Search Results for "patterns"
Sort By:
Showing 66 open source projects for "patterns"
View related business solutions-
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
WhatsApp Beacon
OSINT tool for tracking WhatsApp online status via Web automation
...It uses Selenium automation to interact with the web interface and detect when a target account goes online or offline. By continuously monitoring these changes, WhatsApp Beacon records connectivity patterns and builds a historical dataset of activity sessions. The collected information is stored in logs and a local database, allowing users to review behavioral patterns over time. In addition, the project supports exporting collected data to spreadsheet formats for further analysis or reporting. WhatsApp Beacon is designed to run across multiple operating systems and can operate in the background using headless browser automation. ... -
2
SeedCrackerX
Minecraft mod designed to reverse-engineer
...The system can also integrate with a shared database to contribute discovered seeds, enabling collaborative data gathering across users. Advanced features include brute-force algorithms that refine seed candidates based on structural patterns and hashed seed calculations. -
3
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
...These recipes help secure Kubernetes clusters by ensuring that pods communicate only with allowed peers, reduce attack surfaces, and enforce least-privilege connectivity at the network layer. The recipes scale from simple “deny all traffic by default” policies to more advanced micro-segmentation patterns for multi-tier apps (frontend/backends) and platform-level isolation for CI/CD systems or service meshes. -
4
Tracee
Linux Runtime Security and Forensics using eBPF
...It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
Secure File Transfer for Windows with Cerberus by RedwoodCerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
-
5
SecLists
The Pentester’s Companion
...SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require. -
6
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. ... -
7
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
...Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
8
urlhunter
Search exposed URLs from shortener services using keyword filtering
...These datasets contain resolved long URLs that were originally hidden behind short links, which can sometimes reveal sensitive or previously unknown endpoints. urlhunter downloads these collections and allows users to search and analyze them using custom keywords or patterns. This capability makes it useful for identifying exposed resources such as documents, internal panels, or forgotten endpoints that may still be accessible online. urlhunter is written in Go and operates as a command-line utility, making it suitable for automation and integration into reconnaissance workflows. -
9
IVRE
Open source framework for large scale network reconnaissance and analy
...IVRE stores the collected data in a database and offers multiple ways to explore and analyze it, including a web interface, command line tools, and a Python API. This allows security professionals to query scan results, inspect network flows, and identify patterns across large datasets. The project can be used to build self hosted alternatives to internet scanning services such as Shodan or Censys, giving organizations full control over their own reconnaissance infrastructure. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. ... -
11
io-ts
Runtime type system for IO decoding/encoding
...This approach is especially useful for APIs, configuration files, JSON payloads, database results, and any data that enters a program from an unknown source. io-ts integrates closely with functional programming patterns and the fp-ts ecosystem. Its main value is helping TypeScript applications keep runtime data validation aligned with compile-time type inference. -
12
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the... -
13
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
...The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
14
GOAD (Game of Active Directory)
game of active directory
...The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts can filter, cluster, and explore these relationships to identify infrastructure patterns, potential subdomains, or attack surfaces. Integrations may include metadata like geolocation, WHOIS, and risk scoring to prioritize leads. GOAD helps teams transition from fragmented OSINT tools to a unified reconnaissance dashboard where exploration and filtering are first-class. -
15
Username Anarchy
Username generator for penetration testing and user enumeration
...These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists. -
16
novu
The open-source notification infrastructure
The open-source notification infrastructure for developers. Simple components and APIs for managing all communication channels in one place: Email, SMS, Direct, and Push. Select channels, add content with {{dynamic}} syntax, and custom rules to control the delivery of notifications. Use a built-in collection of popular providers - Sendgrid, Mailgun, Twilio and many more. Add API key and you're ready to go. Send an event trigger using one of our community-built SDK's, and we will handle it... -
17
cloud_enum
Multi-cloud OSINT tool for discovering public cloud resources
...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization. -
18
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
...IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors. -
19
TinyAuth
The simplest way to protect your apps with a login screen
...It’s especially popular in home labs and small clusters where developers want robust protection without extensive setup or bloat, and a community of users actively discusses usage patterns and integrations on its GitHub Discussions board. -
20
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
...It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. The module exposes directives for enabling audit logging, anomaly scoring, request body buffering limits, and performance tuning to fit high-traffic deployments. Because it’s a native NGINX module, it benefits from NGINX’s event-driven architecture and can be compiled as a dynamic module for flexible packaging. ... -
21
GitHound
Search GitHub for leaked API keys, credentials, and exposed secrets
GitHound is a reconnaissance and security scanning tool designed to search GitHub for exposed secrets such as API keys, credentials, and other sensitive tokens. It works by combining GitHub search queries (often called “GitHub dorks”) with pattern matching techniques to locate potential secrets across public repositories. Instead of scanning only a limited set of repositories, the tool leverages GitHub’s Code Search API to analyze results from across the entire public GitHub ecosystem,... -
22
gitGraber
Real-time GitHub monitor that detects leaked API keys and secrets
gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It scans recently indexed files on GitHub and searches for patterns that may indicate leaked credentials, API keys, or other confidential data used by popular online services. Instead of analyzing the full history of repositories, the tool focuses on newly indexed content, allowing security researchers and bug bounty hunters to quickly identify fresh leaks as they appear. gitGraber uses carefully crafted regular expressions to detect tokens and secrets associated with platforms such as AWS, Google, PayPal, Twitter, Stripe, and many others. ... -
23
Proton Pass for Android
Android code for the Proton Pass application
Proton Pass for Android is the official Android client for Proton’s secure password manager and digital credentials vault, designed to help users safely store, autofill, and organize passwords, secure notes, payment details, and other sensitive information directly on their Android devices. Built as a fully native Android application, it provides a polished user experience with Material Design patterns and makes encryption and decryption seamless by handling all sensitive data locally on the device, ensuring that plain text never leaves user control. The app integrates with Android’s autofill system so users can quickly fill login forms across apps and browsers with a tap while maintaining strong password hygiene and avoiding reused or weak passwords. ... -
24
KeePass
A lightweight and easy-to-use password manager
KeePass Password Safe is a free, open source, lightweight, and easy-to-use password manager for Windows, Linux and Mac OS X, with ports for Android, iPhone/iPad and other mobile devices. With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way. KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to... -
25
Eraser
A security tool to remove sensitive data from your Windows hard drive
Eraser is a secure data removal tool for Windows. It completely removes sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
