souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
page 1 / 4
75 results tagged security  ✕   ✕
Everything Claude Code https://ecc.tools/
25/03/2026 cluster icon
  • Get Shit Done : A light-weight and powerful meta-prompting, context engineering and spec-driven development system for Claude Code, OpenCode, Gemini CLI, Kilo, Codex,...
  • Omnigent : Omnigent is an open-source AI agent framework and meta-harness: orchestrate Claude Code, Codex, Cursor, Pi, and custom agents — swap harnesses without...
  • Claude Code Guide : Learn the WHY behind Claude Code, not just the config
  • addyosmani/agent-skills : Production-grade engineering skills for AI coding agents. Skills encode the workflows, quality gates, and best practices that senior engineers use whe...
  • superpowers : Superpowers is a complete software development methodology for your coding agents, built on top of a set of composable skills and some initial instruc...

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

ai agent skills security claudecode
Semgrep https://github.com/semgrep/semgrep
04/02/2025 cluster icon
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Lighthouse : Lighthouse is an open-source, automated tool for improving the quality of web pages. You can run it against any web page, public or requiring authenti...
  • CryptPad : CryptPad is the Zero Knowledge realtime collaborative editor. Encryption carried out in your web browser protects the data from the server, the cloud ...

Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep supports 30+ languages and can run in an IDE, as a pre-commit check, and as part of CI/CD workflows.

opensource staticanalysis security bugs continuousintegration
Gitleaks https://github.com/gitleaks/gitleaks
23/05/2023 cluster icon
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Semgrep : Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep supp...
thumbnail

Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords, API keys and tokens in Git repositories. It can be used as a Git pre-commit hook or in the CI/CD pipeline.

opensource staticanalysis security test tool
TruffleHog https://github.com/trufflesecurity/trufflehog
23/05/2023 cluster icon
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Pyre : Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providi...
  • GrumPHP : Sick and tired of defending code quality over and over again? GrumPHP will do it for you! This composer plugin will register some git hooks in your pa...
  • Lighthouse : Lighthouse is an open-source, automated tool for improving the quality of web pages. You can run it against any web page, public or requiring authenti...
thumbnail

TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab repositories are the most popular use cases, it can also be used to scan cloud storage buckets like S3 and GCS, local files and directories and CircleCI logs. Developers can set up TruffleHog as a pre-commit hook or scan the history of existing repositories in an entire GitHub organization to detect secrets.

opensource staticanalysis security test tool
Syncthing https://syncthing.net/
21/05/2023 cluster icon
  • SecTools.Org : Top Network Security Tools
  • Copyscape : Website Plagiarism Search - Web Site Content Copyright Protection
  • Pyre : Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providi...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...

Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it’s transmitted over the internet.

file backup sync tool security
tfsec https://github.com/aquasecurity/tfsec
12/04/2022 cluster icon
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • Pyre : Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providi...
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...
  • Semgrep : Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep supp...
thumbnail

tfsec uses static analysis of your terraform code to spot potential misconfigurations.

security staticanalysis infrastructureascode
Grype https://github.com/anchore/grype
12/04/2022 cluster icon
  • Testcontainers : Testcontainers is an open source library for providing throwaway, lightweight instances of databases, message brokers, web browsers, or just about any...
  • cAdvisor : cAdvisor (Container Advisor) provides container users an understanding of the resource usage and performance characteristics of their running containe...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • container-diff : container-diff is a tool for analyzing and comparing container images. container-diff can examine images along several different criteria, including: ...
  • Rancher : Rancher is open source software that makes it simple for organizations to deploy a private container service and deliver Docker orchestration to users...
thumbnail

A vulnerability scanner for container images and filesystems.

docker container security scan
TheHive Project https://thehive-project.org/
06/03/2022 cluster icon
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Fider : Fider is an open platform to collect and organize customer feedback. By using the platform, your community can share, vote and discuss on ideas they h...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...
  • sim : Open-source platform to build and deploy AI agent workflows.
  • CryptPad : CryptPad is the Zero Knowledge realtime collaborative editor. Encryption carried out in your web browser protects the data from the server, the cloud ...
thumbnail

A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.

opensource security platform
The Bastion https://github.com/ovh/the-bastion
30/10/2020 cluster icon
  • OverTheWire: Wargames : The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
  • Better Auth : Better Auth is a framework-agnostic authentication and authorization framework for TypeScript. It provides a comprehensive set of features out of the ...
  • Ockam : Ockam is a suite of open source tools, programming libraries, and managed cloud services to orchestrate end-to-end encryption, mutual authentication, ...
  • Everything Claude Code : The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencod...
  • SecTools.Org : Top Network Security Tools
thumbnail

Bastions are a cluster of machines used as the unique entry point by operational teams to securely connect to devices using ssh.
The Bastion provides mechanisms for authentication, authorization, traceability and auditability for the whole infrastructure.

