Search Results for "open"
Sort By:
2728 projects for "open" with 2 filters applied:
-
Outgrown Windows Task Scheduler?Windows Task Scheduler wasn't built for complex, cross-platform automation. Get a free diagnostic that shows exactly where things are failing and provides remediation recommendations. Interactive HTML report delivered in minutes.
-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
1
PentestGPT
Automated Penetration Testing Agentic Framework Powered by LLMs
PentestGPT is an AI-powered autonomous penetration testing agent designed to perform intelligent, end-to-end security assessments using large language models. Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs... -
2
SoftEther VPN
Cross-platform multi-protocol VPN software
An open-source free cross-platform multi-protocol VPN program, as an academic project from University of Tsukuba, under the Apache License 2.0. The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions) from JavaScript, TypeScript, C# or other languages. -
3
Syncthing
Open Source Continuous File Synchronization
Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. -
4
testssl.sh
Testing TLS/SSL encryption anywhere on any port
testssl.sh is a free command-line tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. testssl.sh is free and open-source software. You can use it under the terms of GPLv2, please review the License before using it. Works for Linux, Mac OSX, FreeBSD, NetBSD and WSL/MSYS2/Cygwin out of the box, no need to install or configure something, no gems, CPAN, pip or the like. OpenBSD only needs bash to be postinstalled. You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443. ... -
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
5
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
6
Osquery
SQL operating system instrumentation and monitoring framework
...This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. -
7
jCasbin
An authorization library that supports access control models
...Besides memory and file, Casbin policy can be stored into lots of places. Currently, dozens of databases are supported, from MySQL, Postgres, Oracle to MongoDB, Redis, Cassandra, AWS S3. jCasbin is a powerful and efficient open-source access control library for Java projects. It provides support for enforcing authorization based on various access control models. -
8
syslog-ng
Log management solution that improves the performance of SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to... -
9
Tailsnitch
A security auditor for Tailscale configurations
tailsnitch is a security auditing tool for Tailscale networks (tailnets) that scans configurations and device setups to detect risky or overly permissive settings, helping administrators maintain a secure mesh network. Written in Go and designed to be run either as a CLI or integrated into automated pipelines, tailsnitch performs dozens of checks against common access control policies, authentication key practices, network exposure issues, and device security settings. It outputs structured... -
Free and Open Source HR SoftwareGive your HR team the tools they need to streamline administrative tasks, support employees, and make informed decisions with the OrangeHRM free and open source HR software.
-
10
Splunk Attack Range
Tool to simulate attacks and collect the data
Attack Range Log The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
11
XRAY
XRay for recon, mapping and OSINT gathering from public networks
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services for vulnerabilities. It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or... -
12
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
13
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for... -
14
DSVPN
A dead simple VPN
DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable. Uses only modern cryptography, with formally verified implementations. Small and constant memory footprint. Doesn't perform any heap memory allocations. Small (~25 KB), with an equally small and readable code base. No external dependencies. Works out of the box. No lousy documentation to read. No configuration file. No post-configuration. ... -
15
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability detection, and system hardening. Test that Docker image, or improve the hardening of your deployed web application. ... -
16
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more actionable for administrators and auditors. ... -
17
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your... -
18
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. -
19
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and... -
20
Laravel Sentinel
A framework agnostic authentication & authorization system
Sentinel is a PHP 8.1+ framework agnostic fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. -
21
gopass
The slightly more awesome standard unix password manager for teams
gopass is a simple but powerful password manager for your terminal. Manage your credentials with ease. In a globally distributed team, on multiple devices or fully offline on an air-gapped machine. By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can... -
22
Ligolo-ng
An advanced, yet simple, tunneling/pivoting tool
Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). When running the relay/proxy server, a tun interface is used, packets sent to this interface are translated and then transmitted to the agent's remote network. You need to download the Wintun driver (used by WireGuard) and place the wintun.dll in the same folder as Ligolo. You can listen to ports on the agent and... -
23
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
24
Laravel Notify
Flexible Flash notifications for Laravel
Laravel Notify is a package that lets you add custom notifications to your project. A diverse range of notification designs is available. -
25
GopenPGP V3
A high-level OpenPGP library
GopenPGP V3 is a high-level OpenPGP cryptographic library developed by ProtonMail that provides a user-friendly API for common encryption and signing operations in Go, abstracting the complexity of the underlying OpenPGP standards and golang crypto primitives. This library lets developers perform key generation, message encryption and decryption, digital signing, and signature verification with straightforward functions that hide much of the boilerplate and nuance typically required when...
