Security

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 2,061 public repositories matching this topic...

mitmproxy / mitmproxy

Star

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

python tls ssl http security proxy websocket http2 man-in-the-middle

Updated Oct 21, 2020
Python

trailofbits / algo

Star

Open

Better Documentation For Other Cloud Providers

RandomDSdevel commented Sep 23, 2017

OS/Environment

None yet, but I'm working on OS X v10.11.6 'El Capitan' client-side. (See 'The way of deployment (cloud or local)' below for details on considered server infrastructure.)

Ansible version

None yet, as I haven't yet gotten that far into setting up Algo.

Version of components from `requirements.txt`

Not applicable (see above.)

Summary of the pro

documentation good first issue hacktoberfest

swisskyrepo / PayloadsAllTheThings

Star

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security hacking web-application cheatsheet enumeration penetration-testing bounty vulnerability methodology bugbounty pentest bypass payload payloads hacktoberfest privilege-escalation redteam

Updated Oct 22, 2020
Python

drduh / macOS-Security-and-Privacy-Guide

Star

Guide to securing and improving privacy on macOS

macos security apple privacy osx macbook-configuration macos-setup disk-encryption dnscrypt-proxy macos-security macbook-security

Updated Sep 15, 2020
Python

StevenBlack / hosts

Star

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

python security privacy protection anti-virus malware ad-blocker unified-hosts porn-filter social-media-filter hosts gambling-filter ransomware pornblocker trojans curated-sources

Updated Oct 20, 2020
Python

OWASP / CheatSheetSeries

Star

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

security code best-practices owasp application-security appsec cheatsheets

Updated Oct 22, 2020
Python

wifiphisher / wifiphisher

Star

The Rogue Access Point Framework

python security attack malware phishing wifi rogue wifiphisher access-point redteaming

Updated Aug 16, 2020
Python

threat9 / routersploit

Star

Exploitation Framework for Embedded Devices

python security embedded router scanner bruteforce exploits infosec router-exploitation-framework routersploit-framework dictionary-attack routersploit creds

Updated Jun 28, 2020
Python

mailpile / Mailpile

Star

A free & open modern, fast email client with user-friendly encryption and privacy features

search-engine security tags pgp smtp-client imap-client e-mail

Updated Oct 6, 2020
Python

secdev / scapy

Star

Open

PacketField Does not Fuzz

sarcasticmonkeys commented Sep 8, 2020

If you call fuzz on a layer that contains a PacketField, that fuzz does not recurse down into a PacketField within the layer

class Foo(Packet):
    name='Foo'
    fields_desc=[
        int64("bar"),
    ]
    def extract_padding(self, s):
        return b'', s
        
class demo(Packet):
    name="demo"
    fields_desc = [ PacketField(name="foo",default=Foo(),cls=Foo)]
inst

Hacktoberfest enhancement good first issue

Open

[Proposal] Use namedtuples in SndRcvList()

Open

Contribute to Scapy: a master list of good first issues

fail2ban / fail2ban

Star

Daemon to ban hosts that cause multiple authentication errors

python macos linux security monitoring bsd ids intrusion-detection hids fail2ban intrusion-prevention gplv2 ban-hosts ips anti-bot attack-prevention loganalyzer security-tools ban-management

Updated Oct 20, 2020
Python

evilsocket / opensnitch

Star

OpenSnitch is a GNU/Linux port of the Little Snitch application firewall

linux security networking firewall data-breach application-firewall

Updated Jun 4, 2020
Python

jopohl / urh

Star

Open

Enhancement: Variable protocol field positions depending on LENGTH type fields

mrjacobagilbert commented Sep 18, 2020

A common protocol structure is to have a header containing a length field, followed by data of length bytes, followed by additional protocol fields such as a CRC. If the length field is variable, the position of subsequent URH-specified protocol fields defined by fixed position will not be in the correct location.

I do not know the best way to address this, but quick and easy way to support

discussion feature good first issue help wanted

Open

LimeSDR on Low Frequencies

Open

Enable/disable external LNAs on bladeRF

Find more good first issues →

jofpin / trape

Star

Open

Help in version 3.0: Trape is yours.

jofpin commented Jan 22, 2020

It has been a pleasure for me to contribute to all of you 2 versions of this tool.

I've been working on other open source projects that I'm about to release for you, so I haven't finished trape version 3.0.

