Showing 1122 open source projects for "security"

View related business solutions
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • 1
    IntelOwl

    IntelOwl

    Centralized platform for automated threat intelligence analysis

    IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple services. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 2
    IPRanges

    IPRanges

    Daily updated lists of cloud, bot, and service IP ranges

    ipranges is an open source repository that provides continuously updated lists of IP address ranges associated with major cloud providers, search engine crawlers, and online services. ipranges collects IP ranges from publicly available sources and organizes them into structured files that can be easily used in security, networking, and automation workflows. It includes address ranges from providers such as Google Cloud, Amazon AWS, Microsoft, Oracle Cloud, and DigitalOcean, as well as well known service platforms like GitHub, Facebook, Twitter, and Telegram. It also tracks IP ranges used by search engine bots and automated agents including Googlebot, Bingbot, and OpenAI’s GPTBot. ...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 3
    Defending Code Reference Harness

    Defending Code Reference Harness

    Skills for threat modeling, scanning, triage, patching, etc.

    Defending Code Reference Harness is a reference implementation for autonomous vulnerability discovery and remediation with Claude. It is designed for security teams that want a structured way to test, triage, and patch software issues with agent support. The project includes skills for threat modeling, scanning, triage, patching, and customizable autonomous analysis workflows. Its default pipeline focuses on finding memory bugs in C and C++ code using ASAN as the crash detector. The overall architecture is meant to be adaptable, so teams can modify it for other languages, bug classes, and detection systems. ...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 4
    Robin

    Robin

    AI-powered tool for dark web OSINT search and investigation

    Robin is an AI-powered open source tool designed to assist investigators and researchers in conducting dark web OSINT (Open Source Intelligence) investigations. It combines automated dark web search capabilities with large language models (LLMs) to analyze and summarize information discovered across hidden services and Tor-based search engines. The tool helps refine investigative queries, collect results from multiple dark web sources, and filter relevant intelligence using AI-driven...
    Downloads: 21 This Week
    Last Update:
    See Project
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • 5
    Claude BugHunter

    Claude BugHunter

    A Claude Code skill bundle for bug hunting

    ...It includes curated patterns from public vulnerability reports, making it useful as a learning and workflow reference. Because it supports security testing, it should only be used on systems where the user has permission to test. Its strongest value is turning scattered bug bounty knowledge into reusable Claude Code workflows.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 6
    GuardDog

    GuardDog

    GuardDog is a CLI tool to Identify malicious PyPI and npm packages

    guarddog is an open-source security tool by DataDog designed to detect risks in open-source dependencies. It helps developers analyze software supply chain risks and prevent malicious or vulnerable packages from being used.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 7
    WAFW00F

    WAFW00F

    WAFW00F allows one to identify and fingerprint Web App Firewall

    ...If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 8
    Bandit

    Bandit

    Bandit is a tool designed to find common security issues in Python

    Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report. Bandit was originally developed within the OpenStack Security Project and later rehomed to PyCQA.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 9
    gitGraber

    gitGraber

    Real-time GitHub monitor that detects leaked API keys and secrets

    ...When a potential leak is discovered, the tool can notify users through messaging platforms or display results directly in the command line. This approach helps organizations and security professionals monitor potential exposures.
    Downloads: 1 This Week
    Last Update:
    See Project
  • Go from Code to Production URL in Seconds Icon
    Go from Code to Production URL in Seconds

    Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

    Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
    Try it free
  • 10
    proxy.py

    proxy.py

    Utilize all available CPU cores for accepting new client connections

    proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections....
    Downloads: 3 This Week
    Last Update:
    See Project
  • 11
    Cr3dOv3r

    Cr3dOv3r

    Know the dangers of credential reuse attacks

    ...It is primarily intended for educational and ethical security testing purposes, helping security professionals understand how attackers might exploit reused passwords. The system integrates with external APIs and services to gather breach data and perform automated checks efficiently. It supports multiple modes of operation, including leak-only analysis and credential testing workflows.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 12
    FATE

    FATE

    An industrial grade federated learning framework

    ...FedAI is a community that helps businesses and organizations build AI models effectively and collaboratively, by using data in accordance with user privacy protection, data security, data confidentiality and government regulations.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    truffleHog

    truffleHog

    Searches through git repositories for high entropy strings and secrets

    ...With support for custom integrations and new integrations added all the time, you can secure your secrets across your entire environment. TruffleHog is developed by a team entirely comprised of career security experts. Security is our passion and primary concern, and all features are developed with best practices in mind. TruffleHog enables you to track and manage secrets within our intuitive management interface, including links to exactly where secrets have been found. TruffleHog runs quietly in the background, continuously scanning your environment for secrets.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 14
    reNgine

    reNgine

    Automated framework for web application reconnaissance and scanning

    reNgine is an automated reconnaissance framework designed to simplify and enhance the process of gathering information about web applications during security assessments. It provides a streamlined workflow for penetration testers, bug bounty hunters, and security teams who need to perform reconnaissance efficiently and at scale. The platform integrates multiple open-source reconnaissance tools into a unified environment with a configurable scanning engine and an intuitive web interface. reNgine focuses on improving traditional reconnaissance workflows by organizing collected data in a database and correlating results to make them easier to analyze. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    A.I.G

