Search Results for "patterns"
Sort By:
Showing 42 open source projects for "patterns"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
WhatsApp Beacon
OSINT tool for tracking WhatsApp online status via Web automation
...It uses Selenium automation to interact with the web interface and detect when a target account goes online or offline. By continuously monitoring these changes, WhatsApp Beacon records connectivity patterns and builds a historical dataset of activity sessions. The collected information is stored in logs and a local database, allowing users to review behavioral patterns over time. In addition, the project supports exporting collected data to spreadsheet formats for further analysis or reporting. WhatsApp Beacon is designed to run across multiple operating systems and can operate in the background using headless browser automation. ... -
2
SeedCrackerX
Minecraft mod designed to reverse-engineer
...The system can also integrate with a shared database to contribute discovered seeds, enabling collaborative data gathering across users. Advanced features include brute-force algorithms that refine seed candidates based on structural patterns and hashed seed calculations. -
3
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
...These recipes help secure Kubernetes clusters by ensuring that pods communicate only with allowed peers, reduce attack surfaces, and enforce least-privilege connectivity at the network layer. The recipes scale from simple “deny all traffic by default” policies to more advanced micro-segmentation patterns for multi-tier apps (frontend/backends) and platform-level isolation for CI/CD systems or service meshes. -
4
Tracee
Linux Runtime Security and Forensics using eBPF
...It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
SecLists
The Pentester’s Companion
...SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require. -
6
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. ... -
7
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
...Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
8
urlhunter
Search exposed URLs from shortener services using keyword filtering
...These datasets contain resolved long URLs that were originally hidden behind short links, which can sometimes reveal sensitive or previously unknown endpoints. urlhunter downloads these collections and allows users to search and analyze them using custom keywords or patterns. This capability makes it useful for identifying exposed resources such as documents, internal panels, or forgotten endpoints that may still be accessible online. urlhunter is written in Go and operates as a command-line utility, making it suitable for automation and integration into reconnaissance workflows. -
9
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. ... -
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
10
IVRE
Open source framework for large scale network reconnaissance and analy
...IVRE stores the collected data in a database and offers multiple ways to explore and analyze it, including a web interface, command line tools, and a Python API. This allows security professionals to query scan results, inspect network flows, and identify patterns across large datasets. The project can be used to build self hosted alternatives to internet scanning services such as Shodan or Censys, giving organizations full control over their own reconnaissance infrastructure. -
11
io-ts
Runtime type system for IO decoding/encoding
...This approach is especially useful for APIs, configuration files, JSON payloads, database results, and any data that enters a program from an unknown source. io-ts integrates closely with functional programming patterns and the fp-ts ecosystem. Its main value is helping TypeScript applications keep runtime data validation aligned with compile-time type inference. -
12
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
...The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
13
uBlacklist
Blocks specific sites from appearing in Google search results
uBlacklist is a Google Search filter for Chrome and Firefox. uBlacklist requires many site permissions on install. They are necessary to support all domains where Google Search is provided (google.com, google.ac, google.ad, ...). You can install uBlacklist from Chrome Web Store, Firefox Add-ons or Mac App Store. To block a site that you are looking at from appearing on the search result page, click the toolbar icon. A "Block this site" dialog will be shown. In recent versions of Chrome, the... -
14
Username Anarchy
Username generator for penetration testing and user enumeration
...These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists. -
15
TinyAuth
The simplest way to protect your apps with a login screen
...It’s especially popular in home labs and small clusters where developers want robust protection without extensive setup or bloat, and a community of users actively discusses usage patterns and integrations on its GitHub Discussions board. -
16
novu
The open-source notification infrastructure
The open-source notification infrastructure for developers. Simple components and APIs for managing all communication channels in one place: Email, SMS, Direct, and Push. Select channels, add content with {{dynamic}} syntax, and custom rules to control the delivery of notifications. Use a built-in collection of popular providers - Sendgrid, Mailgun, Twilio and many more. Add API key and you're ready to go. Send an event trigger using one of our community-built SDK's, and we will handle it... -
17
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
...IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors. -
18
cloud_enum
Multi-cloud OSINT tool for discovering public cloud resources
...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization. -
19
gitGraber
Real-time GitHub monitor that detects leaked API keys and secrets
gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It scans recently indexed files on GitHub and searches for patterns that may indicate leaked credentials, API keys, or other confidential data used by popular online services. Instead of analyzing the full history of repositories, the tool focuses on newly indexed content, allowing security researchers and bug bounty hunters to quickly identify fresh leaks as they appear. gitGraber uses carefully crafted regular expressions to detect tokens and secrets associated with platforms such as AWS, Google, PayPal, Twitter, Stripe, and many others. ... -
20
KeePass
A lightweight and easy-to-use password manager
KeePass Password Safe is a free, open source, lightweight, and easy-to-use password manager for Windows, Linux and Mac OS X, with ports for Android, iPhone/iPad and other mobile devices. With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way. KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to... -
21
SENTINEL
Open-source behavioral intelligence platform for detecting child groom
SENTINEL is an open-source behavioral intelligence platform for detecting child grooming on digital platforms. Released by Sentinel Foundation in April 2026, it analyzes patterns of user behavior over time rather than scanning message content for keywords, identifying grooming sequences before direct harm occurs. Key capabilities: - Behavioral scoring across four signal types: linguistic register shifts, relationship graph evolution, temporal escalation patterns, and fairness gates - Tamper-evident audit logs (cryptographically chained, 7-year retention) for legal proceedings and regulatory compliance - Privacy-preserving federation: platforms share encrypted threat signatures without exposing raw messages or user identities - Demographic parity audits enforced as a deployment gate before any detection model goes live - Built-in compliance for EU Digital Services Act, UK Online Safety Act, COPPA, and GDPR Free for organizations under $100k annual revenue and all non-commerci -
22
Oso
Oso is a batteries-included framework for building authorization
The Oso Library is a batteries-included framework for building authorization in your application. With Oso, you can. Model: Set up common permissions patterns like RBAC and relationships using Oso’s built-in primitives. Extend them however you need with Oso’s declarative policy language, Polar. Filter: Go beyond yes/no authorization questions. Implement authorization over collections too - e.g., “Show me only the records that Juno can see.” Test: Write unit tests over your authorization logic now that you have a single interface for it. ... -
23
SocialPwned
OSINT tool to collect emails from social networks and find leaks
...SocialPwned also integrates with GHunt to retrieve additional public information related to Google accounts linked to the discovered emails. By combining social media intelligence with breach data analysis, SocialPwned helps investigators identify reused passwords and patterns that may indicate potential security weaknesses. -
24
Metlo
Metlo is an open-source API security platform
Metlo is an open source API security tool you can set up in < 15 minutes that inventories your endpoints, detects bad actors, and blocks malicious traffic in real time. Metlo passively listens to your API traffic and tags every malicous request. Our models are built on patterns of malicous requests to detect bad actors and API attacks. -
25
Privaxy
Privaxy is the next generation tracker and advertisement blocker
...Privaxy is a MITM HTTP(s) proxy that sits in between HTTP(s) talking applications, such as a web browser and HTTP servers, such as those serving websites. By establishing a two-way tunnel between both ends, Privaxy is able to block network requests based on URL patterns and to inject scripts as well as styles into HTML documents. Operating at a lower level, Privaxy is both more efficient as well as more streamlined than browser add-on-based blockers. A single instance of Privaxy on a small virtual machine, server or even, on the same computer as the traffic is originating from, can filter thousands of requests per second while requiring a very small amount of memory.
