Top 50 Awesome List

sbilly/awesome-security

Security  18 days ago  8.4k
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
View byDAY/WEEK/README
View on Github

Jun 7th

Network

Scanning / Pentesting

  • tsurugi - heavily customized Linux distribution that designed to support DFIR investigations, malware analysis and OSINT activities. It is based on Ubuntu 20.04(64-bit with a 5.15.12 custom kernel)
  • May 19th

    Web

    Development

  • Security Checklist by OWASP - A checklist by OWASP for testing web applications based on assurance level. Covers multiple topics like Architecture, IAM, Sanitization, Cryptography and Secure Configuration.
  • Apr 18th

    Other Awesome Lists

    Other Security Awesome Lists

  • Security Acronymsstars1 - A curated list of security related acronyms and concepts
  • Mar 30th

    Network

    Docker Images for Penetration Testing & Security

  • docker pull jeroenwillemsen/wrongsecrets- OWASP WrongSecrets
  • Mar 7th

    Threat Intelligence

  • Threat Jammer - REST API service that allows developers, security engineers, and other IT professionals to access curated threat intelligence data from a variety of sources.
  • Feb 28th

    Operating Systems

    Online resources

  • Security related Operating Systems @ Rawsec - Complete list of security related operating systems
  • Feb 23rd

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome SOARstars390 - A curated Cyber "Security Orchestration, Automation and Response (SOAR)" resources list.
  • Awesome Security Hardeningstars2.2k - A collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources.
  • Other Awesome Lists

    Other Common Awesome Lists

  • Awesome Self-Hostedstars92.5k
  • Awesome Analyticsstars3.2k
  • Awesome Sysadminstars14.2k
  • Feb 2nd

    EBooks

  • Cyber Security Career Guide - Kickstart a career in cyber security by learning how to adapt your existing technical and non-technical skills. (early access, published continuously, final release Summer 2022)
  • Secret Key Cryptography - A book about cryptographic techniques and Secret Key methods. (early access, published continuously, final release Summer 2022)
  • Jan 30th

    Endpoint

    Anti-Virus / Anti-Malware

  • Fastfinderstars130 - Fast customisable cross-platform suspicious file finder. Supports md5/sha1/sha256 hashs, litteral/wildcard strings, regular expressions and YARA rules. Can easily be packed to be deployed on any windows / linux host.
  • Jan 20th

    Network

    VPN

  • Firezonestars2.3k - Open-source VPN server and egress firewall for Linux built on WireGuard that makes it simple to manage secure remote access to your company’s private networks. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
  • Jan 14th

    Network

    Network architecture

  • Network-segmentation-cheat-sheetstars1.9k - This project was created to publish the best practices for segmentation of the corporate network of any company. In general, the schemes in this project are suitable for any company.
  • Jan 12th

    Terminal

  • shellfirmstars158 - It is a handy utility to help avoid running dangerous commands with an extra approval step. You will immediately get a small prompt challenge that will double verify your action when risky patterns are detected.
  • Jan 2nd

    Network

    IDS / IPS / Host IDS / Host IPS

  • Stealth - File integrity checker that leaves virtually no sediment. Controller runs from another machine, which makes it hard for an attacker to know that the file system is being checked at defined pseudo random intervals over SSH. Highly recommended for small to medium deployments.
  • Dec 14th, 2021

    EBooks

  • Data Privacy - A book that teaches you to implement technical privacy solutions and tools at scale. (early access, published continuously, final release January 2022)
  • Nov 23rd, 2021

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Bluetooth Securitystars220 - A curated list of Bluetooth security resources.
  • Awesome WebSocket Securitystars52 - A curated list of WebSocket security resources.
  • Nov 1st, 2021

    EBooks

  • Self-Sovereign Identity - A book about how SSI empowers us to receive digitally-signed credentials, store them in private wallets, and securely prove our online identities. (early access, published continuously, final release fall 2021)
  • Oct 29th, 2021

    Datastores

  • LunaSecstars1.1k - Database for PII with automatic encryption/tokenization, sandboxed components for handling data, and centralized authorization controls.
  • Oct 28th, 2021

    Network

    Monitoring / Logging

  • wazuhstars4.3k - Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of monitoring file system changes, system calls and inventory changes.
  • Network