    A.I.G

    Full-stack AI Red Teaming platform

    ...Users can deploy it via Docker or scripts to get a modern web UI that guides them through tasks like scanning third-party frameworks for known CVEs and experimenting with prompt security against attack vectors. The tool provides both a visual interface and a comprehensive API, making integration with internal security systems or CI/CD pipelines practical for ongoing risk management.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    Fingerprint Pro Server Python SDK

    Fingerprint Pro Server Python SDK

    Python SDK for Fingerprint Pro Server API

    Fingerprint Pro Server API allows you to get information about visitors and about individual events in a server environment. It can be used for data exports, decision-making, and data analysis scenarios. Server API is intended for server-side usage, it's not intended to be used from the client side, whether it's a browser or a mobile device.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    ClatScope

    ClatScope

    OSINT reconnaissance tool for IP, domain, email, and username lookups

    ClatScope is a Python-based OSINT (open source intelligence) utility designed to gather and analyze publicly available information from multiple online sources. It is primarily aimed at investigators, cybersecurity professionals, penetration testers, and researchers who need a centralized platform for reconnaissance tasks. It integrates with numerous public APIs and internet services to retrieve detailed data about IP addresses, domains, email addresses, phone numbers, usernames, and other...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 18

    Impacket

    A collection of Python classes for working with network protocols

    Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 19
    Copy Fail - CVE-2026-31431

    Copy Fail - CVE-2026-31431

    epository that demonstrates and analyzes a Linux kernel vulnerability

    ...Overall, it contributes to the study of system-level security flaws and mitigation strategies.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 20
    IVRE

    IVRE

    Open source framework for large scale network reconnaissance and analy

    ...It provides tools for both active and passive reconnaissance, enabling users to understand how networks behave and identify exposed services or infrastructure. The framework integrates with well known security and scanning tools such as Nmap, Masscan, ZGrab2, ZDNS, and Zeek to gather large amounts of network intelligence. IVRE stores the collected data in a database and offers multiple ways to explore and analyze it, including a web interface, command line tools, and a Python API. This allows security professionals to query scan results, inspect network flows, and identify patterns across large datasets. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 21
    OSS-Fuzz

    OSS-Fuzz

    OSS-Fuzz - continuous fuzzing for open source software

    OSS-Fuzz is a large-scale fuzz testing platform developed by Google to improve the security and reliability of widely used open source software. Fuzz testing is a proven method for uncovering programming errors such as buffer overflows and memory leaks, which can lead to severe security vulnerabilities. By leveraging guided in-process fuzzing, Google has already identified thousands of issues in projects like Chrome, and this initiative extends the same capabilities to the broader open source community. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    FinalRecon

    FinalRecon

    All-in-one Python web reconnaissance tool for fast target analysis

    ...Historical URLs and resources can be retrieved from archived sources to help analyze changes in a website over time. Designed primarily for penetration testers and security researchers, FinalRecon simplifies the reconnaissance phase of security assessments.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 23
    Argus

    Argus

    Python toolkit for OSINT and reconnaissance with 135+ modules

    Argus is a Python-based open source toolkit designed to simplify information gathering and reconnaissance tasks in cybersecurity. It provides an integrated command-line environment that consolidates numerous reconnaissance utilities into a single framework. The tool enables users to collect data about networks, domains, web applications, and infrastructure in an organized and efficient manner. Argus includes a modular architecture with more than 130 modules that support activities such as...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 24
    OWASP Maryam

    OWASP Maryam

    Modular OSINT framework for automated open-source intelligence gatheri

    ...Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open sources. Maryam helps security researchers and analysts streamline routine data-gathering tasks that typically involve searching multiple sources such as Google, Bing, or other online platforms. Maryam organizes its functionality into several modules that focus on different aspects of intelligence gathering, including footprint analysis, OSINT data extraction, and general search operations.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 25
    pwnedOrNot

    pwnedOrNot

    Check breached emails and find exposed passwords from public dumps

    ...If the email is found in a breach, the tool proceeds to search for associated passwords within publicly available data dumps. This two-phase approach allows investigators, security professionals, and researchers to assess the exposure level of compromised accounts using publicly accessible breach information. The tool displays useful breach details such as the name of the breach, the affected domain, the breach date, and several status indicators related to the authenticity and status of the breach. pwnedOrNot can also analyze domains to determine whether they have been involved in breaches and can list all breached domains available through the HIBP database.
    Downloads: 2 This Week
    Last Update:
    See Project
Auth0 Logo