Find and verify credentials
Support
Quality
Security
License
Reuse
Unlock encrypted music file in browser. 在浏览器中解锁加密的音乐文件。
Support
Quality
Security
License
Reuse
Associate users with roles and permissions
Support
Quality
Security
License
Reuse
Exploitation Framework for Embedded Devices
Support
Quality
Security
License
Reuse
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Support
Quality
Security
License
Reuse
A modern, portable, easy to use crypto library.
Support
Quality
Security
License
Reuse
The OWASP ZAP core project
Support
Quality
Security
License
Reuse
r
react-native-firebaseby invertase
JavaScript 
10887 Version:Current License: Proprietary (Proprietary)
🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.
Support
Quality
Security
License
Reuse
🔐 JSON Web Token Authentication for Laravel & Lumen
Support
Quality
Security
License
Reuse
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Support
Quality
Security
License
Reuse
Android runtime permissions powered by RxJava2
Support
Quality
Security
License
Reuse
Automatically provision and manage TLS certificates in Kubernetes
Support
Quality
Security
License
Reuse
A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
Support
Quality
Security
License
Reuse
CTF framework and exploit development library
Support
Quality
Security
License
Reuse
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Support
Quality
Security
License
Reuse
Apereo CAS - Identity & Single Sign On for all earthlings and beyond.
Support
Quality
Security
License
Reuse
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Support
Quality
Security
License
Reuse
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Support
Quality
Security
License
Reuse
Guide to using YubiKey for GPG and SSH
Support
Quality
Security
License
Reuse
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
Support
Quality
Security
License
Reuse
Open source alternative to Auth0 / Firebase Auth / AWS Cognito
Support
Quality
Security
License
Reuse
:flags: A curated collection of all country flags in SVG — plus the CSS for easier integration
Support
Quality
Security
License
Reuse
Multi-platform transparent client-side encryption of your files in the cloud
Support
Quality
Security
License
Reuse
Firmware Analysis Tool
Support
Quality
Security
License
Reuse
VLESS(TCP_Vision、Reality、gRPC、WS)、VMess(WS)、Trojan(TCP、gRPC)、Hysteria、八合一共存脚本
Support
Quality
Security
License
Reuse
Open-Source Phishing Toolkit
Support
Quality
Security
License
Reuse
Java JWT: JSON Web Token for Java and Android
Support
Quality
Security
License
Reuse
This is a webshell open source project
Support
Quality
Security
License
Reuse
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
Support
Quality
Security
License
Reuse
In-depth Attack Surface Mapping and Asset Discovery
Support
Quality
Security
License
Reuse
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Support
Quality
Security
License
Reuse
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
Support
Quality
Security
License
Reuse
Xray 基于 Nginx 的 VLESS + XTLS 一键安装脚本
Support
Quality
Security
License
Reuse
Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service.
Support
Quality
Security
License
Reuse
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Support
Quality
Security
License
Reuse
fsociety Hacking Tools Pack – A Penetration Testing Framework
Support
Quality
Security
License
Reuse
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Support
Quality
Security
License
Reuse
Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
Support
Quality
Security
License
Reuse
Firebase Quickstart Samples for Android
Support
Quality
Security
License
Reuse
wallabag is a self hostable application for saving web pages: Save and classify articles. Read them later. Freely.
Support
Quality
Security
License
Reuse
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Support
Quality
Security
License
Reuse
Unofficial Bitwarden compatible server written in Rust
Support
Quality
Security
License
Reuse
Daemon to ban hosts that cause multiple authentication errors
Support
Quality
Security
License
Reuse
Automatically provision and manage TLS certificates in Kubernetes
Support
Quality
Security
License
Reuse
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Support
Quality
Security
License
Reuse
Server supporting the Signal Private Messenger applications on Android, Desktop, and iOS
Support
Quality
Security
License
Reuse
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
Support
Quality
Security
License
Reuse
m
my-arsenal-of-aws-security-toolsby toniblyx
Shell 8193 Version:Current License: Permissive (Apache-2.0)
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Support
Quality
Security
License
Reuse
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
Support
Quality
Security
License
Reuse
Open-source feature management solution built for developers.
Support
Quality
Security
License
Reuse
t
trufflehogby trufflesecurity
Find and verify credentials
Go 11386Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)
11386Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
u
unlock-musicby unlock-music
Unlock encrypted music file in browser. 在浏览器中解锁加密的音乐文件。
TypeScript 11299Updated: 3 y ago License: Permissive (MIT)
11299Updated: 3 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
l
laravel-permissionby spatie
Associate users with roles and permissions
PHP 11285Updated: 2 y ago License: Permissive (MIT)
11285Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
r
routersploitby threat9
Exploitation Framework for Embedded Devices
Python 11150Updated: 2 y ago License: Proprietary (Proprietary)
11150Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
D
DOMPurifyby cure53
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
JavaScript 11141Updated: 2 y ago License: Proprietary (Proprietary)
11141Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
l
libsodiumby jedisct1
A modern, portable, easy to use crypto library.
C 10984Updated: 2 y ago License: Proprietary (Proprietary)
10984Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
z
zaproxyby zaproxy
The OWASP ZAP core project
Java 10937Updated: 2 y ago License: Permissive (Apache-2.0)
10937Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
r
react-native-firebaseby invertase
🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.
JavaScript 10887Updated: 2 y ago License: Proprietary (Proprietary)
10887Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
j
jwt-authby tymondesigns
🔐 JSON Web Token Authentication for Laravel & Lumen
PHP 10884Updated: 2 y ago License: Permissive (MIT)
10884Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
l
lynisby CISOfy
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Shell 10880Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
10880Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
R
RxPermissionsby tbruyelle
Android runtime permissions powered by RxJava2
Java 10440Updated: 2 y ago License: Permissive (Apache-2.0)
10440Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
c
cert-managerby cert-manager
Automatically provision and manage TLS certificates in Kubernetes
Go 10430Updated: 2 y ago License: Permissive (Apache-2.0)
10430Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
sovereignby sovereign
A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
HTML 10340Updated: 2 y ago License: Proprietary (Proprietary)
10340Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
p
pwntoolsby Gallopsled
CTF framework and exploit development library
Python 10297Updated: 2 y ago License: Proprietary (Proprietary)
10297Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
o
owasp-mastgby OWASP
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Python 10297Updated: 2 y ago License: Strong Copyleft (CC-BY-SA-4.0)
10297Updated: 2 y ago License: Strong Copyleft (CC-BY-SA-4.0)Support
Quality
Security
License
Reuse
c
casby apereo
Apereo CAS - Identity & Single Sign On for all earthlings and beyond.
Java 10184Updated: 2 y ago License: Permissive (Apache-2.0)
10184Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
social-analyzerby qeeqbox
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
JavaScript 10077Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)
10077Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
s
spiderfootby smicallef
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Python 9740Updated: 2 y ago License: Permissive (MIT)
9740Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
Y
YubiKey-Guideby drduh
Guide to using YubiKey for GPG and SSH
Shell 9664Updated: 2 y ago License: Permissive (MIT)
9664Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
C
CryptoSwiftby krzyzanowskim
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
Swift 9615Updated: 2 y ago License: Proprietary (Proprietary)
9615Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
s
supertokens-coreby supertokens
Open source alternative to Auth0 / Firebase Auth / AWS Cognito
Java 9531Updated: 2 y ago License: Proprietary (Proprietary)
9531Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
f
flag-iconsby lipis
:flags: A curated collection of all country flags in SVG — plus the CSS for easier integration
CSS 9455Updated: 2 y ago License: Permissive (MIT)
9455Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
c
cryptomatorby cryptomator
Multi-platform transparent client-side encryption of your files in the cloud
Java 9437Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
9437Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
b
Support
Quality
Security
License
Reuse
v
v2ray-agentby mack-a
VLESS(TCP_Vision、Reality、gRPC、WS)、VMess(WS)、Trojan(TCP、gRPC)、Hysteria、八合一共存脚本
Shell 9280Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)
9280Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
g
gophishby gophish
