Awesome Security

The most advanced free and open-source browser fingerprinting library

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

Open device management

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

:star: :star: Distributed tcpdump for cloud native environments :star: :star:

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Apache Metron

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

🔥 A fully open source audit logs service and embeddable UI easily deployed to your own Kubernetes cluster. Brought to you by replicated.com and boxyhq.com 🚀

Aggregates security advisories from 10 international CERTs daily and provides an AI skill that cross-references alerts against your project's tech stack.

🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.