Checklist of the most important security countermeasures when designing, creating, testing your web/mobile application

Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Digitally sign PDF files from your commandline

♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

Store SSH keys in the Secure Enclave

Network intruder and presence detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

An Open-source LTE Downlink/Uplink Eavesdropper

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Bitwarden Secrets Manager SDK.

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Daemon to ban hosts that cause multiple authentication errors

A curated list of GPT agents for cybersecurity

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

ZITADEL - Identity infrastructure, simplified for you.

Multi-platform auto-proxy client, supporting Sing-box, X-ray, TUIC, Hysteria, Reality, Trojan, SSH etc. It’s an open-source, secure and ad-free.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Meshtastic device firmware

Simple Wireguard 2FA

Automatically provision and manage TLS certificates in Kubernetes

EJSON is a small library to manage encrypted secrets using asymmetric encryption.

VulnCheck's official command line tool

🛡️ Open-source and next-generation Web Application Firewall (WAF)

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

The FindMy Flipper app turns your FlipperZero into an AirTag or other tracking device, compatible with Apple AirTags and Samsung SmartTag and Tile Trackers. It uses the BLE beacon to broadcast, all…

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure