Search Results for "patterns"
Sort By:
Showing 51 open source projects for "patterns"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
WhatsApp Beacon
OSINT tool for tracking WhatsApp online status via Web automation
...It uses Selenium automation to interact with the web interface and detect when a target account goes online or offline. By continuously monitoring these changes, WhatsApp Beacon records connectivity patterns and builds a historical dataset of activity sessions. The collected information is stored in logs and a local database, allowing users to review behavioral patterns over time. In addition, the project supports exporting collected data to spreadsheet formats for further analysis or reporting. WhatsApp Beacon is designed to run across multiple operating systems and can operate in the background using headless browser automation. ... -
2
SeedCrackerX
Minecraft mod designed to reverse-engineer
...The system can also integrate with a shared database to contribute discovered seeds, enabling collaborative data gathering across users. Advanced features include brute-force algorithms that refine seed candidates based on structural patterns and hashed seed calculations. -
3
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
...These recipes help secure Kubernetes clusters by ensuring that pods communicate only with allowed peers, reduce attack surfaces, and enforce least-privilege connectivity at the network layer. The recipes scale from simple “deny all traffic by default” policies to more advanced micro-segmentation patterns for multi-tier apps (frontend/backends) and platform-level isolation for CI/CD systems or service meshes. -
4
SecLists
The Pentester’s Companion
...SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require. -
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
Tracee
Linux Runtime Security and Forensics using eBPF
...It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
6
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. ... -
7
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
...Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
8
urlhunter
Search exposed URLs from shortener services using keyword filtering
...These datasets contain resolved long URLs that were originally hidden behind short links, which can sometimes reveal sensitive or previously unknown endpoints. urlhunter downloads these collections and allows users to search and analyze them using custom keywords or patterns. This capability makes it useful for identifying exposed resources such as documents, internal panels, or forgotten endpoints that may still be accessible online. urlhunter is written in Go and operates as a command-line utility, making it suitable for automation and integration into reconnaissance workflows. -
9
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
IVRE
Open source framework for large scale network reconnaissance and analy
...IVRE stores the collected data in a database and offers multiple ways to explore and analyze it, including a web interface, command line tools, and a Python API. This allows security professionals to query scan results, inspect network flows, and identify patterns across large datasets. The project can be used to build self hosted alternatives to internet scanning services such as Shodan or Censys, giving organizations full control over their own reconnaissance infrastructure. -
11
io-ts
Runtime type system for IO decoding/encoding
...This approach is especially useful for APIs, configuration files, JSON payloads, database results, and any data that enters a program from an unknown source. io-ts integrates closely with functional programming patterns and the fp-ts ecosystem. Its main value is helping TypeScript applications keep runtime data validation aligned with compile-time type inference. -
12
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
...The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
13
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the... -
14
Username Anarchy
Username generator for penetration testing and user enumeration
...These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists. -
15
TinyAuth
The simplest way to protect your apps with a login screen
...It’s especially popular in home labs and small clusters where developers want robust protection without extensive setup or bloat, and a community of users actively discusses usage patterns and integrations on its GitHub Discussions board. -
16
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
...IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors. -
17
novu
The open-source notification infrastructure
The open-source notification infrastructure for developers. Simple components and APIs for managing all communication channels in one place: Email, SMS, Direct, and Push. Select channels, add content with {{dynamic}} syntax, and custom rules to control the delivery of notifications. Use a built-in collection of popular providers - Sendgrid, Mailgun, Twilio and many more. Add API key and you're ready to go. Send an event trigger using one of our community-built SDK's, and we will handle it... -
18
cloud_enum
Multi-cloud OSINT tool for discovering public cloud resources
...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization. -
19
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
...It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. The module exposes directives for enabling audit logging, anomaly scoring, request body buffering limits, and performance tuning to fit high-traffic deployments. Because it’s a native NGINX module, it benefits from NGINX’s event-driven architecture and can be compiled as a dynamic module for flexible packaging. ... -
20
GitHound
Search GitHub for leaked API keys, credentials, and exposed secrets
GitHound is a reconnaissance and security scanning tool designed to search GitHub for exposed secrets such as API keys, credentials, and other sensitive tokens. It works by combining GitHub search queries (often called “GitHub dorks”) with pattern matching techniques to locate potential secrets across public repositories. Instead of scanning only a limited set of repositories, the tool leverages GitHub’s Code Search API to analyze results from across the entire public GitHub ecosystem,... -
21
gitGraber
Real-time GitHub monitor that detects leaked API keys and secrets
gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It scans recently indexed files on GitHub and searches for patterns that may indicate leaked credentials, API keys, or other confidential data used by popular online services. Instead of analyzing the full history of repositories, the tool focuses on newly indexed content, allowing security researchers and bug bounty hunters to quickly identify fresh leaks as they appear. gitGraber uses carefully crafted regular expressions to detect tokens and secrets associated with platforms such as AWS, Google, PayPal, Twitter, Stripe, and many others. ... -
22
KeePass
A lightweight and easy-to-use password manager
KeePass Password Safe is a free, open source, lightweight, and easy-to-use password manager for Windows, Linux and Mac OS X, with ports for Android, iPhone/iPad and other mobile devices. With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way. KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to... -
23
SENTINEL
Open-source behavioral intelligence platform for detecting child groom
SENTINEL is an open-source behavioral intelligence platform for detecting child grooming on digital platforms. Released by Sentinel Foundation in April 2026, it analyzes patterns of user behavior over time rather than scanning message content for keywords, identifying grooming sequences before direct harm occurs. Key capabilities: - Behavioral scoring across four signal types: linguistic register shifts, relationship graph evolution, temporal escalation patterns, and fairness gates - Tamper-evident audit logs (cryptographically chained, 7-year retention) for legal proceedings and regulatory compliance - Privacy-preserving federation: platforms share encrypted threat signatures without exposing raw messages or user identities - Demographic parity audits enforced as a deployment gate before any detection model goes live - Built-in compliance for EU Digital Services Act, UK Online Safety Act, COPPA, and GDPR Free for organizations under $100k annual revenue and all non-commerci -
24
Oso
Oso is a batteries-included framework for building authorization
The Oso Library is a batteries-included framework for building authorization in your application. With Oso, you can. Model: Set up common permissions patterns like RBAC and relationships using Oso’s built-in primitives. Extend them however you need with Oso’s declarative policy language, Polar. Filter: Go beyond yes/no authorization questions. Implement authorization over collections too - e.g., “Show me only the records that Juno can see.” Test: Write unit tests over your authorization logic now that you have a single interface for it. ... -
25
SocialPwned
OSINT tool to collect emails from social networks and find leaks
...SocialPwned also integrates with GHunt to retrieve additional public information related to Google accounts linked to the discovered emails. By combining social media intelligence with breach data analysis, SocialPwned helps investigators identify reused passwords and patterns that may indicate potential security weaknesses.