    IDS / IPS / Host IDS / Host IPS

  • wazuhstars4.3k - Wazuh is a free and open source XDR platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. Great tool foor all kind of deployments, it includes SIEM capabitilies (indexing + searching + WUI).
  • Network

    Security Information & Event Management

  • wazuhstars4.3k -Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. It works with tons of data supported by an OpenSearch fork and custom WUI.
  • Oct 26th, 2021

    Endpoint

    Mobile / Android / iOS

  • reFlutter - Flutter Reverse Engineering Framework
  • Oct 19th, 2021

    Network

    Scanning / Pentesting

  • Deepfence ThreatMapperstars1.7k - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.
  • Oct 10th, 2021

    EBooks

  • The Security Engineer Handbook - A short read that discusses the dos and dont's of working in a security team, and the many tricks and tips that can help you in your day-to-day as a security engineer.
  • Oct 8th, 2021

    Network

    IDS / IPS / Host IDS / Host IPS

  • CrowdSecstars5.3k - CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on Fail2Ban's philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineered for modern Cloud / Containers / VM based infrastructures (by decoupling detection and remediation). Once detected, you can remedy threats with various bouncers (firewall block, nginx http 403, Captchas, etc.) while the aggressive IPs can be sent to CrowdSec for curation before being shared among all users to further strengthen the community
  • Sep 9th, 2021

    Web

    Development

  • Making Sense of Cyber Security - A jargon-free, practical guide to the key concepts, terminology, and technologies of cybersecurity perfect for anyone planning or implementing a security strategy. (early access, published continuously, final release early 2022)
  • Aug 23rd, 2021

    Social Engineering

  • Gophish - An Open-Source Phishing Framework.
  • Jul 18th, 2021

    Web

    Development

  • Full Stack Python Security - A comprehensive look at cybersecurity for Python developers
  • Jun 17th, 2021

    Web

    Development

  • TFSecstars4.7k - A static analysis tool for infrastucture as code (Terraform).
  • Operating Systems

    Privacy & Security

  • Tails OS - Tails is a portable operating system that protects against surveillance and censorship.
  • Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Security Talks & Videosstars3.5k - A curated list of awesome security talks, organized by year and then conference.
  • May 27th, 2021

    Network

    Scanning / Pentesting

  • Netzstars330- Discover internet-wide misconfigurations, using zgrab2 and others.
  • DevOps

  • Preflightstars130 - helps you verify scripts and executables to mitigate supply chain attacks in your CI and other systems.
  • Tellerstars900 - a secrets management tool for devops and developers - manage secrets across multiple vaults and keystores from a single place.
  • May 8th, 2021

    Endpoint

    Mobile / Android / iOS

  • UDcidestars24 - Android Malware Behavior Editor.
  • Apr 17th, 2021

    Web

    Web Application Firewall

  • Curiefensestars490 - Curiefense adds a broad set of automated web security tools, including a WAF to Envoy Proxy.
  • Apr 12th, 2021

    EBooks

  • Spring Boot in Practice - Book that is a practical guide which presents dozens of relevant scenarios in a convenient problem-solution-discussion format.. (early access, published continuously, final release fall 2021)
  • Mar 19th, 2021

    Web

    Development

  • KICSstars1.1k - Scans IaC projects for security vulnerabilities, compliance issues, and infrastructure misconfiguration. Currently working with Terraform projects, Kubernetes manifests, Dockerfiles, AWS CloudFormation Templates, and Ansible playbooks.
  • Mar 3rd, 2021

    Fraud prevention

  • FingerprintJSstars16.8k - Identifies browser and hybrid mobile application users even when they purge data storage. Allows you to detect account takeovers, account sharing and repeated malicious activity.
  • FingerprintJS Androidstars275 - Identifies Android application users even when they purge data storage. Allows you to detect account takeovers, account sharing and repeated malicious activity.
  • Feb 9th, 2021

    Datastores

  • databunker - Databunker is an address book on steroids for storing personal data. GDPR and encryption are out of the box.
  • Feb 1st, 2021

    Red Team Infrastructure Deployment

  • Axiomstars2.7k -Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security.
  • DevOps

  • Trivystars12.6k - A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for CI.
  • Jan 18th, 2021

    Network

    IDS / IPS / Host IDS / Host IPS

  • Zeek - Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
    • zeek2esstars20 - An open source tool to convert Zeek logs to Elastic/OpenSearch. You can also output pure JSON from Zeek's TSV logs!
  • Security Onion - Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Zeek, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
  • Nov 19th, 2020