ssh security tracing audit authentication authorization
How to systematically secure anything https://github.com/veeral-patel/how-to-secure-anything
06/09/2020 cluster icon
  • Run your own identity server : Running your own identity server allows you to act as an OpenID Provider. You could run one just for yourself, for a community of users or, if you wis...
  • Security Guide for Developers : A practical security guide for web developers.
  • My First 10 Minutes On a Server : Primer for Securing Ubuntu
  • SQL Injection Cheat Sheet : Samples are provided to allow reader to get basic idea of a potential SQL Injection attack and almost every section includes a brief information about...
  • Inj3ct0r 1337day.com : Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)
thumbnail

Security engineering is the discipline of building secure systems.

Its lessons are not just applicable to computer security. In fact this repo aims to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.

security reference
Pyre https://pyre-check.org/
10/08/2020 cluster icon
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
  • Harpoon : CLI tool for open source and threat intelligence. Harpoon is a tool to automate threat intelligence and open source intelligence tasks. It is written ...
  • Bandit : Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs approp...
  • Flake8 : flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code....

Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providing instantaneous feedback to developers as they write code.

Pyre ships with Pysa, a security focused static analysis tool we've built on top of Pyre that reasons about data flows in Python applications.

python staticanalysis security tool
Bandit https://github.com/PyCQA/bandit
24/06/2020 cluster icon
  • Locust : A modern load testing framework Define user behaviour with Python code, and swarm your system with millions of simultaneous users.
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...
  • Locust : Locust is an easy-to-use, distributed, user load testing tool. It is intended for load-testing web sites (or other systems) and figuring out how many ...
  • Kali Linux : Penetration Testing Linux OS containing tools to test the security of system or a network.
  • Pyre : Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providi...
thumbnail

Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report.

security python tool test
OpenVAS https://www.openvas.org/
29/04/2020 cluster icon
  • Kali Linux : Penetration Testing Linux OS containing tools to test the security of system or a network.
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

security scan test tool
SpiderFoot https://www.spiderfoot.net/
11/02/2020 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
thumbnail

With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (OSINT) about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more.

security osint scan tool
Report URI https://report-uri.com/
07/12/2019 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • healthchecks.io : Cron Monitoring. Get Notified When Your Cron Jobs Fail. Make a HTTP GET request to this address from your cron job, daemon, script or long running tas...
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.
  • patchbay : patchbay.pub is a free web service you can use to implement things like static site hosting, file sharing, cross-platform notifications, webhooks hand...
  • Prometheus : Prometheus is an open-source systems monitoring and alerting toolkit originally built at SoundCloud. Prometheus's main features are: a multi-dimensio...
thumbnail

Report URI was founded to take the pain out of monitoring security policies like CSP and HPKP. When you can easily monitor what's happening on your site in real time you react faster and more efficiently, allowing you to rectify issues without your users ever having to tell you.

monitoring http security service
CryptPad https://github.com/xwiki-labs/cryptpad
24/11/2019 cluster icon
  • HedgeDoc : HedgeDoc (formerly known as CodiMD) is an open-source, web-based, self-hosted, collaborative markdown editor. You can use it to easily collaborate on ...
  • Teletype for Atom : Teletype for Atom lets developers share their workspace with team members and collaborate on code in real time.
  • Garage : An open-source distributed storage service you can self-host to fullfill many needs.
  • Conclave : Conclave is a peer-to-peer, real-time, collaborative text editor built from scratch in JavaScript. Intrigued by collaborative text editors such as Goo...
  • AppFlowy.IO : Open Source Notion Alternative
thumbnail

CryptPad is the Zero Knowledge realtime collaborative editor.

Encryption carried out in your web browser protects the data from the server, the cloud and the NSA. It relies on the ChainPad realtime engine.

encryption collaboration realtime security editor storage opensource selfhosted
security.txt https://securitytxt.org/
10/08/2019 cluster icon
  • PHP_CodeSniffer : PHP_CodeSniffer tokenises PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.
  • PHP Coding Standard Generator : The goal of this site is to enable you do very quickly create and maintain your own coding standard. PHP Mess Detector rule sets files and PHP Code Sn...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Inj3ct0r 1337day.com : Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
thumbnail

A proposed standard which allows websites to define security policies.

standards security
Lynis https://cisofy.com/lynis/
24/04/2019 cluster icon
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...
thumbnail

Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing.

opensource security test tool
SSL Server Test https://www.ssllabs.com/ssltest/
21/10/2018 cluster icon
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...
  • mitmproxy : mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify...
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...

This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.

https ssl security test
OpenSCAP https://www.open-scap.org/
03/10/2018 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...

The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. We maintain great flexibility and interoperability, reducing the costs of performing security audits.

security tool scan
page 1 / 4
1656 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn