HTML Security

Open-source HTML projects categorized as Security

Top 23 HTML Security Projects

  • smart-contract-best-practices

    A guide to smart contract security best practices

    Project mention: Solidity security reviews? | | 2023-02-20
  • js-xss

    Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

  • Appwrite

    Appwrite - The Open Source Firebase alternative introduces iOS support. Appwrite is an open source backend server that helps you build native iOS applications much faster with realtime APIs for authentication, databases, files storage, cloud functions and much more!

  • cve

    Gather and update all available and newest CVEs with their PoC.

    Project mention: [Help] I'm looking for a downloadable list of all CVEs including vulnerability | | 2022-12-05

    Anyhow, these project might help: - - - - -

  • supercookie

    ⚠️ Browser fingerprinting via favicon!

    Project mention: Website User Identification Methods? | | 2022-11-25
  • Web-Security-Learning


  • kubernetes-goat

    Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

    Project mention: Broke down K8S images? | | 2022-08-04
  • django-DefectDojo

    DefectDojo is a DevSecOps and vulnerability management tool.

    Project mention: Any open source projects where we can learn Django by doing? | | 2023-02-05
  • InfluxDB

    Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.


    :lock: Memorable site for testing clients against bad SSL configs.

    Project mention: Intune Management ADMX | | 2023-02-21

    With SSLVersionMin, I think TLS 1.0 and TLS 1.1 protocols are already disabled (they were originally going to be disabled in 2020, but it was postponed). If I try going to test pages on that use those protocols, Brave displays an "Unsupported protocol" error page with error code ERR_SSL_VERSION_OR_CIPHER_MISMATCH – with no option for the user to bypass the error page. However, I'm not sure why InTune won't allow you to configure it to TLS 1.2 minimum version anyway.

  • OnionBrowser

    An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network

    Project mention: YSK that If you’re using Android 11 and Google Chrome, you can get malware or bloatware simply by surfing on websites, even in incognito mode. | | 2023-03-21
  • reverse-shell-generator

    Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

    Project mention: What are use cases for a reverse shell generator? | | 2023-03-07
  • portable-secret

    Better privacy without special software

    Project mention: Password protect a static HTML page | | 2023-02-18
  • ICS-Security-Tools

    Tools, tips, tricks, and more for exploring ICS Security.

  • railsgoat

    A vulnerable version of Rails that follows the OWASP Top 10

    Project mention: How to Safely Deserialize Data in Ruby on Rails | | 2022-08-17

    In this example, we’ll analyze the runtime behavior of the OWASP Railsgoat project, which is a vulnerable Ruby on Rails application. This project demonstrates the OWASP Top-10 and is a great project for educating developers and security teams.

  • 1Hosts

    World's most advanced DNS filter-/blocklists!

    Project mention: Energized GitHub has been unmaintained since few months, and is showing 404 error on HOSTS files. Here is a copy of Energized Ultimate HOSTS ruleset file, and alternative HOSTS ruleset providers to consider. | | 2023-03-10

    I think 1Hosts PRO is a good replacement, but try Lite or Pro whichever you prefer. You may try combining other HOSTS lists with this if you want to, and are technically adept enough.

  • firefox-profilemaker

    A tool to create firefox profiles with personalized defaults.

    Project mention: Any add-on that removes annoying "accept all cookies" message and denies it all the time? | | 2022-11-13
  • aws-secure-environment-accelerator

    The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

    Project mention: An AWS account just for getting into other AWS accounts | | 2022-11-02

    I've used the ASEA to get a number of organizations setup. I prefer it to Control Tower (it can be installed on top of CT). The ASEA is open source and written in AWS cdk so it can be forked and modified if needed.

  • i2pdbrowser

    i2pd browser bundle

    Project mention: [March 6th] Dread: We are back! | | 2023-03-09

    they just need to download and they r set to go


    Is TLS fast yet? Yes, yes it is.

    Project mention: Is TLS Fast Yet? - TLS has exactly one performance problem: it is not used widely enough. Everything else can be optimized. | | 2022-10-21
  • CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

    🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

    Project mention: CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera: 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 | | 2022-03-28

    Main website servers

    Project mention: Google Pixel Phones und GrapheneOS | | 2023-03-14

    GrapheneOS (Lizenz) [GrapheneOS: das private und sichere mobile Betriebssystem](grapheneos-index.html) – [Installation](grapheneos-install.html) – [CLI-Installationsanleitung](grapheneos-install-cli.html) – [Web-Installationsanleitung](grapheneos-install-web.html) –

  • awesome-anti-forensic

    Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.

    Project mention: How to wipe a drive beyond forensic recoverability? | | 2022-10-28

    Take a look at awesome-anti-forensic

  • CIS-Ubuntu-20.04-Ansible

    Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

    Project mention: CIS Roles | | 2023-02-16
  • DWKit

    DWKit is a Business Process Management System based on .NET Core and React

    Project mention: Alternative to ProcessMaker | | 2022-05-10

    DWKit (last commit 5 month ago)

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-03-21.

HTML Security related posts


What are some of the best open-source Security projects in HTML? This list will help you:

Project Stars
1 smart-contract-best-practices 6,584
2 js-xss 4,847
3 cve 4,074
4 supercookie 4,053
5 Web-Security-Learning 3,965
6 kubernetes-goat 2,953
7 django-DefectDojo 2,696
8 2,509
9 OnionBrowser 2,010
10 reverse-shell-generator 1,830
11 portable-secret 1,552
12 ICS-Security-Tools 1,222
13 railsgoat 814
14 1Hosts 775
15 firefox-profilemaker 669
16 aws-secure-environment-accelerator 639
17 i2pdbrowser 623
18 415
19 CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera 313
20 312
21 awesome-anti-forensic 275
22 CIS-Ubuntu-20.04-Ansible 203
23 DWKit 125
Clean code begins in your IDE with SonarLint
Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.