| 03/16 | 9 |
Community curated templates for the nuclei engine to identify security vulnerabilities in applications.
|
| 03/14 | 9 |
Counts and limits actions by key to protect against DDoS and brute force attacks.
|
| 03/12 | 9 |
Securely share sensitive information with automatic expiration and deletion after a set number of views or duration.
|
| 03/09 | 9 |
Manage dotfiles across multiple diverse machines securely.
|
| 03/17 | 8 |
Cloud-native policy-as-code engine that scans infrastructure, containers, Kubernetes, cloud services, and code for vulnerabilities and misconfigurations.
|
| 03/16 | 8 |
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
|
| 03/13 | 8 |
High-performance authorization engine for modeling and enforcing fine-grained access control inspired by Google Zanzibar.
|
| 03/12 | 8 |
Local transparent gateway that intercepts agent tool calls and blocks dangerous operations before execution.
|
| 03/10 | 8 |
Cloud-native graph-based query language for querying and discovering infrastructure assets across clouds, containers, and services.
|
| 03/05 | 8 |
Middleware for limiting repeated requests to public APIs and endpoints.
|
| 03/18 | 7 |
Editor for encrypted files supporting multiple formats and encryption methods.
|
| 03/17 | 7 |
Secret management platform for syncing secrets and configurations across teams and infrastructure while preventing leaks.
|
| 03/17 | 7 |
Scalable authentication for Go apps or standalone servers offering email/password auth, sessions, OAuth, and extensible hooks.
|
| 03/15 | 7 |
Library for running multiple isolated React Native instances within a single application with safe communication.
|
| 03/15 | 7 |
Comprehensive security platform for managing and securing Kubernetes environments throughout the development and deployment lifecycle.
|
| 03/15 | 7 |
Security-first personal AI assistant runtime providing multi-provider model access and multi-channel messaging integrations with local-first data control.
|
| 03/12 | 7 |
Extension that secures PostgreSQL in cloud environments by managing privileges without requiring superuser access.
|
| 03/11 | 7 |
Pentest reporting application for writing findings and generating customizable DOCX reports.
|
| 03/11 | 7 |
Fast and tolerant XSS sanitizer for HTML, MathML, and SVG.
|
| 03/10 | 7 |
Out-of-band interaction gathering server and client library.
|
| 03/09 | 7 |
Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.
|
| 03/09 | 7 |
Vulnerability scanner for container images and filesystems.
|
| 03/09 | 7 |
Kubernetes operator that manages and scales SpiceDB clusters and automates datastore migrations.
|
| 03/09 | 7 |
Kubernetes/OpenShift operator that combines trusted certificate sources into a distributable trust bundle for applications.
|
| 03/09 | 7 |
Daemon forwarding Falco events to multiple outputs in a fan-out manner for ecosystem integration.
|
| 03/09 | 7 |
RTSP stream scanner that detects devices, enumerates routes, and performs dictionary-based credential discovery, with a Go library.
|
| 03/07 | 7 |
Multiplayer client-server pivoting tool for collaborative penetration testing with automatic TUN management and a GUI.
|
| 03/05 | 7 |
Proxy that secures and simplifies access to infrastructure with outbound-only connections and integrated SSO.
|
| 03/17 | 6 |
Collection of plugins that extend the Wazuh dashboard with UI panels for security events, integrity, vulnerability, and compliance monitoring.
|
| 03/16 | 6 |
SDK enabling zero-trust networking for Node.js applications and web servers.
|
| 03/10 | 6 |
AI-powered security alert management that reduces noise and speeds incident response.
|
| 03/10 | 6 |
Software supply chain security platform enforcing configurable policies, attesting artifacts, and managing repository security and dependency risk.
|
| 03/10 | 6 |
Kubernetes-native toolkit that continuously scans clusters and generates vulnerability, configuration, secrets, RBAC, compliance, and SBOM reports.
|
| 03/09 | 6 |
Browser extension for Firefox, Edge and Chrome providing secure cryptographic operations, random number generation, and password autofill.
|
| 03/07 | 6 |
Tool for database anonymization and synthetic data generation.
|
| 03/05 | 6 |
Enterprise-ready SIEM and XDR platform offering real-time log correlation, threat intelligence, and incident response.
|
| 03/17 | 5 |
End-to-end field-level encryption for TypeScript apps with zero-knowledge key management and searchable encrypted queries.
|
| 03/16 | 5 |
JavaScript AST analysis tool for identifying potentially malicious code patterns.
|
| 03/13 | 5 |
High-level Go packages providing APIs for interacting with TPM 2.0 devices.
|
| 03/11 | 5 |
Desktop proxy enabling scalable tool discovery, major token savings, and quarantine of malicious upstream servers for AI agents.
|
| 03/09 | 5 |
Second-development, lightweight cross-platform website vulnerability scanner with port scanning, fingerprinting, directory fuzzing, and POC-driven vulnerability detection.
|
| 03/07 | 5 |
Lightweight secure-by-default Unix socket proxy offering regex-based method allowlists, IP-based access control, and a minimal Go-only image.
|
| 03/06 | 5 |
Platform for managing, structuring, visualizing, and sharing cyber threat intelligence using a STIX2-based knowledge schema.
|
| 03/05 | 5 |
Tool to determine minimum permissions required for Terraform and Infrastructure as Code deployments.
|
| 03/17 | 4 |
Private certificate authority for secure, automated certificate management in DevOps environments.
|
| 03/17 | 4 |
Easy-to-use CLI for building, operating, and automating PKI systems and common X.509, JWT, and crypto workflows.
|
| 03/15 | 4 |
Collaboration-first platform for planning, automating, executing, and reporting vulnerability assessments and penetration tests.
|
| 03/13 | 4 |
Safe JavaScript execution runtime that parses and runs code in a whitelisted, prototype-aware sandbox.
|
| 03/17 | 3 |
Modern automation platform for security and IT engineers with YAML templates, no-code workflows, lookup tables, and case management.
|
| 03/13 | 3 |
Cybersecurity-focused domain-specific programming language with a dedicated virtual machine and IDE support.
|
| 03/11 | 3 |
Continuous cloud-assurance platform that evaluates cloud configurations for security and compliance against standards like C5 and CSA CCM.
|
| 03/11 | 3 |
General-purpose security automation platform for security teams, offering workflow editor, OpenAPI-based app creation, and resource sharing.
|