* [Nuclei Templates v10.4.0](https://github.com/projectdiscovery/nuclei-templates) – Community curated templates for the nuclei engine to identify security vulnerabilities in applications. * [rate-limiter-flexible v10.0.0](https://github.com/animir/node-rate-limiter-flexible) – Counts and limits actions by key to protect against DDoS and brute force attacks. * [Password Pusher v2.0.0](https://github.com/pglombardo/PasswordPusher) – Securely share sensitive information with automatic expiration and deletion after a set number of views or duration. * [chezmoi v2.70.0](https://github.com/twpayne/chezmoi) – Manage dotfiles across multiple diverse machines securely. * [Lego v4.32.0](https://github.com/go-acme/lego) – Let's Encrypt client and ACME library written in Go. * [Step CLI v0.30.0](https://github.com/smallstep/cli) – Easy-to-use CLI for building, operating, and automating PKI systems and common X.509, JWT, and crypto workflows. * [step-ca v0.30.0](https://github.com/smallstep/certificates) – Private certificate authority for secure, automated certificate management in DevOps environments. * [cnspec v13.1.0](https://github.com/mondoohq/cnspec) – Cloud-native policy-as-code engine that scans infrastructure, containers, Kubernetes, cloud services, and code for vulnerabilities and misconfigurations. * [EVE 16.11.0](https://github.com/lf-edge/eve) – Edge virtualization engine providing hardware-assisted virtualization and resource partitioning for on-premises edge devices. * [Skylos v4.0.0](https://github.com/duriantaco/skylos) – Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities. * [OpenFGA v1.12.0](https://github.com/openfga/openfga) – High-performance authorization engine for modeling and enforcing fine-grained access control inspired by Google Zanzibar. * [Crust v4.0.0](https://github.com/BakeLens/crust) – Local transparent gateway that intercepts agent tool calls and blocks dangerous operations before execution. * [MQL v13.0.0](https://github.com/mondoohq/mql) – Cloud-native graph-based query language for querying and discovering infrastructure assets across clouds, containers, and services. * [express-rate-limit v8.3.0](https://github.com/express-rate-limit/express-rate-limit) – Middleware for limiting repeated requests to public APIs and endpoints. * [Betterfox 148.0](https://github.com/yokoffing/Betterfox) – Tweaks for Mozilla Firefox to enhance speed, privacy, and security. * [Cameradar v6.1.0](https://github.com/Ullaakut/cameradar) – RTSP stream scanner that detects devices, enumerates routes, and performs dictionary-based credential discovery, with a Go library. * [PwnDoc v1.4.0](https://github.com/pwndoc/pwndoc) – Pentest reporting application for writing findings and generating customizable DOCX reports. * [Steampipe v2.4.0](https://github.com/turbot/steampipe) – Zero-ETL tool for querying APIs and services using SQL. * [gosec v2.24.0](https://github.com/securego/gosec) – Inspects Go source code for security issues by scanning the AST and SSA representations. * [Cosmos v0.21.0](https://github.com/azukaar/Cosmos-Server) – Secure self-hosted home server solution for managing applications with built-in security and ease of use. * [Grype v0.109.0](https://github.com/anchore/grype) – Vulnerability scanner for container images and filesystems. * [Anubis v1.25.0](https://github.com/TecharoHQ/anubis) – Weighs the soul of connections using proof-of-work to protect resources from scraper bots. * [OWASP secureCodeBox v5.6.0](https://github.com/secureCodeBox/secureCodeBox) – Kubernetes-based modular toolchain for continuous security scanning of software projects. * [Infisical v0.158.17](https://github.com/Infisical/infisical) – Secret management platform for syncing secrets and configurations across teams and infrastructure while preventing leaks. * [SOPS v3.12.2](https://github.com/getsops/sops) – Editor for encrypted files supporting multiple formats and encryption methods. * [GoBetterAuth v2.12.0](https://github.com/GoBetterAuth/go-better-auth) – Scalable authentication for Go apps or standalone servers offering email/password auth, sessions, OAuth, and extensible hooks. * [react-native-sandbox v0.5.0](https://github.com/callstackincubator/react-native-sandbox) – Library for running multiple isolated React Native instances within a single application with safe communication. * [Kubescape v4.0.3](https://github.com/kubescape/kubescape) – Comprehensive security platform for managing and securing Kubernetes environments throughout the development and deployment lifecycle. * [CoWork OS v0.5.0](https://github.com/CoWork-OS/CoWork-OS) – Security-first personal AI assistant runtime providing multi-provider model access and multi-channel messaging integrations with local-first data