    EBooks

  • The Art of Network Penetration Testing - Book that is a hands-on guide to running your own penetration test on an enterprise network. (early access, published continuously, final release December 2020)
  • Nov 7th, 2020

    DevOps

  • bunkerized-nginxstars2.6k - nginx Docker image secure by default
  • Oct 2nd, 2020

    Web

    Organization

  • Portswigger - PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities.
  • Network

    Anti-Spam

  • Scammer-List - A free open source AI based Scam and Spam Finder with a free API
  • Sep 30th, 2020

    Exploits & Payloads

  • PayloadsAllTheThingsstars38.4k - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  • Sep 29th, 2020

    Network

    Fast Packet Processing

  • PACKET_MMAP/TPACKET/AF_PACKET - It's fine to use PACKET_MMAP to improve the performance of the capture and transmission process in Linux.
  • Operating Systems

    Online resources

  • Best Linux Penetration Testing Distributions @ CyberPunk - Description of main penetration testing distributions
  • EBooks

  • AWS Security - This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response.
  • Sep 1st, 2020

    Red Team Infrastructure Deployment

  • Redcloudstars754 - A automated Red Team Infrastructure deployement using Docker.
  • Aug 28th, 2020

    Network

    Scanning / Pentesting

  • monsoonstars338 - Very flexible and fast interactive HTTP enumeration/fuzzing.
  • Aug 18th, 2020

    Operating Systems

    Privacy & Security

  • Qubes OS - Qubes OS is a free and open-source security-oriented operating system meant for single-user desktop computing.
  • Whonix - Operating System designed for anonymity.
  • Operating Systems

    Online resources

  • Hardening Windows 10 - Guide for hardening Windows 10
  • Endpoint

    Forensics

  • LiMEstars1.3k - Linux Memory Extractor
  • Endpoint

    Mobile / Android / iOS

  • AMExtractorstars10 - AMExtractor can dump out the physical content of your Android device even without kernel source code.
  • fridastars10k - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
  • Aug 17th, 2020

    DevOps

  • Securing DevOps - A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure.
  • ansible-os-hardeningstars2.8k - Ansible role for OS hardening
  • Endpoint

    Mobile / Android / iOS

  • hardened_mallocstars731 - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
  • Aug 16th, 2020

    Endpoint

    Forensics

  • Rekallstars1.8k - The Rekall Framework is a completely open collection of tools, implemented in Python under the Apache and GNU General Public License, for the extraction and analysis of digital artifacts computer systems.
  • Endpoint

    Anti-Virus / Anti-Malware

  • rkhunter - A Rootkit Hunter for Linux
  • Network

    Scanning / Pentesting

  • Boofuzzstars1.6k - Fuzzing engine and fuzz testing framework.
  • Aug 11th, 2020

    Datastores

  • acrastars1k - Database security suite: proxy for data protection with transparent "on the fly" data encryption, data masking and tokenization, SQL firewall (SQL injections prevention), intrusion detection system.
  • Jul 30th, 2020

    Network

    Scanning / Pentesting

  • RustScanstars6.5k - Faster Nmap scanning with Rust. Take a 17 minute Nmap scan down to 19 seconds.
  • Jun 17th, 2020

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Electron.js Hackingstars384 - A curated list of awesome resources about Electron.js (in)security
  • Jun 15th, 2020

    Endpoint

    Authentication

  • Stegcloakstars2.5k - Securely assign Digital Authenticity to any written text
  • Jun 8th, 2020

    Network

    Anti-Spam

  • rspamdstars1.6k - Fast, free and open-source spam filtering system.
  • Spam Scanner - Anti-Spam Scanning Service and Anti-Spam API by @niftylettuce.
  • May 20th, 2020

    Web

    Development

  • Insider CLIstars367 - A open source Static Application Security Testing tool (SAST) written in GoLang for Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C# and Javascript (Node.js).
  • Apr 15th, 2020

    Endpoint

    Mobile / Android / iOS

  • dotPeek - Free-of-charge standalone tool based on ReSharper's bundled decompiler.
  • Mar 25th, 2020

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Personal Securitystars8.4k - A curated list of digital security and privacy tips, with links to further resources.
  • Feb 4th, 2020

