CoPro
CoPro: a data-driven modelling framework for conflict risk projections - Published in JOSS (2021)
QComms QKD Software Toolkit
QComms QKD Software Toolkit - Published in JOSS (2019)
fritap
Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
oauth2
🔐 oauth2 - A Ruby wrapper for the OAuth 2.0 Authorization Framework, including OpenID Connect (OIDC)
scapy
Scapy: the Python-based interactive packet manipulation program & library.
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
harden-windows-security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels
https://github.com/cleverhans-lab/cleverhans
An adversarial example library for constructing attacks, building defenses, and benchmarking both
paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
aflplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
https://github.com/awslabs/aws-well-architected-labs
Hands on labs and code to help you learn, measure, and build using architectural best practices.
average-calculator
📊 Creation of a Grade Average calculator to find out if the final grade was sufficient or not for approval.
top-trumps
🃏 Creation of the Top Trumps game where the theme and cards were inspired by great names responsible for the technology revolution and I dedicate it to Ada Lovelace to honor her contributions to humanity as one of the leading women in science and math.
sixarm_shell_random_scripts
SixArm.com → Shell → Random scripts to generate text
https://github.com/crowdstrike/falcon-helm
Helm Charts for running CrowdStrike Falcon with Kubernetes
https://github.com/coinfabrik/scout-audit
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development on which we extend scout for specific blockchains.
https://github.com/anchore/grype
A vulnerability scanner for container images and filesystems
https://github.com/bytedance/elkeid
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
ska
Sign data using symmetric-key algorithm encryption. Validate signed data and identify possible validation errors. Uses sha-(1, 224, 256, 385 and 512)/hmac for signature encryption. Custom hash algorithms are allowed. Useful shortcut functions for signing (and validating) dictionaries and URLs.
https://github.com/awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
https://github.com/crytic/blockchain-security-contacts
Directory of security contacts for blockchain companies
https://github.com/crowdstrike/falcon-operator
https://github.com/crowdstrike/ansible_collection_falcon
Comprehensive toolkit for streamlining your interactions with the CrowdStrike Falcon platform.
https://github.com/crowdstrike/container-image-scan-action
CrowdStrike Container Image Scan Github Action
https://github.com/crowdstrike/ivan
Falcon Image Vulnerability Analysis (IVAN) is a command-line image assessment tool.
https://github.com/cdcgov/cdh-lava-react
CDC Data Hub Lifecycle, Analysis & Visualization Accelerator (LAVA) REACT Components based on machine readable requirements.
https://github.com/cdpxe/nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
https://github.com/bytedance/android-inline-hook
:fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
https://github.com/crytic/awesome-ethereum-security
A curated list of awesome Ethereum security references
AdvBox
Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
octopus
Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
https://github.com/devidw/wp-hard
A modern approach to hardening WordPress: A WordPress hardening plugin.
https://github.com/cdpxe/openbsdhacks
Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).
timed_password_generator_classic_asp
Class to retrieve timed generate passwords.
pk-sbc
P-KISS-SBC - simple and stupid SIP/RTP SBC - AGPL v3 - Based on kamailio / RTP Engine
preferred-network-list-sniffer
A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
securityeval
Repository for "SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques" published in MSR4P&S'22.
sixarm_ruby_password_hash
SixArm.com » Ruby » Password Hash to do secure SHA256 passwords.
evocatio
nmap-pkg-generation-analysis
Framework for synthetic packet generation and characterization of Nmap scans
sixarm_ruby_password_attribute
SixArm.com » Ruby » PasswordAttribute module to add BCrypt to an ActiveRecord model
doomarena
DoomArena is a Framework for Testing AI Agents Against Evolving Security Threats
terraform-aws-iam-account-password-policy
A terraform module for managing AWS IAM account password policies.
system-hardware-id-generator
The System Hardware ID Generator Script is a Python tool designed to generate a unique Hardware ID (HWID) for the device it runs on. The HWID is represented as an 18-digit integer, making it efficient for storage in databases and indexing. This script can be used for software licensing, device authentication, and hardware inventory management.
security-datasets-for-testing
A set of security datasets for testing of tools and algorithms
https://github.com/aliasrobotics/rctf
Scenarios of the Robotics CTF (RCTF), a playground to challenge robot security.
https://github.com/aliasrobotics/rvss
Robot Vulnerability Scoring System (RVSS) Python 3 reference implementation.
awslabs/aws-lc-verification
This repository contains specifications, proof scripts, and other artifacts required to formally verify portions of AWS libcrypto. Formal verification is used to locate bugs and increase assurance of the correctness and security of the library.
codaspy2022
This repository is part of the paper "Hardening with Scapolite: a DevOps-based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large-Scale Organizations" presented at the 12th ACM Conference on Data and Application Security and Privacy (CODASPY). http://www.codaspy.org/2022/
https://github.com/amatofrancesco99/mdns-security
A project with the aim to simulate (and try to prevent/mitigate) a DoS attack on a target server, relying on the mDNS protocol.
https://github.com/awslabs/aws-greengrass-labs-certificate-rotator
Greengrass component and companion cloud backend for rotating the core device certificate and private key
https://github.com/awstoolbox/find-public-rds-snapshots
A tool for finding all public RDS snapshots, filterable using regex.
https://github.com/binsec/rel
Binsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.
https://github.com/copyleftdev/mailsentinel
AI-powered Gmail classification system using local Ollama LLM inference. Privacy-first email triage with modular YAML profiles, cryptographic audit trails, and enterprise-grade security.
https://github.com/copyleftdev/strider
🔒 STRIDER - Advanced Web Security Analysis Platform | AI-Powered Vulnerability Detection & Automated Security Scanning with Go