control. * [supautils v3.2.0](https://github.com/supabase/supautils) – Extension that secures PostgreSQL in cloud environments by managing privileges without requiring superuser access. * [DOMPurify 3.3.3](https://github.com/cure53/DOMPurify) – Fast and tolerant XSS sanitizer for HTML, MathML, and SVG. * [Interactsh v1.3.1](https://github.com/projectdiscovery/interactsh) – Out-of-band interaction gathering server and client library. * [TruffleHog v3.93.8](https://github.com/trufflesecurity/trufflehog) – Powerful tool for discovering, classifying, validating, and analyzing leaked credentials. * [SpiceDB Operator v1.23.0](https://github.com/authzed/spicedb-operator) – Kubernetes operator that manages and scales SpiceDB clusters and automates datastore migrations. * [trust-manager v0.22.0](https://github.com/cert-manager/trust-manager) – Kubernetes/OpenShift operator that combines trusted certificate sources into a distributable trust bundle for applications. * [Falcosidekick 2.33.0](https://github.com/falcosecurity/falcosidekick) – Daemon forwarding Falco events to multiple outputs in a fan-out manner for ecosystem integration. * [Ligolo-MP v2.2.0](https://github.com/ttpreport/ligolo-mp) – Multiplayer client-server pivoting tool for collaborative penetration testing with automatic TUN management and a GUI. * [hoop.dev 1.51.0](https://github.com/hoophq/hoop) – Proxy that secures and simplifies access to infrastructure with outbound-only connections and integrated SSO. * [Trivy v0.69.3](https://github.com/aquasecurity/trivy) – Comprehensive security scanner for vulnerabilities, misconfigurations, and secrets across various targets. * [MCPProxy v0.19.0](https://github.com/smart-mcp-proxy/mcpproxy-go) – Desktop proxy enabling scalable tool discovery, major token savings, and quarantine of malicious upstream servers for AI agents. * [WebAuthn Library v0.16.0](https://github.com/go-webauthn/webauthn) – FIDO2-conformant passkey and authentication backend for Go applications. * [SpiceDB v1.49.2](https://github.com/authzed/spicedb) – Database for storing and querying fine-grained authorization data at scale. * [OpenCTI 7.260227.0](https://github.com/OpenCTI-Platform/opencti) – Platform for managing, structuring, visualizing, and sharing cyber threat intelligence using a STIX2-based knowledge schema. * [Powerpipe v1.5.0](https://github.com/turbot/powerpipe) – Visualize data sources and run compliance benchmarks for effective decision-making and ongoing monitoring. * [Brakeman v8.0.3](https://github.com/presidentbeef/brakeman) – Static analysis tool checking Ruby on Rails applications for security vulnerabilities. * [Chef InSpec v5.24.7](https://github.com/inspec/inspec) – Testing framework for infrastructure that specifies compliance, security, and policy requirements. * [vet v1.14.0](https://github.com/safedep/vet) – Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support. * [osctrl v0.5.0](https://github.com/jmpsec/osctrl) – Fast, efficient osquery management server implementing the osquery remote API as a TLS endpoint. * [OpenBao v2.5.1](https://github.com/openbao/openbao) – Software to manage, store, and distribute sensitive data like secrets, certificates, and keys. * [Cilium v1.19.1](https://github.com/cilium/cilium) – Networking, observability, and security solution with an eBPF-based dataplane. * [cnquery v12.23.0](https://github.com/mondoohq/cnquery) – Cloud-native, graph-based asset inventory and discovery tool for querying infrastructure across clouds, containers, Kubernetes, and VMs. * [Wazuh Dashboard Plugins v4.14.4](https://github.com/wazuh/wazuh-dashboard-plugins) – Collection of plugins that extend the Wazuh dashboard with UI panels for security events, integrity, vulnerability, and compliance monitoring. * [OpenZiti SDK for NodeJS 0.29.0](https://github.com/openziti/ziti-sdk-nodejs) – SDK enabling zero-trust networking for Node.js applications and web servers. * [Warren v0.12.0](https://github.com/secmon-lab/warren) – AI-powered security alert management that reduces noise and speeds incident response. * [Minder v0.1.2](https://github.com/mindersec/minder) – Software supply chain security platform enforcing configurable policies, attesting artifacts, and managing repository security and dependency risk. * [Trivy Operator v0.30.1](https://github.com/aquasecurity/trivy-operator) – Kubernetes-native toolkit that continuously scans clusters and generates vulnerability, configuration, secrets, RBAC, compliance, and SBOM reports. * [passbolt browser extension v5.10.3](https://github.com/passbolt/passbolt_browser_extension) – Browser extension for Firefox, Edge and Chrome providing secure cryptographic operations, random number generation, and password autofill. * [Greenmask