    Network

    Scanning / Pentesting

  • scapystars72 - Scapy: the python-based interactive packet manipulation program & library.
  • Jan 30th, 2020

    Network

    Scanning / Pentesting

  • Aneviconstars17 - The most powerful UDP-based load generator, written in Rust.
  • Finshirstars19 - A coroutines-driven Low & Slow traffic generator, written in Rust.
  • Network

    Sniffer

  • Live HTTP headers - Live HTTP headers is a free firefox addon to see your browser requests in real time. It shows the entire headers of the requests and can be used to find the security loopholes in implementations.
  • Jan 23rd, 2020

    Network

    Scanning / Pentesting

  • Sublist3rstars7.2k - Fast subdomains enumeration tool for penetration testers
  • Jan 20th, 2020

    Web

    Development

  • Checkovstars4.3k - A static analysis tool for infrastucture as code (Terraform).
  • Dec 23rd, 2019

    Endpoint

    Mobile / Android / iOS

  • Quark-Enginestars894 - An Obfuscation-Neglect Android Malware Scoring System.
  • Nov 14th, 2019

    Web

    Scanning / Pentesting

  • Spyse - Spyse is an OSINT search engine that provides fresh data about the entire web. All the data is stored in its own DB for instant access and interconnected with each other for flexible search.
  • Oct 17th, 2019

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Anti Forensicsstars196 - A collection of awesome tools used to counter forensics activities.
  • Aug 29th, 2019

    Endpoint

    Forensics

  • Meerkatstars339 - PowerShell-based Windows artifact collection for threat hunting and incident response.
  • Jul 15th, 2019

    EBooks

  • Real World Cryptography - This early-access book teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications.
  • Jul 6th, 2019

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome ARM Exploitationstars179 - A curated list of ARM exploitation resources.
  • Awesome Threat Modelingstars85 - A curated list of Threat Modeling resources.
  • Jun 17th, 2019

    Web

    Development

  • API Security in Action - Book covering API security including secure development, token-based authentication, JSON Web Tokens, OAuth 2, and Macaroons. (early access, published continuously, final release summer 2020)
  • May 31st, 2019

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Shodan Search Queriesstars3.1k - A collection of interesting, funny, and depressing search queries to plug into Shodan.io.
  • Apr 1st, 2019

    Network

    Monitoring / Logging

  • opensnitchstars7.3k - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
  • Mar 31st, 2019

    Network

    Docker Images for Penetration Testing & Security

  • docker pull bkimminich/juice-shop - OWASP Juice Shop
  • Mar 15th, 2019

    Network

    Scanning / Pentesting

  • Legionstars754 - Open source semi-automated discovery and reconnaissance network penetration testing framework.
  • Feb 23rd, 2019

    Network

    Security Information & Event Management

  • LogESPstars143 - Open Source SIEM (Security Information and Event Management system).
  • Dec 29th, 2018

    Web

    Development

  • GuardRails - A GitHub App that provides security feedback in Pull Requests.
  • Dec 9th, 2018

    Endpoint

    Mobile / Android / iOS

  • Mobile Security Wiki - A collection of mobile security resources.
  • Apktoolstars14.3k - A tool for reverse engineering Android apk files.
  • jadxstars30.6k - Command line and GUI tools for produce Java source code from Android Dex and Apk files.
  • enjarifystars803 - A tool for translating Dalvik bytecode to equivalent Java bytecode.
  • Android Storage Extractorstars10 - A tool to extract local data storage of an Android application in one click.
  • Nov 26th, 2018

    Web

    Development

  • OAuth 2 in Action - Book that teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server.
  • OWASP ZAP Node APIstars25 - Leverage the OWASP Zed Attack Proxy (ZAP) within your NodeJS applications with this official API.
  • Oct 5th, 2018

    Threat Intelligence

  • PhishStats - Phishing Statistics with search for IP, domain and website title.
  • Jul 30th, 2018

    Endpoint

    Mobile / Android / iOS

  • Themisstars1.5k - High-level multi-platform cryptographic framework for protecting sensitive data: secure messaging with forward secrecy and secure data storage (AES256GCM), suits for building end-to-end encrypted applications.
  • Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Crypto Papersstars1.3k - A curated list of cryptography papers, articles, tutorials and howtos.
  • Jul 11th, 2018

