Search Results for "security"
Sort By:
Showing 10485 open source projects for "security"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Network Management Software and Tools for Businesses and Organizations | Auvik NetworksReduce IT headaches and save time with a proven solution for automated network discovery, documentation, and performance monitoring. Choose Auvik because you'll see value in minutes, and stay with us to improve your IT for years to come.
-
1
Agentic Security
Agentic LLM Vulnerability Scanner / AI red teaming kit
The open-source Agentic LLM Vulnerability Scanner. -
2
Spring Security
Authentication and access-control framework
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements. -
3
SCAP Security Guide
Security automation content in SCAP, Bash, Ansible, and other formats
The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise Server (SLES), as well as products, Firefox, Chromium, JRE. We aim to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats. -
4
Docker Bench For Security
A script that checks for dozens of common best-practices around Docker
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. The tests are all automated, and are based on the CIS Docker Benchmark v1.3.1. We are making this available as an open-source utility so the Docker community can have an easy way to self-assess their hosts and docker containers against this benchmark. -
AI-based, Comprehensive Service Management for Businesses and IT ProvidersChangeGear provides IT staff with the functions required to manage everything from ticketing to incident, change and asset management and more. ChangeGear includes a virtual agent, self-service portals and AI-based features to support analyst and end user productivity.
-
5
Symfony Security Bundle
Integration of the Security component into the Symfony framework
Symfony Security Bundle is a powerful tool for adding authentication and authorization to Symfony applications. It provides mechanisms for managing user roles, password encryption, and access control. The bundle supports various authentication methods, including form login, HTTP basic auth, OAuth, and more. It also integrates with Symfony’s firewall and access control systems for secure application development. -
6
spring-security-jwt-guide
Spring Security With JWT
This project is a comprehensive example repository that demonstrates how to secure a Spring Boot application using Spring Security and JSON Web Tokens (JWT). It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. ... -
7
Personal Security Checklist
A compiled checklist of 300+ tips for protecting digital security
Personal Security Checklist is a comprehensive, plain-language checklist for improving personal digital security and privacy across devices, accounts, and everyday workflows. It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning. -
8
Symfony Security Core
Symfony Security Component - Core Library
Part of the Symfony framework, the Security Core component provides the foundational tools for managing authentication, authorization, and access control in PHP applications. It’s framework-agnostic and can be used independently in any PHP project. -
9
MCP Security Audit
Powerful MCP (Model Context Protocol) Server that audits npm packages
The MCP Security Audit Server is a powerful Model Context Protocol server that audits npm package dependencies for security vulnerabilities, integrating with remote npm registries for real-time security checks. -
FusionAuth: Authentication and User Management SoftwareFusionAuth adds login, registration, SSO, MFA, and a bazillion other features to your app in days - not months.
-
10
macOS Security Compliance
macOS Security Compliance Project
The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5. -
11
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. -
12
Claude Code Security Review
An AI-powered security review GitHub Action using Claude
The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). -
13
MCP Server (Rad Security)
Rad Security MCP Server
The RAD Security MCP Server is an MCP server that provides AI-powered security insights for Kubernetes and cloud environments. It integrates with the RAD Security platform to enhance security analysis and monitoring. -
14
Code Quality and Security for C#
Code analyzer for C# and VB.NET projects
Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms. Our powerful language-specific analysis not only detects coding issues but also helps you understand what's wrong and how to fix it. Our publicly available... -
15
Code Quality and Security for Java
SonarSource Static Analyzer for Java Code Quality and Security
Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Covering popular build systems, standards and versions, Sonar elevates your coding game while keeping vulnerabilities at bay. With each Java version, we create dedicated rules so you learn shiny, new features and avoid pitfalls. Consistently find tricky, hard-to-spot issues in your regular expressions. Allow you to effortlessly repair your Java... -
16
Open Aimbot
Universal Aim Assist Framework
Open Aimbot is a universal open source framework. It offers a wide selection of extensive functionality. We develop various utilities for Roblox, security systems, protection and scripts for specific games, and general scenarios. -
17
Ghidra
Ghidra is a software reverse engineering (SRE) framework
...It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
18
ZAP
The OWASP ZAP core project
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. ... -
19
Sigma
Main Sigma Rule Repository
Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms. -
20
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. -
21
DVWA
PHP/MySQL web application
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment. The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty, with a simple straightforward interface. ... -
22
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. -
23
Windows Defender Remover
A tool which is uses to remove Windows Defender
This is a command‑line tool and executable that fully disables or removes Microsoft Defender and associated Windows security components. It disables the Windows Security App, SmartScreen, Virtualization-Based Security (VBS), UAC, and other built‑in protections on Windows 8.x through Windows 11, effectively removing the antivirus and security UI from the system. -
24
thc-hydra
Shows how easy it would be to gain unauthorized access to a system
Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however, none does either support more than one protocol to attack or support parallelized connects. -
25
frida
Dynamic instrumentation toolkit for developers
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts. Works on Windows, macOS, GNU/Linux, iOS, Android, and QNX. Install the Node.js bindings from npm, grab a Python package from PyPI, or use Frida through its Swift bindings, .NET bindings, Qt/Qml bindings, or C API. ...