Showing 5416 open source projects for "security"

View related business solutions
  • Earn up to 16% annual interest with Nexo. Icon
    Earn up to 16% annual interest with Nexo.

    More flexibility. More control.

    Generate interest, access liquidity without selling, and execute trades seamlessly. All in one platform. Geographic restrictions, eligibility, and terms apply.
    Get started with Nexo.
  • Save Up to 91% on Cloud Compute With Spot VMs Icon
    Save Up to 91% on Cloud Compute With Spot VMs

    Automatic sustained-use discounts. One free VM per month. No negotiation needed.

    Run batch jobs at 60-91% off with Spot VMs. Long-running workloads get automatic discounts with sustained use.
    Try Free
  • 1
    security-audit

    security-audit

    A coding-agent skill for multi-phase security audits

    security-audit is a coding-agent skill for running structured security audits on software repositories. It organizes the audit into multiple phases so the agent does not simply search randomly for vulnerabilities. The workflow begins with reconnaissance, then moves into parallel hunting across attack classes such as injection, access control, business logic, cryptography, feature abuse, and chained attacks.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    Agentic Security

    Agentic Security

    Agentic LLM Vulnerability Scanner / AI red teaming kit

    The open-source Agentic LLM Vulnerability Scanner.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    SCAP Security Guide

    SCAP Security Guide

    Security automation content in SCAP, Bash, Ansible, and other formats

    The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise Server (SLES), as well as products, Firefox, Chromium, JRE. We aim to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 4
    Personal Security Checklist

    Personal Security Checklist

    A compiled checklist of 300+ tips for protecting digital security

    Personal Security Checklist is a comprehensive, plain-language checklist for improving personal digital security and privacy across devices, accounts, and everyday workflows. It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning.
    Downloads: 0 This Week
    Last Update:
    See Project
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 5
    Symfony Security Core

    Symfony Security Core

    Symfony Security Component - Core Library

    Part of the Symfony framework, the Security Core component provides the foundational tools for managing authentication, authorization, and access control in PHP applications. It’s framework-agnostic and can be used independently in any PHP project.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    Symfony Security Bundle

    Symfony Security Bundle

    Integration of the Security component into the Symfony framework

    Symfony Security Bundle is a powerful tool for adding authentication and authorization to Symfony applications. It provides mechanisms for managing user roles, password encryption, and access control. The bundle supports various authentication methods, including form login, HTTP basic auth, OAuth, and more. It also integrates with Symfony’s firewall and access control systems for secure application development.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    MCP Security Audit

    MCP Security Audit

    Powerful MCP (Model Context Protocol) Server that audits npm packages

    The MCP Security Audit Server is a powerful Model Context Protocol server that audits npm package dependencies for security vulnerabilities, integrating with remote npm registries for real-time security checks. ​
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    macOS Security Compliance

    macOS Security Compliance

    macOS Security Compliance Project

    The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    macOS-Security-and-Privacy-Guide

    macOS-Security-and-Privacy-Guide

    Community guide to securing and improving privacy on macOS

    macOS-Security-and-Privacy-Guide is a comprehensive, community-driven resource that provides detailed instructions and best practices for improving the security and privacy of macOS systems. It covers a wide range of topics, including threat modeling, system configuration, encryption, networking, and application security. The guide is designed for both advanced users and beginners who want to adopt stronger security practices on their devices.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Compliant and Reliable File Transfers Backed by Top Security Certifications Icon
    Compliant and Reliable File Transfers Backed by Top Security Certifications

    Cerberus FTP Server delivers SOC 2 Type II certified security and FIPS 140-2 validated encryption.

    Stop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
    Start Free Trial
  • 10
    spring-security-jwt-guide

    spring-security-jwt-guide

    Spring Security With JWT

    This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    Code Quality and Security for Java

    Code Quality and Security for Java

    SonarSource Static Analyzer for Java Code Quality and Security

    Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Covering popular build systems, standards and versions, Sonar elevates your coding game while keeping vulnerabilities at bay. With each Java version, we create dedicated rules so you learn shiny, new features and avoid pitfalls. Consistently find tricky, hard-to-spot issues in your regular expressions. Allow you to effortlessly repair your Java...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 12
    Ghidra

    Ghidra

    Ghidra is a software reverse engineering (SRE) framework

    ...It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes.
    Downloads: 9,220 This Week
    Last Update:
    See Project
  • 13
    Code Quality and Security for C#

    Code Quality and Security for C#

    Code analyzer for C# and VB.NET projects

    Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms. Our powerful language-specific analysis not only detects coding issues but also helps you understand what's wrong and how to fix it. Our publicly available...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 14
    Claude Code Security Reviewer

    Claude Code Security Reviewer

    An AI-powered security review GitHub Action using Claude

    The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc).
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    MCP Server (Rad Security)

    MCP Server (Rad Security)

    Rad Security MCP Server

    The RAD Security MCP Server is an MCP server that provides AI-powered security insights for Kubernetes and cloud environments. It integrates with the RAD Security platform to enhance security analysis and monitoring. ​
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    OWASP Find Security Bugs

    OWASP Find Security Bugs

    The SpotBugs plugin for security audits of Java web applications

    The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17
    PentestGPT

    PentestGPT

    Automated Penetration Testing Agentic Framework Powered by LLMs

    PentestGPT is an AI-powered autonomous penetration testing agent designed to perform intelligent, end-to-end security assessments using large language models. Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. ...
    Downloads: 414 This Week
    Last Update:
    See Project
  • 18
    fsociety

    fsociety

    Modular CLI framework for managing penetration testing tools

    fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. ...
    Downloads: 124 This Week
    Last Update:
    See Project
  • 19
    Wazuh

    Wazuh

    The Open Source Security Platform

    Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers.
    Downloads: 74 This Week
    Last Update:
    See Project
  • 20
    Nikto

    Nikto

    Web server vulnerability scanner for security assessments

    Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows.
    Downloads: 93 This Week
    Last Update:
    See Project
  • 21
    ZAP

    ZAP

    The OWASP ZAP core project

    The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ...
    Downloads: 73 This Week
    Last Update:
    See Project
  • 22
    spotify-adblock

    spotify-adblock

    Adblocker for Spotify

    Spotify adblocker for Linux (macOS untested) works by wrapping getaddrinfo and cef_urlrequest_create. It blocks requests to domains that are not on the allowlist, as well as URLs that are on the denylist.
    Downloads: 63 This Week
    Last Update:
    See Project
  • 23
    DVWA

    DVWA

    PHP/MySQL web application

    Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment. The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty, with a simple straightforward interface. ...
    Downloads: 490 This Week
    Last Update:
    See Project
  • 24
    SecLists

    SecLists

    The Pentester’s Companion

    SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more.
    Downloads: 34 This Week
    Last Update:
    See Project
  • 25
    hashcat

    hashcat

    World's fastest and most advanced password recovery utility

    hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking. Download the latest release and unpack it in the desired location. Please remember to use 7z x when unpacking the archive from the command line to ensure full file...
    Downloads: 134 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next
Auth0 Logo