Showing 1121 open source projects for "security"

View related business solutions
  • Enterprise-grade ITSM, for every business Icon
    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

    Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
    Try it Free
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • 1
    Agentic Security

    Agentic Security

    Agentic LLM Vulnerability Scanner / AI red teaming kit

    The open-source Agentic LLM Vulnerability Scanner.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    OWASP Mobile Application Security

    OWASP Mobile Application Security

    Manual for mobile app security testing and reverse engineering

    The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word.
    Downloads: 18 This Week
    Last Update:
    See Project
  • 3
    macOS Security Compliance

    macOS Security Compliance

    macOS Security Compliance Project

    The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    Claude Code Security Reviewer

    Claude Code Security Reviewer

    An AI-powered security review GitHub Action using Claude

    The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc).
    Downloads: 0 This Week
    Last Update:
    See Project
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 5
    fsociety

    fsociety

    Modular CLI framework for managing penetration testing tools

    fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. ...
    Downloads: 124 This Week
    Last Update:
    See Project
  • 6
    Maigret

    Maigret

    Collect a dossier on a person by username from thousands of sites

    Maigret is an open-source OSINT tool designed to collect a dossier on a person by username from thousands of sites. It automates the process of checking for a user's presence across various platforms, aiding in digital investigations.​
    Downloads: 131 This Week
    Last Update:
    See Project
  • 7
    frida

    frida

    Dynamic instrumentation toolkit for developers

    Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts. Works on Windows, macOS, GNU/Linux, iOS, Android, and QNX. Install the Node.js bindings from npm, grab a Python package from PyPI, or use Frida through its Swift bindings, .NET bindings, Qt/Qml bindings, or C API. ...
    Downloads: 182 This Week
    Last Update:
    See Project
  • 8
    Toutatis

    Toutatis

    Extract public Instagram account information from usernames

    ...The utility is implemented in Python and runs through a simple command-line interface, making it easy to integrate into OSINT workflows and automation scripts. Toutatis is commonly used in open source intelligence investigations, research tasks, and security analysis that involve collecting publicly available social media data.
    Downloads: 123 This Week
    Last Update:
    See Project
  • 9
    Cybersecurity AI

    Cybersecurity AI

    Cybersecurity AI (CAI), the framework for AI Security

    CAI (Cybersecurity AI) is a lightweight open-source framework intended to help security practitioners build and deploy AI-assisted automation for defensive and offensive security workflows. The project frames itself as a practical foundation for “AI security,” focusing on turning security tasks into agentic workflows that can be composed, executed, and iterated on by practitioners. Rather than being a single-purpose tool, CAI is positioned as a framework that supports building multiple security automations and integrating them into existing processes. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • 10
    theHarvester

    theHarvester

    E-mails, subdomains and names

    theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources.
    Downloads: 35 This Week
    Last Update:
    See Project
  • 11
    secator

    secator

    Automated framework for running pentesting tools and workflows

    Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools into a unified framework. It acts as a centralized automation platform that helps security professionals run tasks, workflows, and scans more efficiently from a single command-line interface. It supports dozens of established security tools and organizes them into structured workflows, enabling users to perform complex reconnaissance and vulnerability discovery processes with minimal manual effort. ...
    Downloads: 6 This Week
    Last Update:
    See Project
  • 12
    Xteam

    Xteam

    All-in-one command-line toolkit for security testing and OSINT tools

    Xteam is a command-line security toolkit designed to provide multiple penetration testing and information-gathering utilities in a single interface. It combines several modules and external tools to help users perform security research tasks related to mobile devices, wireless networks, and online services. It acts as a centralized launcher that integrates scripts and third-party tools, allowing users to access different testing functions through a menu-based command line workflow. ...
    Downloads: 6 This Week
    Last Update:
    See Project
  • 13
    Mercury Browser

    Mercury Browser

    Privacy-focused web browser fork of Firefox

    Mercury Browser is an optimized, privacy-focused web browser that is a fork of Mozilla Firefox. It incorporates compiler optimizations such as AVX, AES, LTO, and PGO to enhance performance and security. With features derived from projects like LibreWolf, Waterfox, and Ghostery, Mercury disables telemetry and debugging elements by default, ensuring a more private browsing experience. It also includes usability patches that bring back features like the classic top bar and supports unsigned extensions for added flexibility. Mercury is tailored for users prioritizing speed and privacy and is available for both Linux and Windows​.
    Downloads: 49 This Week
    Last Update:
    See Project
  • 14
    Algo VPN

    Algo VPN

    Set of Ansible scripts that simplifies the setup of a personal VPN

    Introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need. And it’s free. For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you.
    Downloads: 15 This Week
    Last Update:
    See Project
  • 15
    Wfuzz

    Wfuzz

    Web application fuzzer

    Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.
    Downloads: 19 This Week
    Last Update:
    See Project
  • 16
    Tookie-OSINT

    Tookie-OSINT

    Username OSINT tool for discovering accounts across many websites

    ...Tookie-OSINT includes both command-line and optional web interface functionality, giving users flexible ways to run scans and analyze results. Tookie-OSINT was created to help beginners and aspiring security professionals learn about OSINT techniques.
    Downloads: 22 This Week
    Last Update:
    See Project
  • 17
    Blackbird

    Blackbird

    OSINT tool for finding accounts across 600+ sites by username or email

    Blackbird is an open source OSINT tool designed to search for user accounts across social networks and online platforms using a username or email address. The project focuses on helping investigators, researchers, and security professionals quickly discover where a specific identity appears on the internet. It performs reverse searches across more than 600 websites by leveraging data from the community-driven WhatsMyName project, which improves detection accuracy and reduces false positives. The tool operates primarily through a command line interface, allowing users to run automated searches and gather results from many platforms in a single process. ...
    Downloads: 32 This Week
    Last Update:
    See Project
  • 18
    Anthropic Cybersecurity Skills

    Anthropic Cybersecurity Skills

    754 structured cybersecurity skills for AI agents

    ...It is particularly useful for developers exploring how AI can augment traditional cybersecurity practices. Overall, the project serves as a foundation for building AI-driven security tools and workflows.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 19
    Sigma

    Sigma

    Main Sigma Rule Repository

    Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 20
    holehe

    holehe

    Check if the mail is used on different sites

    holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate...
    Downloads: 49 This Week
    Last Update:
    See Project
  • 21
    Watcher

    Watcher

    Open Source Cybersecurity Threat Hunting Platform

    Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 22
    Raccoon

    Raccoon

    High-performance reconnaissance and vulnerability scanning tool

    Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security assessments. It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 23
    discover

    discover

    Automation framework for reconnaissance and penetration testing tasks

    Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such as information gathering, network scanning, and web application testing during security assessments. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 24
    Payloads All The Things

    Payloads All The Things

    A list of useful payloads and bypass for Web Application Security

    A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 25
    DefectDojo

    DefectDojo

    DefectDojo is a DevSecOps and vulnerability management tool

    DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform.
    Downloads: 2 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next
Auth0 Logo