Open-source projects categorized as Security | Edit details

Top 23 Security Open-Source Projects

  • GitHub repo the-book-of-secret-knowledge

    A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

    Project mention: Linux networking tool with simpler understanding... | reddit.com/r/coolguides | 2021-04-28


  • GitHub repo x64dbg

    An open-source x64/x32 debugger for windows.

    Project mention: Kifflom? | reddit.com/r/chiliadmystery | 2021-04-26


  • GitHub repo Caddy

    Fast, multi-platform web server with automatic HTTPS

    Project mention: Running Ghost in Production With Docker and Caddy Server | reddit.com/r/docker | 2021-05-11

    It will also use SSL/TLS, using Caddy (still with Docker).

  • GitHub repo PayloadsAllTheThings

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    Project mention: Big list of HTTP static server one-liners | news.ycombinator.com | 2021-05-12


  • GitHub repo Metasploit

    Metasploit Framework

    Project mention: NetMotion Mobility CVE-2021-26914 exploit: vuln from Feb... Being exploited en mass in 3..2..1 | reddit.com/r/blueteamsec | 2021-05-11
  • GitHub repo cs-video-courses

    List of Computer Science courses with video lectures.

    Project mention: Can anyone recommend any deep web sites that hosts certificate courses from reputable universities for free? Or any edtech sites on the deep web. Thanks. | reddit.com/r/deepweb | 2021-05-12
  • GitHub repo mitmproxy

    An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

    Project mention: Beware of Applications Misusing Root Stores | news.ycombinator.com | 2021-05-10
  • GitHub repo algo

    Set up a personal VPN in the cloud

    Project mention: Any good VPN providers allowing "custom dns" in .conf? | reddit.com/r/WireGuard | 2021-05-06
  • GitHub repo SQLMap

    Automatic SQL injection and database takeover tool

    Project mention: sqlmap cannot find inject on the testfire.net | reddit.com/r/Kalilinux | 2021-05-12

    I found the same question on GitHub, but the payload given in the answer doesn't work.

  • GitHub repo macOS-Security-and-Privacy-Guide

    Guide to securing and improving privacy on macOS

    Project mention: Security | reddit.com/r/macbookpro | 2021-05-11


  • GitHub repo OSQuery

    SQL powered operating system instrumentation, monitoring, and analytics.

    Project mention: Is there a way to scan a network for computers running specific software (Java in this case) | reddit.com/r/sysadmin | 2021-04-26

    Many options exist. OSQuery is one, and it's free, and it can be used to grab a bunch of other system information which might be useful at a later date. https://osquery.io/

  • GitHub repo hosts

    🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

    Project mention: Jumping ship to debian | reddit.com/r/debian | 2021-05-11

    If you don't want the full Pi-Hole, you could just use one of StevenBlack's hosts file. https://github.com/StevenBlack/hosts

  • GitHub repo CheatSheetSeries

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    Project mention: Proxy for protection | reddit.com/r/networking | 2021-04-01

    The other thing you want to do is learn what the possible attacks are, and how to mitigate them. Owasp has some great resources for starters: https://owasp.org/www-project-top-ten/ https://cheatsheetseries.owasp.org/

  • GitHub repo setup-ipsec-vpn

    Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

    Project mention: VPN Setup Help/Speed | reddit.com/r/HomeNetworking | 2021-04-29
  • GitHub repo radare2

    UNIX-like reverse engineering framework and command-line toolset

    Project mention: That took a wild turn | reddit.com/r/ProgrammerHumor | 2021-04-15

    True story: there is a project called Radare2 (or r2) which recently has been forked as Rizin. The reasons for the fork were many, but one of the things they changed was renaming occurrences in code of words like "anal", "sex", etc.

  • GitHub repo How-To-Secure-A-Linux-Server

    An evolving how-to guide for securing a Linux server.

    Project mention: Strange requests from the other side of the planet?! | reddit.com/r/HomeServer | 2021-05-09
  • GitHub repo Tink

    Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

    Project mention: Storing Sensitive Information in Django | reddit.com/r/django | 2021-03-14
  • GitHub repo hydra

    OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Compatible with MITREid.

    Project mention: User account over Internet | reddit.com/r/linuxadmin | 2021-05-10

    If you just have some services/users at a remote location that you want to authenticate/authorize using your existing user directory, I’d recommend using OAuth2/OpenID Connect over https. This has the added benefit of enabling users to enroll multi-factor, federating with other identity providers (if you want), is more future proof (LDAP isn’t cloud native/friendly), and can be exposed to the Internet without the need of a VPN relatively safely. Another benefit is support for remote users and SaaS - for example, enabling users working from home to authenticate to SaaS applications using their directory login (without SSL/agent-VPNs or punching holes in firewall). Examples include: Okta(free tier permits 2000 monthly active users), Keycloak,Dex,ory.sh.

  • GitHub repo openzeppelin-contracts

    OpenZeppelin Contracts is a library for secure smart contract development.

    Project mention: Templates for Bep20/ERC20 Tokens? | reddit.com/r/cryptodevs | 2021-05-11

    You should check out OpenZeppelins Smart Contract project (https://github.com/OpenZeppelin/openzeppelin-contracts) as well as Dapphub Dappsys (http://dapp.tools/dappsys/).

  • GitHub repo KeeWeb

    Free cross-platform password manager compatible with KeePass

    Project mention: Store all passwords in the same Excel... what could go wrong!? | reddit.com/r/sysadmin | 2021-04-13

    It's open source and built with security in mind https://keeweb.info/

  • GitHub repo Lean and Mean Docker containers

    DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

    Project mention: Tiny Container Challenge: Building a 6kB Containerized HTTP Server! | reddit.com/r/docker | 2021-04-22

    I still have to try it, but maybe docker-slim could help make it even smaller!

  • GitHub repo labs

    This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

    Project mention: How to “dockerize” existing web apps (“php + mySQL” app, and “node.js + express + mongodb” app) | reddit.com/r/docker | 2021-03-11

    You can find some intro and tutorials to catch up on docker https://github.com/docker/labs

  • GitHub repo wifiphisher

    The Rogue Access Point Framework

    Project mention: Create a Wi-Fi hotspot for data interception | reddit.com/r/Hacking_Tutorials | 2021-02-10

    You could do almost the same thing with this https://github.com/wifiphisher/wifiphisher, it's a great tool to clone a wifi asking you the password while disauth the original hostpot.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-05-12.


What are some of the best open-source Security projects? This list will help you:

Project Stars
1 the-book-of-secret-knowledge 39,740
2 x64dbg 36,691
3 Caddy 33,339
4 PayloadsAllTheThings 24,170
5 Metasploit 23,929
6 cs-video-courses 23,336
7 mitmproxy 22,294
8 algo 20,723
9 SQLMap 20,057
10 macOS-Security-and-Privacy-Guide 17,990
11 OSQuery 17,914
12 hosts 17,871
13 CheatSheetSeries 16,288
14 setup-ipsec-vpn 15,592
15 radare2 14,398
16 How-To-Secure-A-Linux-Server 11,350
17 Tink 11,283
18 hydra 10,863
19 openzeppelin-contracts 10,292
20 KeeWeb 10,026
21 Lean and Mean Docker containers 9,962
22 labs 9,845
23 wifiphisher 9,797