    Endpoint

    Anti-Virus / Anti-Malware

  • LOKIstars2.5k - Simple Indicators of Compromise and Incident Response Scanner
  • Jun 30th, 2018

    EBooks

  • Docker Security - Quick Reference: For DevOps Engineers - A book on understanding the Docker security defaults, how to improve them (theory and practical), along with many tools and techniques.
  • How to Hack Like a Pornstar - A step by step process for breaking into a BANK, Sparc Flow, 2017
  • How to Hack Like a Legend - A hacker’s tale breaking into a secretive offshore company, Sparc Flow, 2018
  • How to Investigate Like a Rockstar - Live a real crisis to master the secrets of forensic analysis, Sparc Flow, 2017
  • May 25th, 2018

    Web

    Runtime Application Self-Protection

  • OpenRASPstars2.2k - An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load.
  • May 7th, 2018

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Container Securitystars7 - A curated list of awesome resources related to container building and runtime security
  • Apr 30th, 2018

    Threat Intelligence

  • MISP - Open Source Threat Intelligence Platform - MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators. A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. The MISP project includes software, common libraries (taxonomies, threat-actors and various malware), an extensive data model to share new information using objects and default feeds.
  • Apr 21st, 2018

    EBooks

  • Holistic Info-Sec for Web Developers - Free and downloadable book series with very broad and deep coverage of what Web Developers and DevOps Engineers need to know in order to create robust, reliable, maintainable and secure software, networks and other, that are delivered continuously, on time, with no nasty surprises
  • Apr 13th, 2018

    Network

    Scanning / Pentesting

  • Amassstars1.7k - Amass performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques.
  • Apr 3rd, 2018

    Endpoint

    Forensics

  • Logdissectstars117 - CLI utility and Python API for analyzing log files and other data.
  • Mar 29th, 2018

    Network

    Honey Pot / Honey Net

  • T-Pot Honeypot Distro - T-Pot is based on the network installer of Ubuntu Server 16/17.x LTS. The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment. Installation over vanilla Ubuntu - T-Pot Autoinstallstars129 - This script will install T-Pot 16.04/17.10 on a fresh Ubuntu 16.04.x LTS (64bit). It is intended to be used on hosted servers, where an Ubuntu base image is given and there is no ability to install custom ISO images. Successfully tested on vanilla Ubuntu 16.04.3 in VMware.
  • Jan 17th, 2018

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Threat Detection and Huntingstars2.2k - A curated list of awesome threat detection and hunting resources.
  • Oct 17th, 2017

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome YARAstars2.2k - A curated list of awesome YARA rules, tools, and people.
  • Oct 11th, 2017

    Endpoint

    Mobile / Android / iOS

  • OSX Security Awesomestars607 - A collection of OSX and iOS security resources
  • Usability

  • Usable Security Course - Usable Security course at coursera. Quite good for those looking for how security and usability intersects.
  • Oct 10th, 2017

    Web

    Development

  • Understanding API Security - Free eBook sampler that gives some context for how API security works in the real world by showing how APIs are put together and how the OAuth protocol can be used to protect them.
  • Aug 29th, 2017

    Datastores

  • aws-vaultstars6.4k - Store AWS credentials in the OSX Keychain or an encrypted file
  • chamberstars2.1k - Store secrets using AWS KMS and SSM Parameter Store
  • credstashstars2k - Store secrets using AWS KMS and DynamoDB
  • blackboxstars6.3k - Safely store secrets in a VCS repo using GPG
  • confidantstars1.7k - Stores secrets in AWS DynamoDB, encrypted at rest and integrates with IAM
  • dotgpgstars159 - A tool for backing up and versioning your production secrets or shared passwords securely and easily.
  • redoctoberstars1.3k - Server for two-man rule style file encryption and decryption.
  • passpiestars904 - Multiplatform command-line password manager
  • Jul 24th, 2017

    Endpoint

    Content Disarm & Reconstruct

  • DocBleachstars125 - An open-source Content Disarm & Reconstruct software sanitizing Office, PDF and RTF Documents.
  • Jul 19th, 2017

    Web

    Web Application Firewall

  • ironbeestars285 - IronBee is an open source project to build a universal web application security sensor. IronBee as a framework for developing a system for securing web applications - a framework for building a web application firewall (WAF).
  • Threat Intelligence

