Showing 10944 open source projects for "security"

View related business solutions
  • Enterprise-grade ITSM, for every business Icon
    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

    Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
    Try it Free
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 1
    Is Website Vulnerable

    Is Website Vulnerable

    Finds publicly known security vulnerabilities in a website's frontend

    A command-line tool that scans websites for known security vulnerabilities in their frontend dependencies by checking against the Snyk vulnerability database.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 2
    PDFRip

    PDFRip

    A multi-threaded PDF password cracking utility

    A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks. pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. You can write your own queries like STRING{69-420} with the -q option which would generate a wordlist with the full number range. You can pass in an...
    Downloads: 18 This Week
    Last Update:
    See Project
  • 3
    Watcher

    Watcher

    Open Source Cybersecurity Threat Hunting Platform

    Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 4
    Arkime

    Arkime

    A full packet capturing, indexing, and database system

    Arkime is an open source, large-scale, full packet capturing, indexing, and database system designed to augment existing security infrastructure by storing and indexing network traffic in standard PCAP format. It offers full network visibility, facilitating the swift identification and resolution of security and network issues. Security teams gain access to the necessary network visibility data essential for responding to and investigating incidents to expose the full attack scope. ...
    Downloads: 13 This Week
    Last Update:
    See Project
  • Forever Free Full-Stack Observability | Grafana Cloud Icon
    Forever Free Full-Stack Observability | Grafana Cloud

    Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

    Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
    Create free account
  • 5
    Al-Khaser

    Al-Khaser

    Public malware techniques used in the wild: Virtual Machine, Emulation

    al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these behaviors. ...
    Downloads: 12 This Week
    Last Update:
    See Project
  • 6
    UFONet

    UFONet

    UFONet - Denial of Service Toolkit

    UFONet is a powerful and controversial Python-based toolkit for testing and conducting Distributed Denial of Service (DDoS) attacks using unconventional methods, such as leveraging third-party web applications as attack vectors. It automates the discovery of vulnerable targets and enables attackers or researchers to launch large-scale amplification attacks without directly using botnets. While primarily intended for penetration testing and educational purposes, UFONet emphasizes anonymity...
    Downloads: 26 This Week
    Last Update:
    See Project
  • 7
    SIPVicious

    SIPVicious

    Security tools that can be used to audit SIP based VoIP systems

    SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 8
    Lantern

    Lantern

    Tool to access videos, messaging, and other popular apps

    ...Lantern does not cooperate with any law enforcement in any country. Lantern encrypts all of your traffic to blocked sites and services to protect your data and privacy. Lantern passed multiple third party white box security audits to ensure security of our code. Lantern is easy to use, just download and install to start streaming, browsing and using apps, no configuration required. No installation, no registration, no registration, no configuration, just click and go! All you have to do is install it and hit the POWER button! Don't wait forever for your applications to load or the website to appear in your browser. ...
    Downloads: 35 This Week
    Last Update:
    See Project
  • 9
    Web-Check

    Web-Check

    All-in-one OSINT tool for analysing any website

    Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance, trackers, associated hostnames, carbon footprint. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • Go From AI Idea to AI App Fast Icon
    Go From AI Idea to AI App Fast

    One platform to build, fine-tune, and deploy ML models. No MLOps team required.

    Access Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
    Try Free
  • 10
    KeePassXC

    KeePassXC

    KeePassXC is a cross-platform community-driven port

    Securely store passwords using industry-standard encryption, quickly auto-type them into desktop applications, and use our browser extension to log into websites. Complete database encryption using industry-standard 256-bit AES. Fully compatible with KeePass Password Safe formats. Your password database works offline and requires no internet connection. Every feature looks, feels, works, and is tested on Windows, macOS, and Linux. You can expect a seamless experience no matter which...
    Downloads: 27 This Week
    Last Update:
    See Project
  • 11
    emp3r0r

    emp3r0r

    Linux/Windows post-exploitation framework made by linux user

    A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.
    Downloads: 20 This Week
    Last Update:
    See Project
  • 12
    Scope Sentry

    Scope Sentry

    Cyberspace asset mapping and vulnerability scanning platform

    ScopeSentry is an open source cybersecurity tool designed for cyberspace asset mapping and automated security analysis. It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 13
    Anthropic Cybersecurity Skills

    Anthropic Cybersecurity Skills

    754 structured cybersecurity skills for AI agents

    ...It is particularly useful for developers exploring how AI can augment traditional cybersecurity practices. Overall, the project serves as a foundation for building AI-driven security tools and workflows.
    Downloads: 10 This Week
    Last Update:
    See Project
  • 14
    syft

    syft

    CLI tool and library for generating a Software Bill of Materials

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution...
    Downloads: 46 This Week
    Last Update:
    See Project
  • 15
    GnuPG

    GnuPG

    Complete and free implementation of the OpenPGP standard

    ...The software allows users to encrypt files and messages, create digital signatures, and manage cryptographic keys, making it a foundational tool for privacy-focused workflows. Because it is open source and licensed under the GNU GPL, GnuPG can be freely audited, modified, and redistributed, which has contributed to its adoption in security-sensitive environments. It is primarily command-line driven but can be integrated into email clients, messaging tools, and graphical front-ends for broader usability.
    Downloads: 19 This Week
    Last Update:
    See Project
  • 16
    Xteam

    Xteam

    All-in-one command-line toolkit for security testing and OSINT tools

    Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. ...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 17
    Proxify

    Proxify

    A versatile and portable proxy for capturing HTTP/HTTPS traffic

    Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into BurpSuite or any other proxy by simply setting the upstream proxy to proxify.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 18
    Wfuzz

    Wfuzz

    Web application fuzzer

    Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 19
    airgeddon

    airgeddon

    This is a multi-use bash script for Linux systems

    airgeddon is an alive project growing day by day. Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing. DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). "DoS Pursuit mode" is available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks). Full support for 2.4Ghz and 5Ghz bands. Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing. Cleaning and optimizing Handshake captured...
    Downloads: 37 This Week
    Last Update:
    See Project
  • 20
    SSH-MITM

    SSH-MITM

    Server for security audits supporting public key authentication

    ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 21
    deepsec

    deepsec

    Deepsec is a security harness for finding vulnerabilities

    deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using coding agents to perform deep, project-aware security review rather than only basic pattern matching. The tool initializes a project-specific security context, scans code in batches, processes findings, and can optionally revalidate results to reduce false positives.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 22
    secator

    secator

    Automated framework for running pentesting tools and workflows

    Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools into a unified framework. It acts as a centralized automation platform that helps security professionals run tasks, workflows, and scans more efficiently from a single command-line interface. It supports dozens of established security tools and organizes them into structured workflows, enabling users to perform complex reconnaissance and vulnerability discovery processes with minimal manual effort. ...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 23
    Zeek

    Zeek

    Zeek is a powerful network analysis framework

    Zeek has a long history in the open source and digital security worlds. Vern Paxson began developing the project in the 1990s under the name “Bro” as a means to understand what was happening on his university and national laboratory networks. Vern and the project’s leadership team renamed Bro to Zeek in late 2018 to celebrate its expansion and continued development. Zeek is not an active security device, like a firewall or intrusion prevention system.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 24
    Rufus

    Rufus

    Utility to create bootable USB flash drives

    Rufus is a standalone app designed to format and create a bootable USB drive for a large variety of ISOs. The app is just over 1MB in size and is notably faster than similar competitor apps such as the Windows 7 USB utility, Universal USB Installer, and UNetbootin. Rufus can come in handy when you need to simply format a USB drive, install an OS on a machine that lacks a CD/DVD-ROM drive, or when you need to boot an operating system temporarily without intentions of actually installing...
    Downloads: 715 This Week
    Last Update:
    See Project
  • 25
    Payloads All The Things

    Payloads All The Things

    A list of useful payloads and bypass for Web Application Security

    A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares.
    Downloads: 3 This Week
    Last Update:
    See Project
MongoDB Logo MongoDB