Awesome

GitHub projects from awesome lists

Search awesome repositories

Search names, descriptions, topics, tags, and stacks, then tune results by ecosystem, freshness, health, and cross-list signal.

Repos indexed
17,373
Awesome lists tracked
125
Current results
17

Find repositories

Start broad, then narrow by ecosystem, freshness, health, and growth.

Clear 1 refinement
Search mode
Tune results
More filters Topics, generated tags, stack, files, age, archive status, and growth.
Ecosystem
Files

Choose a suggestion or use commas to require multiple files.

Health

Uses known first-commit dates.

Momentum
Filters by observed commit-count growth over the repository's latest 7-day capture window. Repositories without a recent baseline are excluded.
Filters by observed GitHub star growth over the repository's latest 7-day capture window. Repositories without a recent baseline are excluded.
Reset filters
17 repos shown
Highlighted

Open highlighted repo slot

Put your repository first

Promote a GitHub repo at the top of Awesome repository list views for 7 days.

juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

AI dev
Updated
2026-07-05
Lists
2 list mentions
First commit
2014-09-19
History
3 history points
License
MIT
Issues
3 open
Forks
18,576
Commits
23,171 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Updated
2026-06-30
Lists
1 list mention
First commit
2017-05-14
History
2 history points
License
CC-BY-SA-4.0
Issues
41 open
Forks
1,641
Commits
1,241 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
microsoft/agent-governance-toolkit

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

AI dev
Updated
2026-07-14
Lists
4 list mentions
First commit
2026-03-02
History
7 history points
License
MIT
Issues
113 open
Forks
855
Commits
2,221 commits
Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
DefectDojo/django-DefectDojo

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

AI dev
Updated
2026-07-09
Lists
1 list mention
First commit
2015-03-13
History
2 history points
License
BSD-3-Clause
Issues
246 open
Forks
1,897
Commits
14,652 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Updated
2026-07-06
Lists
1 list mention
First commit
2022-09-27
History
2 history points
License
NOASSERTION
Issues
27 open
Forks
142
Commits
1,416 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
cossacklabs/themis

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Updated
2026-04-24
Lists
4 list mentions
First commit
2014-09-13
History
4 history points
License
Apache-2.0
Issues
31 open
Forks
159
Commits
1,832 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
Safe3/uusec-waf

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

Updated
2026-07-12
Lists
2 list mentions
First commit
2022-09-18
History
6 history points
License
BSD-2-Clause
Issues
83 open
Forks
168
Commits
612 commits
Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
openappsec/openappsec

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Updated
2026-05-26
Lists
1 list mention
First commit
2022-10-26
History
2 history points
License
Apache-2.0
Issues
34 open
Forks
126
Commits
525 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
cdxgen/cdxgen

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server

AI dev
Updated
2026-07-03
Lists
1 list mention
First commit
2017-06-04
History
4 history points
License
Apache-2.0
Issues
435 open
Forks
254
Commits
3,972 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
insidersec/insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Updated
2022-04-10
Lists
1 list mention
First commit
2019-11-12
History
2 history points
License
MIT
Issues
21 open
Forks
80
Commits
163 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
juice-shop/multi-juicer

Host and manage multiple Juice Shop instances for security trainings and Capture The Flags

Updated
2026-07-09
Lists
1 list mention
First commit
2019-06-10
History
2 history points
License
Apache-2.0
Issues
9 open
Forks
175
Commits
1,607 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
Santandersecurityresearch/asvs

A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0

Updated
2026-06-03
Lists
1 list mention
First commit
2018-06-04
History
2 history points
License
MIT
Issues
2 open
Forks
46
Commits
222 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
OWASP/www-project-agent-memory-guard

OWASP Foundation web repository

Updated
2026-07-03
Lists
1 list mention
First commit
2026-02-16
History
2 history points
License
Apache-2.0
Issues
12 open
Forks
19
Commits
270 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
goklab/guardvibe

Security infrastructure your AI can't be — deterministic, daily CVE intel past your model's training cutoff, whole-repo-aware, author-independent, and shift-left: secure_prompt secures the prompt before code generation. The security MCP for vibe coding: 450 rules, 39 tools, CLI + doctor for Next.js, Supabase, Clerk, Stripe, Prisma, Hono & MCP.

AI dev
Updated
2026-06-27
Lists
1 list mention
First commit
2026-03-31
History
5 history points
License
Apache-2.0
Issues
8 open
Forks
0
Commits
284 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history