  • Tor Bulk Exit List - CollecTor, your friendly data-collecting service in the Tor network. CollecTor fetches data from various nodes and services in the public Tor network and makes it available to the world. If you're doing research on the Tor network, or if you're developing an application that uses Tor network data, this is your place to start. TOR Node List / DNS Blacklists / Tor Node List
  • Emerging Threats - Open Source - Emerging Threats began 10 years ago as an open source community for collecting Suricata and SNORT® rules, firewall rules, and other IDS rulesets. The open source community still plays an active role in Internet security, with more than 200,000 active users downloading the ruleset daily. The ETOpen Ruleset is open to any user or organization, as long as you follow some basic guidelines. Our ETOpen Ruleset is available for download any time.
  • Network

    Security Information & Event Management

  • Prelude - Prelude is a Universal "Security Information & Event Management" (SIEM) system. Prelude collects, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the product brand or license giving rise to such events; Prelude is "agentless".
  • Big Data

  • Apache Metron (incubating)stars832 - Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis.
  • Apache Spot (incubating)stars332 - Apache Spot is open source software for leveraging insights from flow and packet analysis.
  • Jun 7th, 2017

    Web

    Web Application Firewall

  • sql_firewallstars169 SQL Firewall Extension for PostgreSQL
  • Jun 6th, 2017

    Datastores

  • passbolt - The password manager your team was waiting for. Free, open source, extensible, based on OpenPGP.
  • Vault - An encrypted datastore secure enough to hold environment and application secrets.
  • Network

    IDS / IPS / Host IDS / Host IPS

  • Lynis - an open source security auditing tool for Linux/Unix.
  • May 23rd, 2017

    Endpoint

    Mobile / Android / iOS

  • OWASP Mobile Security Testing Guidestars9.1k - A comprehensive manual for mobile app security testing and reverse engineering.
  • Mar 30th, 2017

    Endpoint

    Forensics

  • ir-rescuestars384 - ir-rescue is a Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  • Mar 29th, 2017

    Network

    Firewall

  • OPNsense - is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.
  • Mar 16th, 2017

    Other Awesome Lists

    Other Common Awesome Lists

  • Movies For Hackerstars9.1k - A curated list of movies every hacker & cyberpunk must watch.
  • Feb 26th, 2017

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Industrial Control System Securitystars16 - A curated list of resources related to Industrial Control System (ICS) security.
  • Feb 17th, 2017

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Pentest Cheat Sheetsstars2.8k - Collection of the cheat sheets useful for pentesting
  • Feb 15th, 2017

    Operating Systems

    Online resources

  • Security @ Distrowatch - Website dedicated to talking about, reviewing and keeping up to date with open source operating systems
  • Jan 19th, 2017

    Web

    Development

  • Secure by Design - Book that identifies design patterns and coding styles that make lots of security vulnerabilities less likely. (early access, published continuously, final release fall 2017)
  • Jan 14th, 2017

    Network

    Docker Images for Penetration Testing & Security

  • docker-compose build && docker-compose up - OWASP NodeGoatstars1.6k
  • Jan 10th, 2017

    Datastores

  • Sopsstars10.1k - An editor of encrypted files that supports YAML, JSON and BINARY formats and encrypts with AWS KMS and PGP.
  • Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Threat Intelligencestars5.1k - A curated list of threat intelligence resources.
  • Jan 4th, 2017

    Other Awesome Lists

    Other Security Awesome Lists

  • Awesome Cyber Skillsstars2.1k - A curated list of hacking environments where you can train your cyber skills legally and safely.
  • Dec 22nd, 2016

    Network

    Honey Pot / Honey Net

  • awesome-honeypotsstars6.1k - The canonical awesome honeypot list.
  • Network

    Monitoring / Logging

  • Node Security Platform - Similar feature set to Snyk, but free in most cases, and very cheap for others.
  • Network

    IDS / IPS / Host IDS / Host IPS

  • OSSEC - Comprehensive Open Source HIDS. Not for the faint of heart. Takes a bit to get your head around how it works. Performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. Plenty of reasonable documentation. Sweet spot is medium to large deployments.
  • Nov 24th, 2016

    Web

    Runtime Application Self-Protection

  • Sqreen - Sqreen is a Runtime Application Self-Protection (RASP) solution for software teams. An in-app agent instruments and monitors the app. Suspicious user activities are reported and attacks are blocked at runtime without code modification or traffic redirection.
  • Nov 14th, 2016

