CoPro
CoPro: a data-driven modelling framework for conflict risk projections - Published in JOSS (2021)
QComms QKD Software Toolkit
QComms QKD Software Toolkit - Published in JOSS (2019)
fritap
Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
oauth2
🔐 oauth2 - A Ruby wrapper for the OAuth 2.0 Authorization Framework, including OpenID Connect (OIDC)
scapy
Scapy: the Python-based interactive packet manipulation program & library.
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
harden-windows-security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels
https://github.com/cleverhans-lab/cleverhans
An adversarial example library for constructing attacks, building defenses, and benchmarking both
paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
aflplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
https://github.com/awslabs/aws-well-architected-labs
Hands on labs and code to help you learn, measure, and build using architectural best practices.
average-calculator
📊 Creation of a Grade Average calculator to find out if the final grade was sufficient or not for approval.
top-trumps
🃏 Creation of the Top Trumps game where the theme and cards were inspired by great names responsible for the technology revolution and I dedicate it to Ada Lovelace to honor her contributions to humanity as one of the leading women in science and math.
sixarm_shell_random_scripts
SixArm.com → Shell → Random scripts to generate text
https://github.com/crowdstrike/falcon-helm
Helm Charts for running CrowdStrike Falcon with Kubernetes
https://github.com/coinfabrik/scout-audit
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development on which we extend scout for specific blockchains.
https://github.com/anchore/grype
A vulnerability scanner for container images and filesystems
https://github.com/bytedance/elkeid
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
ska
Sign data using symmetric-key algorithm encryption. Validate signed data and identify possible validation errors. Uses sha-(1, 224, 256, 385 and 512)/hmac for signature encryption. Custom hash algorithms are allowed. Useful shortcut functions for signing (and validating) dictionaries and URLs.
https://github.com/awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
https://github.com/crytic/blockchain-security-contacts
Directory of security contacts for blockchain companies
https://github.com/crowdstrike/falcon-operator
https://github.com/crowdstrike/ansible_collection_falcon
Comprehensive toolkit for streamlining your interactions with the CrowdStrike Falcon platform.
https://github.com/crowdstrike/container-image-scan-action
CrowdStrike Container Image Scan Github Action
https://github.com/crowdstrike/ivan
Falcon Image Vulnerability Analysis (IVAN) is a command-line image assessment tool.
https://github.com/cdcgov/cdh-lava-react
CDC Data Hub Lifecycle, Analysis & Visualization Accelerator (LAVA) REACT Components based on machine readable requirements.
https://github.com/cdpxe/nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
https://github.com/bytedance/android-inline-hook
:fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
https://github.com/crytic/awesome-ethereum-security
A curated list of awesome Ethereum security references
AdvBox
Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
octopus
Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
https://github.com/devidw/wp-hard
A modern approach to hardening WordPress: A WordPress hardening plugin.
https://github.com/cipher-fox/nestjs-cryptography
Secure NestJS cryptography module 🔐
https://github.com/aleksamcode/wifi-password-stealer
Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
https://github.com/bytedance/varmor
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
https://github.com/chronospk/pentesting-cheatsheets
Comprehensive pentesting cheatsheets in Markdown and SVG diagrams
nmap-pkg-generation-analysis
Framework for synthetic packet generation and characterization of Nmap scans
p4-forch_katharatopo
Exploiting Data Plane Programmability to Enhance Service Orchestration in the Edge: a focus on Industrial Security
https://github.com/broadinstitute/dsp-appsec-infrastructure-apps
This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.
terraform-aws-iam-account-password-policy
A terraform module for managing AWS IAM account password policies.
firmwaredroid
FirmwareDroid is an analysis framework for Android firmware and Apps.
system-hardware-id-generator
The System Hardware ID Generator Script is a Python tool designed to generate a unique Hardware ID (HWID) for the device it runs on. The HWID is represented as an 18-digit integer, making it efficient for storage in databases and indexing. This script can be used for software licensing, device authentication, and hardware inventory management.
https://github.com/aliasrobotics/rctf
Scenarios of the Robotics CTF (RCTF), a playground to challenge robot security.
https://github.com/aliasrobotics/rvss
Robot Vulnerability Scoring System (RVSS) Python 3 reference implementation.
https://github.com/cdpxe/hardenedlinux
Scripts of the Hardened Linux (HL) distribution: hardening scripts (HLHS) and package system (cpfos)
https://github.com/coinfabrik/scout-workshop
Learn to Scout for security issues and best practices in Soroban
https://github.com/copyleftdev/rrdeep
Rust implementation of Context-Triggered Piecewise Hashing (CTPH), inspired by tools like **ssdeep**
https://github.com/copyleftdev/mcp_subfinder_server
Model Context Protocol (MCP) server that wraps ProjectDiscovery's subfinder tool for powerful subdomain enumeration through a JSON-RPC API.
automated-identification-of-security-relevant-configuration-settings-using-nlp
This repository is part of the paper "Automated Identification of Security-Relevant Configuration Settings Using NLP" accepted at the Industry Showcase track at the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE). https://conf.researchr.org/track/ase-2022/ase-2022-industry-showcase.
preferred-network-list-sniffer
A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
sixarm_ruby_password_salt
SixArm.com » Ruby » Password salt to create secure user-friendly passwords
https://github.com/andstor/verified-smart-contracts-audit
:bug: Verified smart contract dataset with vulnerability labeling
awslabs/aws-lc-verification
This repository contains specifications, proof scripts, and other artifacts required to formally verify portions of AWS libcrypto. Formal verification is used to locate bugs and increase assurance of the correctness and security of the library.
https://github.com/amatofrancesco99/mdns-security
A project with the aim to simulate (and try to prevent/mitigate) a DoS attack on a target server, relying on the mDNS protocol.
windows-pe-packer
🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engineering.(使用C和Intel x86汇编开发的Windows x86可执行文件打包工具,打包后的新文件可以阻碍逆向工程。)
airisc_core_complex
Fraunhofer IMS processor core. RISC-V ISA (RV32IM) with additional peripherals for embedded AI applications and smart sensors.