weekly report!