    Network

    Docker Images for Penetration Testing & Security

  • docker pull remnux/metasploit - docker-metasploit
  • Oct 30th, 2016

    Endpoint

    Forensics

  • Volatilitystars5.4k - Python based memory extraction and analysis framework.
  • Sep 18th, 2016

    Endpoint

    Forensics

  • mig - MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.
  • Aug 29th, 2016

    Network

    Honey Pot / Honey Net

  • HoneyPystars426 - HoneyPy is a low to medium interaction honeypot. It is intended to be easy to: deploy, extend functionality with plugins, and apply custom configurations.
  • Aug 18th, 2016

    Network

    Fast Packet Processing

  • DPDK - DPDK is a set of libraries and drivers for fast packet processing.
  • PF_RING ZC (Zero Copy) - PF_RING ZC (Zero Copy) is a flexible packet processing framework that allows you to achieve 1/10 Gbit line rate packet processing (both RX and TX) at any packet size. It implements zero copy operations including patterns for inter-process and inter-VM (KVM) communications.
  • Datastores

  • Safestars366 - A Vault CLI that makes reading from and writing to the Vault easier to do.
  • Jul 15th, 2016

    Network

    Scanning / Pentesting

  • Nmap - Nmap is a free and open source utility for network discovery and security auditing.
  • Network

    IDS / IPS / Host IDS / Host IPS

  • Denyhosts - Thwart SSH dictionary based attacks and brute force attacks.
  • Fail2Ban - Scans log files and takes action on IPs that show malicious behavior.
  • SSHGuard - A software to protect services in addition to SSH, written in C
  • Network

    Security Information & Event Management

  • FIRstars1.4k - Fast Incident Response, a cybersecurity incident management platform.
  • Network

    Firewall

  • pfSense - Firewall and Router FreeBSD distribution.
  • fwknop - Protects ports via Single Packet Authorization in your firewall.
  • Network

    Anti-Spam

  • SpamAssassin - A powerful and popular email spam filter employing a variety of detection technique.
  • Endpoint

    Anti-Virus / Anti-Malware

  • Linux Malware Detect - A malware scanner for Linux designed around the threats faced in shared hosted environments.
  • Jul 7th, 2016

    Network

    IDS / IPS / Host IDS / Host IPS

  • AIEngine - AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua packet inspection engine with capabilities of learning without any human intervention, NIDS(Network Intrusion Detection System) functionality, DNS domain classification, network collector, network forensics and many others.
  • Jun 21st, 2016

    Network

    Monitoring / Logging

  • Fibratusstars1.6k - Fibratus is a tool for exploration and tracing of the Windows kernel. It is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments.
  • Jun 7th, 2016

    Network

    Docker Images for Penetration Testing & Security

  • docker pull kalilinux/kali-linux-docker official Kali Linux
  • docker pull owasp/zap2docker-stable - official OWASP ZAPstars9.6k
  • docker pull wpscanteam/wpscan - official WPScan
  • docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA)
  • docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation
  • docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock
  • docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed
  • docker pull opendns/security-ninjas - Security Ninjas
  • docker pull diogomonica/docker-bench-security - Docker Bench for Security
  • docker pull ismisepaul/securityshepherd - OWASP Security Shepherd
  • docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image
  • docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application
  • Mar 13th, 2016

    Network

    Scanning / Pentesting

  • pigstars423 - A Linux packet crafting tool.
  • Feb 18th, 2016

    Network

    Fast Packet Processing

  • netmap - netmap is a framework for high speed packet I/O. Together with its companion VALE software switch, it is implemented as a single kernel module and available for FreeBSD, Linux and now also Windows.
  • Feb 16th, 2016

    Network

    Fast Packet Processing

  • PFQstars515 - PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission (10G and beyond), in-kernel functional processing and packets steering across sockets/end-points.
  • PF_RING - PF_RING is a new type of network socket that dramatically improves the packet capture speed.
  • Jan 21st, 2016

    Threat Intelligence

  • CIFv2stars224 - CIF is a cyber threat intelligence management system. CIF allows you to combine known malicious threat information from many sources and use that information for identification (incident response), detection (IDS) and mitigation (null route).