But, I invite you and the entire community that has used this project, to collaborate with some lines of code, implementing your own ideas and improving trape, turning it into a project o

good first issue help wanted

Open

Version 3.0 on the way

tensorflow / cleverhans

Star

An adversarial example library for constructing attacks, building defenses, and benchmarking both

security benchmarking machine-learning

Updated Oct 12, 2020
Python

maurosoria / dirsearch

Star

Web path scanner

python security scanner hacking bruteforce penetration-testing bug-bounty fuzzing pentesting pentest fuzzer appsec hacktoberfest dirsearch dirbuster scanner-web hacktoberfest2020

Updated Oct 20, 2020
Python

google / clusterfuzz

Star

Scalable fuzzing infrastructure.

security fuzzing vulnerabilities stability

Updated Oct 22, 2020
Python

NullArray / AutoSploit

Star

Open

Vagrant documentation

Ekultek commented Apr 10, 2018

We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant

enhancement good first issue help wanted

Open

README translations

micahflee / onionshare

Star

Securely and anonymously share files, host websites, and chat with friends using the Tor network

python open-source security cross-platform file-sharing tor onion-service onionshare tor-onion-service

Updated Oct 16, 2020
Python

Netflix / security_monkey

Star

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

python aws security aws-s3 aws-sqs aws-ec2 aws-iam boto3 botocore aws-vpc boto aws-security aws-policy-tracking

Updated Sep 9, 2020
Python

stamparm / maltrail

Star

Malicious traffic detection system

python security sensor malware intrusion-detection network-monitoring heuristics

Updated Oct 22, 2020
Python

andresriancho / w3af

Star

w3af: web application attack and audit framework, the open source web vulnerability scanner.

security scanner sql-injection appsec cross-site-scripting

Updated Oct 6, 2020
Python

cowrie / cowrie

Star

Cowrie SSH/Telnet Honeypot http://cowrie.readthedocs.io

ssh security honeypot telnet sftp scp attacker threat-sharing threatintel kippo threat-analysis cowrie cowrie-ssh telnet-honeypot

Updated Oct 22, 2020
Python

sensepost / objection

Star

📱 objection - runtime mobile exploration

android security ios mobile framework instrumentation pentest frida

Updated Oct 9, 2020
Python

CTFd / CTFd

Star

Open

Freeze versions for all Python requirements

ColdHeat commented Oct 3, 2020

Like in #1675 we should review all the dependencies to see if we can pin exactly what dependencies we want. Something like pip freeze.

good first issue

Open

Create test helpers for during ctftime and outside of ctftime

Open

Config.py Variable Documentation

Find more good first issues →

Neo23x0 / sigma

Star

Open

Add further events to generic Windows audit config

thomaspatzke commented Oct 13, 2020

The generic Windows audit log config lacks many event ids, e.g.

registry events
driver load service addition events, System/7045 and Security/4697
likely others

enhancement good first issue

Open

Map EVTX samples to Sigma rules

Open

Add MITRE CAR taggig to rules

ysrc / xunfeng

Star

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

security security-audit scanner exploits infosec pentesting vulnerability-detection vulnerability-scanners vulnerability-assessment

Updated Jan 29, 2020
Python

PyCQA / bandit

Star

Open

Docs plugin listing shows title instead of check name

ericwb commented Aug 14, 2018

Describe the bug
In the docs found here:
https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing

B109 and B111 show a description instead of a plugin name. This looks inconsistent since all the other plugin names are listed. I believe this is a result of a recent change to remove these deprecated plugins.

To Reproduce

Navigate to https://bandit

bug good first issue

Open

config file as described in README.rst does not work

Open

yaml_load should not be B5xx cryptography group

Find more good first issues →

Netflix / bless

Star

Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function

python ssh bastion aws security lambda serverless ssh-certificates

Updated Sep 16, 2020
Python

nccgroup / ScoutSuite

Star

Open

Improve error handling across all resources

j4v commented Sep 23, 2020

Currently, facades implement good exception handling, but resource parsing does not. That means that for a given resource type, if parsing fails for any given resource, the fetch_all method fails and stops, hence not parsing any additional resources.

All resources should be reviewed and updated, to ensure they handle parsing errors.

e.g., for AWS IAM roles (https://github.com/nccgroup/Scou

component-provider-alibaba component-provider-aws component-provider-azure component-provider-gcp

Open