open-source-security
There are 48 repositories under open-source-security topic.
pyupio/safety
Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
vishalgarg-sec/Software-Supply-Chain-Security
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
ossf/alpha-omega
Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
elbraino/awesome-blackhat-arsenal
Curated collection of cybersecurity tools featured in Black Hat Arsenal events.
MarkLee131/PatchFinder
[ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software
cloudlinux/securechain-java
TuxCare SecureChain enhances Java supply chain security through vetted libraries, vulnerability fixes, and extended support. Ideal for enterprise-level compliance and secure development.
slowcoder360/vibesafe
Secure your code in seconds. VibeSafe is an AI-native DevSecOps CLI tool that detects vulnerabilities, secrets, insecure configs, and hallucinated dependencies before they ship.
Chocapikk/CVE-2023-51467
Apache OfBiz Auth Bypass Scanner for CVE-2023-51467
boloto1979/Securiskan
Securiskan: Scan files for malware. Secure your digital space.
Hack23/talks
How to secure your development pipeline with static application security test (SAST) / Dynamic application security test (DAST), software composition analysis (SCA) using Sonarqube.
Mrtracker-new/InvisioVault_R
InvisioVault is My daily learning sandbox for mastering steganography. Hide any files from documents and photos to videos and full folders inside ordinary images that look perfectly normal. Built with curiosity, crafted with passion.
AI-Security-Research-Group/LLM-Attacks
Comprehensive taxonomy of AI security vulnerabilities, LLM adversarial attacks, prompt injection techniques, and machine learning security research. Covers 71+ attack vectors including model poisoning, agentic AI exploits, and privacy breaches.
Chocapikk/CVE-2024-22899-to-22903-ExploitChain
Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2
MaheshShukla1/Snort-IDS-Configuration-Rules-and-Examples
This repository provides comprehensive guides, configurations, rules, and practical examples for Snort, the open-source intrusion detection system (IDS). Ideal for cybersecurity professionals and enthusiasts looking to enhance their network security skills.
AyhamAsfoor/Falcon_Defender
This CLI Program is an antivirus tool designed to scan directories, files, or entire drives for malicious content using YARA rules. It features options for manual or periodic scans, with quarantine capabilities for detected threats. The script utilizes OS-specific paths and interfaces.
h4r5h1t/gandiva-xspm
Multi-cloud xSPM platform to scan, visualize, and remediate security risks across cloud, containers, and Kubernetes environments.
shiftleftcyber/ShiftSBOMGen-Node
A pure client side CycloneDX SBOM Generator for node/npm projects
ClaudiasLibrary/webAppSec
This tool automates the process of auditing a web application for common security vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and missing HTTP security headers. The results of the audit are stored in an HTML report for easy review.
og-mason/JavaScript-Memory-Exploitation
Exploit :)
shiftleftcyber/ShiftSBOM-Utils
A pure client side Bitbucket Pipe containing a collection of open source tools to perform various types of additional analysis on a CycloneDX or SPDX sBOM (Software Bill of Materials).
steve-gibbons/astra-threat-modeling-framework
ASTRA (Architecture and Security Threat Review and Analysis) is a collaborative, business-driven methodology for security architecture review and threat modeling. NOT an audit.
AllUseIT/Nmap-Security-Scanner-2025
Nmap Security Scanner β powerful network scanning tool to detect vulnerabilities, ports, and security issues on your network. ππ
henrychoi7/opensource-security-sua
Studying open source security resources in SUA
JohnnyS1lverhand/tinysoc-lightweight-lab
Lightweight SOC lab with ELK, Suricata, ClamAV and Auditd β built and tested on a MacBook Air M1.
og-mason/GhostSec
SecMonLite (GhostSec)
PanagiotisKotsorgios/Timed-PC-Protection-Layer
A stealth security program that adds a timed challenge to protect your PC, shutting down if unauthorized users fail to meet the task. Ensures an extra layer of data protection even after login credentials are compromised.
Rianna113/BlackVault
BlackVault is a secure communication framework that uses advanced encryption to protect user data. With its unique self-defending protocols, it actively prevents unauthorized access and ensures privacy for users and developers alike. π‘οΈπ
roshanrateria/PhishGuardian
A Next-Generation Phishing Simulation & Awareness Platform
vibeSafe/vibeSafe-cli-js
Secure your code in seconds. VibeSafe is an AI-native DevSecOps CLI tool that detects vulnerabilities, secrets, insecure configs, and hallucinated dependencies before they ship.
bylickilabs/ProcessBehaviorProfiler
Local Python-based monitoring tool designed to analyze running processes in real time.
bylickilabs/SecureFileAccessWatcher
Lightweight Python-based utility for real-time monitoring of file and folder access on your local system
bylickilabs/ZipCracker
Python tool for recovering passwords from ZIP archives via dictionary or brute-force attack
javidahmed64592/cyber-query-ai
Ollama-powered cybersecurity assistant for ethical penetration testing and security research.
kop-png/IT-safety-concept
εεITζ¦εΏ΅δ½η³»
Malai10/Nmap-Security-Scanner-2025
π Scan networks with Nmap Security Scanner 2025 to find vulnerabilities and open ports quickly, ensuring robust network security and effective audits.