Open-Source Phishing Toolkit
Go 9130Updated: 2 y ago License: Proprietary (Proprietary)
9130Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
j
jjwtby jwtk
Java JWT: JSON Web Token for Java and Android
Java 9117Updated: 2 y ago License: Permissive (Apache-2.0)
9117Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
w
webshellby tennc
This is a webshell open source project
PHP 9058Updated: 2 y ago License: Permissive (MIT)
9058Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
I
IdentityServer4by IdentityServer
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
C# 9046Updated: 2 y ago License: Permissive (Apache-2.0)
9046Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
A
Amassby OWASP
In-depth Attack Surface Mapping and Asset Discovery
Go 9025Updated: 2 y ago License: Proprietary (Proprietary)
9025Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
M
MHDDoSby MatrixTM
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Python 8870Updated: 2 y ago License: Permissive (MIT)
8870Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
o
opensnitchby evilsocket
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
Python 8860Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
8860Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
X
Xray_onekeyby wulabing
Xray 基于 Nginx 的 VLESS + XTLS 一键安装脚本
Shell 8829Updated: 2 y ago License: Permissive (MIT)
8829Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
k
kratosby ory
Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service.
Go 8820Updated: 2 y ago License: Permissive (Apache-2.0)
8820Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
o
owasp-mstgby OWASP
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Python 8710Updated: 3 y ago License: Strong Copyleft (CC-BY-SA-4.0)
8710Updated: 3 y ago License: Strong Copyleft (CC-BY-SA-4.0)Support
Quality
Security
License
Reuse
f
fsocietyby Manisso
fsociety Hacking Tools Pack – A Penetration Testing Framework
Python 8601Updated: 2 y ago License: Permissive (MIT)
8601Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
k
kubescapeby kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Go 8544Updated: 2 y ago License: Permissive (Apache-2.0)
8544Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
c
clientby keybase
Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
Go 8497Updated: 2 y ago License: Permissive (BSD-3-Clause)
8497Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
q
quickstart-androidby firebase
Firebase Quickstart Samples for Android
Java 8491Updated: 2 y ago License: Permissive (Apache-2.0)
8491Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
w
wallabagby wallabag
wallabag is a self hostable application for saving web pages: Save and classify articles. Read them later. Freely.
PHP 8474Updated: 2 y ago License: Permissive (MIT)
8474Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
j
juice-shopby juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
TypeScript 8328Updated: 2 y ago License: Permissive (MIT)
8328Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
b
bitwarden_rsby dani-garcia
Unofficial Bitwarden compatible server written in Rust
Rust 8307Updated: 4 y ago License: Strong Copyleft (GPL-3.0)
8307Updated: 4 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
f
fail2banby fail2ban
Daemon to ban hosts that cause multiple authentication errors
Python 8305Updated: 2 y ago License: Proprietary (Proprietary)
8305Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
c
cert-managerby jetstack
Automatically provision and manage TLS certificates in Kubernetes
Go 8291Updated: 3 y ago License: Permissive (Apache-2.0)
8291Updated: 3 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
z
zphisherby htr-tech
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
HTML 8288Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
8288Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
S
Signal-Serverby signalapp
Server supporting the Signal Private Messenger applications on Android, Desktop, and iOS
Java 8263Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)
8263Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
p
prowlerby prowler-cloud
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
Python 8206Updated: 2 y ago License: Permissive (Apache-2.0)
8206Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
m
my-arsenal-of-aws-security-toolsby toniblyx
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Shell 8193Updated: 2 y ago License: Permissive (Apache-2.0)
8193Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
d
dexby dexidp
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
Go 8166Updated: 2 y ago License: Permissive (Apache-2.0)
8166Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
u
unleashby Unleash
Open-source feature management solution built for developers.
TypeScript 8162Updated: 2 y ago License: Permissive (Apache-2.0)
8162Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse