CoPro
CoPro: a data-driven modelling framework for conflict risk projections - Published in JOSS (2021)
QComms QKD Software Toolkit
QComms QKD Software Toolkit - Published in JOSS (2019)
fritap
Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
oauth2
🔐 oauth2 - A Ruby wrapper for the OAuth 2.0 Authorization Framework, including OpenID Connect (OIDC)
scapy
Scapy: the Python-based interactive packet manipulation program & library.
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
harden-windows-security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels
https://github.com/cleverhans-lab/cleverhans
An adversarial example library for constructing attacks, building defenses, and benchmarking both
paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
aflplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
https://github.com/awslabs/aws-well-architected-labs
Hands on labs and code to help you learn, measure, and build using architectural best practices.
average-calculator
📊 Creation of a Grade Average calculator to find out if the final grade was sufficient or not for approval.
top-trumps
🃏 Creation of the Top Trumps game where the theme and cards were inspired by great names responsible for the technology revolution and I dedicate it to Ada Lovelace to honor her contributions to humanity as one of the leading women in science and math.
sixarm_shell_random_scripts
SixArm.com → Shell → Random scripts to generate text
https://github.com/crowdstrike/falcon-helm
Helm Charts for running CrowdStrike Falcon with Kubernetes
https://github.com/coinfabrik/scout-audit
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development on which we extend scout for specific blockchains.
https://github.com/anchore/grype
A vulnerability scanner for container images and filesystems
https://github.com/bytedance/elkeid
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
ska
Sign data using symmetric-key algorithm encryption. Validate signed data and identify possible validation errors. Uses sha-(1, 224, 256, 385 and 512)/hmac for signature encryption. Custom hash algorithms are allowed. Useful shortcut functions for signing (and validating) dictionaries and URLs.
https://github.com/awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
https://github.com/crytic/blockchain-security-contacts
Directory of security contacts for blockchain companies
https://github.com/crowdstrike/falcon-operator
https://github.com/crowdstrike/ansible_collection_falcon
Comprehensive toolkit for streamlining your interactions with the CrowdStrike Falcon platform.
https://github.com/crowdstrike/container-image-scan-action
CrowdStrike Container Image Scan Github Action
https://github.com/crowdstrike/ivan
Falcon Image Vulnerability Analysis (IVAN) is a command-line image assessment tool.
https://github.com/cdcgov/cdh-lava-react
CDC Data Hub Lifecycle, Analysis & Visualization Accelerator (LAVA) REACT Components based on machine readable requirements.
https://github.com/cdpxe/nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
https://github.com/bytedance/android-inline-hook
:fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
https://github.com/crytic/awesome-ethereum-security
A curated list of awesome Ethereum security references
AdvBox
Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
octopus
Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
https://github.com/devidw/wp-hard
A modern approach to hardening WordPress: A WordPress hardening plugin.
https://github.com/crocs-muni/javacard-curated-list
Curated list of open-source Java Card applets and related applications for cryptographic smartcards
disa-windows-server-2016
This repository is part of the paper Automated Implementation of Windows-related Security-Configuration Guides presented at the 35th IEEE/ACM International Conference on Automated Software Engineering.
nmap-pkg-generation-analysis
Framework for synthetic packet generation and characterization of Nmap scans
https://github.com/copyleftdev/1337-fish-rng
1337-fish-rng leverages the unpredictable movements of fish to generate true randomness from live video feeds. This innovative project merges natural phenomena with digital technology to provide a unique, open-source tool for enhancing security and research.
https://github.com/copyleftdev/strider
🔒 STRIDER - Advanced Web Security Analysis Platform | AI-Powered Vulnerability Detection & Automated Security Scanning with Go
https://github.com/copyleftdev/mailsentinel
AI-powered Gmail classification system using local Ollama LLM inference. Privacy-first email triage with modular YAML profiles, cryptographic audit trails, and enterprise-grade security.
qzkp
Secure Quantum Zero-Knowledge Proofs: Implementation, Analysis, and Optimization
https://github.com/coinfabrik/scout-substrate-dataset
Dataset of audited Substrate code
firmwaredroid
FirmwareDroid is an analysis framework for Android firmware and Apps.
system-hardware-id-generator
The System Hardware ID Generator Script is a Python tool designed to generate a unique Hardware ID (HWID) for the device it runs on. The HWID is represented as an 18-digit integer, making it efficient for storage in databases and indexing. This script can be used for software licensing, device authentication, and hardware inventory management.
https://github.com/aliasrobotics/aztarna
aztarna, a footprinting tool for robots.
https://github.com/chronospk/pentesting-cheatsheets
Comprehensive pentesting cheatsheets in Markdown and SVG diagrams
secureuml-gui
A ArgoUML extensions for modelling SecureUML supporting various SecureUML dialects with and without support for Generic Break Glass concepts.
https://github.com/bytedance/varmor
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
sixarm_bash_shellshock
SixArm.com » Bash » Shellshock security testing and patching
https://github.com/aliasrobotics/rctf
Scenarios of the Robotics CTF (RCTF), a playground to challenge robot security.
https://github.com/aliasrobotics/rvss
Robot Vulnerability Scoring System (RVSS) Python 3 reference implementation.
https://github.com/bird-house/ansible-twitcher-playbook
Ansible playbook to set-up a twitcher security proxy instance.
https://github.com/binsec/rel
Binsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.
https://github.com/awstoolbox/find-public-rds-snapshots
A tool for finding all public RDS snapshots, filterable using regex.
https://github.com/awslabs/aws-greengrass-labs-certificate-rotator
Greengrass component and companion cloud backend for rotating the core device certificate and private key
https://github.com/copyleftdev/mcp_subfinder_server
Model Context Protocol (MCP) server that wraps ProjectDiscovery's subfinder tool for powerful subdomain enumeration through a JSON-RPC API.
pk-sbc
P-KISS-SBC - simple and stupid SIP/RTP SBC - AGPL v3 - Based on kamailio / RTP Engine
preferred-network-list-sniffer
A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
securityeval
Repository for "SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques" published in MSR4P&S'22.
agentdojo
A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents.
https://github.com/aliasrobotics/rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.