v0.2.17](https://github.com/GreenmaskIO/greenmask) – Tool for database anonymization and synthetic data generation. * [UTMStack v11.2.4](https://github.com/utmstack/UTMStack) – Enterprise-ready SIEM and XDR platform offering real-time log correlation, threat intelligence, and incident response. * [js-x-ray @nodesecure/js-x-ray...](https://github.com/NodeSecure/js-x-ray) – JavaScript AST analysis tool for identifying potentially malicious code patterns. * [KICS v2.1.20](https://github.com/Checkmarx/kics) – Detect security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code early in development. * [Shuffle Automation v2.2.1-nightly](https://github.com/Shuffle/Shuffle) – General-purpose security automation platform for security teams, offering workflow editor, OpenAPI-based app creation, and resource sharing. * [caddy-security v1.1.32](https://github.com/greenpau/caddy-security) – Caddy v2 plugin providing authentication, authorization, and credential management for OAuth/OIDC, SAML, LDAP, basic auth, and JWT/PASETO. * [KubeArmor v1.6.9](https://github.com/kubearmor/KubeArmor) – Cloud-native runtime security enforcement system restricting process, file and network behavior of containers, pods, and nodes using LSMs and eBPF. * [eslint-plugin-no-unsanitized v4.1.5](https://github.com/mozilla/eslint-plugin-no-unsanitized) – ESLint plugin disallowing unsafe innerHTML, outerHTML, insertAdjacentHTML assignments and calls unless sanitized. * [AuditKit v0.8.2](https://github.com/guardian-nexus/AuditKit-Community-Edition) – Multi-cloud compliance scanner that audits AWS, Azure, GCP, and M365 against standards and generates audit-ready reports. * [Data security Stack for TypeScript @cipherstash/stack-f...](https://github.com/cipherstash/stack) – End-to-end field-level encryption for TypeScript apps with zero-knowledge key management and searchable encrypted queries. * [Go-TPM tools v0.4.8](https://github.com/google/go-tpm-tools) – High-level Go packages providing APIs for interacting with TPM 2.0 devices. * [VscanPlus v1.0.9](https://github.com/youki992/VscanPlus) – Second-development, lightweight cross-platform website vulnerability scanner with port scanning, fingerprinting, directory fuzzing, and POC-driven vulnerability detection. * [socket-proxy 1.11.4](https://github.com/wollomatic/socket-proxy) – Lightweight secure-by-default Unix socket proxy offering regex-based method allowlists, IP-based access control, and a minimal Go-only image. * [Pike v0.3.95](https://github.com/JamesWoolfenden/pike) – Tool to determine minimum permissions required for Terraform and Infrastructure as Code deployments. * [pgspot 0.9.2](https://github.com/timescale/pgspot) – Tool for identifying vulnerabilities in PostgreSQL extension scripts and SQL code. * [friTap v1.4.1.9](https://github.com/fkie-cad/friTap) – Real-time SSL/TLS key extraction and decryption tool for analyzing encrypted network traffic. * [Protect.js @cipherstash/stack@0...](https://github.com/cipherstash/protectjs) – TypeScript package for encrypting and decrypting data using unique keys for each value. * [Anchore Kubernetes Inventory v1.8.2](https://github.com/anchore/k8s-inventory) – Periodic Kubernetes API poller reporting containers, images, pods, nodes and namespaces currently in use. * [sigstore-js @sigstore/tuf@4.0.2](https://github.com/sigstore/sigstore-js) – JavaScript libraries for interacting with Sigstore signing and verification services. * [Reconmap 3.0.2-beta](https://github.com/reconmap/reconmap) – Collaboration-first platform for planning, automating, executing, and reporting vulnerability assessments and penetration tests. * [SandboxJS v0.8.34](https://github.com/nyariv/SandboxJS) – Safe JavaScript execution runtime that parses and runs code in a whitelisted, prototype-aware sandbox. * [Tracecat 1.0.0-beta.19](https://github.com/TracecatHQ/tracecat) – Modern automation platform for security and IT engineers with YAML templates, no-code workflows, lookup tables, and case management. * [Shodan MCP Server v1.0.21](https://github.com/BurtTheCoder/mcp-shodan) – MCP server providing structured access to Shodan API and CVEDB for IP reconnaissance, DNS lookups, vulnerability data, and device search. * [Yaklang 1.4.6-beta1](https://github.com/yaklang/yaklang) – Cybersecurity-focused domain-specific programming language with a dedicated virtual machine and IDE support. * [Clouditor Community Edition v2.0.0-alpha.18](https://github.com/clouditor/clouditor) – Continuous cloud-assurance platform that evaluates cloud configurations for security and compliance against standards like C5 and CSA CCM. * [AppArmor.d v0.4905](https://github.com/roddhjav/apparmor.d) – Set of over 1500 AppArmor profiles to confine core Linux system services, desktop environments, and user processes.