Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →
Top 23 Security Open-Source Projects
-
the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
8. Security Knowledge Base: - Utilize resources like The-book-of-secret-knowledge (e.g., https://github.com/trimstray/the-book-of-secret-knowledge) and Awesome-Hacking (e.g., https://github.com/Hack-with-Github/Awesome-Hacking) to build a knowledge base. - Extract relevant security information and create a structured knowledge base within SecurIoT. - Implement functionality to query and retrieve security information from the knowledge base. - Thoroughly test the knowledge base integration, ensuring accurate retrieval of security knowledge.
-
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
8. Security Knowledge Base: - Utilize resources like The-book-of-secret-knowledge (e.g., https://github.com/trimstray/the-book-of-secret-knowledge) and Awesome-Hacking (e.g., https://github.com/Hack-with-Github/Awesome-Hacking) to build a knowledge base. - Extract relevant security information and create a structured knowledge base within SecurIoT. - Implement functionality to query and retrieve security information from the knowledge base. - Thoroughly test the knowledge base integration, ensuring accurate retrieval of security knowledge.
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
course Computer science is very wast field the fundamental remains same, learn basic fundamentals, data structures, concepts of object oriented programming.
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An alternative display version is available at PayloadsAllTheThingsWeb.
-
Project mention: Empowering Caddy: User Friendliness with Case-Insensitive Caddyfiles | dev.to | 2023-11-25
An interesting project that I recently contributed to is Caddy, a fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS, written in the language I'm currently exploring, Golang. My contribution and pull request address case-insensitive support to special prefixes in the Caddyfile, along with the ability to recognize files with a '.caddyfile' suffix, all inspired by a reported issue.
-
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Project mention: Too Many Fonts in Windows 10 Can Cause Slow Application Starts | news.ycombinator.com | 2023-08-17I have never heard anyone say anything good about the Visual Studio debugger before. Now, I'm not a Windows person but I'm not gonna argue for gdb or lldb here. RemedyBG and x64dbg are the two debuggers I've heard good things about though I've never used them because, again, not a Windows person.
-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Project mention: WORKING tutorial on how to enable iOS voice chat RIGHT NOW | /r/ChatGPT | 2023-10-03You'll need to install mitmproxy and set it up on your computer and iOS. I won't go into too much detail here on how to do this, but there are plenty of guides available. This is a pretty good one: https://nadav.ca/2021/02/26/inspecting-an-iphone-s-https-traffic/
-
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
-
Metasploit: https://github.com/rapid7/metasploit-framework
-
Project mention: Enhancing Code Quality and Security: Building a Rock-Solid CI Test Suite for Seamless Development | dev.to | 2023-07-03
The DAST checks can be automated up to a certain point, where the code should be able to withstand certain scans and attacks. For eg. SQL Injections can be checked with sqlmap which tests with each and every type of sql injection payload and reports it back to the user.
-
Project mention: Show HN: WireHole New UI Makes Managing WireGuard Clients Easy | news.ycombinator.com | 2023-10-27
-
-
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWasp cheat sheet on how to do ACL in Web App.
-
hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Project mention: Show HN: YouTube banned adblockers so I built an extension to skip their ads | news.ycombinator.com | 2023-11-18I use the Hosts file to block a ton of ads and that works really well. https://github.com/StevenBlack/hosts Something worth considering if your ad blocker isn't working well.
-
Project mention: Blockchain transactions decoding: making wallet activity understandable | dev.to | 2023-10-27
Lets look the events of Open Zeppelin’s ERC20 token contract:
-
-
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
-
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it.
-
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Project mention: Friends - needs help choosing solution for SBOM vulnerability | /r/devops | 2023-06-01 -
Project mention: I'm pretty sure this is possible, and would appreciate confirmation/direction. | /r/termux | 2022-12-13
https://github.com/radareorg/radare2 (You can git clone it, then run the install script)
-
Matomo
Liberating Web Analytics. Star us on Github? +1. Matomo is the leading open alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. We love Pull Requests!
There are many good, lightweight, and open-source alternatives to Google Analytics, such as Plausible, Matomo, Fathom, Simple Analytics, and so on. Many of these options are open-source, and can be self-hosted.
-
FastAPI's tutorial on how to implement a basic OAuth server helped me a lot in understanding the basic concepts.
https://fastapi.tiangolo.com/tutorial/security/
After getting familiar, I self hosted Keycloak and integrated it with my FastAPI server.
-
Project mention: Why would anyone need AD/AAD when you can manage devices through Saltstack? | /r/sysadmin | 2023-08-05
https://github.com/saltstack/salt https://github.com/chocolatey/choco https://github.com/nextcloud https://github.com/authelia/authelia https://github.com/grafana/grafana
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-11-27.
Security related posts
- Explore web applications through their content security policy (CSP)
- Effective Adversary Emulation
- Have I Been Squatted?
- Escaping Duopoly: Best 5 Linux Smartphones Without Performance Security Excuses
- Linux being secure is a common misconception
- Vanadium version 119.0.6045.163.2 released
- Korean Smartphones Have Mandatory Shutter Sounds, 8 in 10 Want It Muted
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Nov 2023
Index
What are some of the best open-source Security projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | the-book-of-secret-knowledge | 113,333 |
| 2 | Awesome-Hacking | 71,506 |
| 3 | cs-video-courses | 61,879 |
| 4 | PayloadsAllTheThings | 52,851 |
| 5 | Caddy | 50,711 |
| 6 | x64dbg | 42,061 |
| 7 | mitmproxy | 32,853 |
| 8 | Metasploit | 31,685 |
| 9 | SQLMap | 28,909 |
| 10 | algo | 27,821 |
| 11 | nginxconfig.io | 26,418 |
| 12 | CheatSheetSeries | 25,197 |
| 13 | hosts | 24,207 |
| 14 | openzeppelin-contracts | 23,256 |
| 15 | setup-ipsec-vpn | 23,081 |
| 16 | API-Security-Checklist | 21,589 |
| 17 | OSQuery | 20,752 |
| 18 | macOS-Security-and-Privacy-Guide | 20,553 |
| 19 | trivy | 19,405 |
| 20 | radare2 | 18,890 |
| 21 | Matomo | 18,420 |
| 22 | Keycloak | 18,083 |
| 23 | authelia | 17,937 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com