Security middleware
-
action-pin-check
Audit GitHub Actions workflows for mutable or missing action pins.
-
agent-bom
AI supply-chain & cloud security scanner and self-hosted control plane — agents, MCP, packages, cloud estate, non-human identities, and LLM cost. SBOM/SARIF, graph attack-paths, runtime enforcement, and compliance evidence.
-
android-agent
Control Android devices through ADB with this Python automation framework for task execution and phone farm scaling.
-
AttackMap
AI-assisted defensive security analysis for codebases.
-
AutoPassCrack
🔑 Automate brute-forcing web login forms with ease. Enjoy flexible options like custom generation and advanced field detection for efficient password cracking.
-
AWSBestPracticesSkill
Unofficial source-linked AWS best practices for every AWS service, organized by Well-Architected pillar for Claude Code, OpenAI Codex, and AI coding agents.
-
Casbin
Authorization library supporting access-control models like ACL, RBAC, and ABAC.
-
cavra
CAVRA - Controlled Agentic Verification & Runtime Authority. Before the agent acts, CAVRA decides. CAVRA is a runtime governance and authority layer for AI coding agents.
-
clawseccheck
🦞 Free, local, read-only security self-audit for your own OpenClaw AI-agent setup. Scores it A–F, surfaces the urgent holes, emits copy-paste fixes. Zero deps, no network, no API key — your data never leaves your machine.
-
cloud-ai-security-skills
Cloud and AI security automation skills: OCSF-shaped evidence, detection engineering, audit, compliance, MCP workflows, and HITL-controlled operations.
-
freebsd-industrial-edge-ai-secure-device
Demonstrate secure FreeBSD ARM64 edge AI devices that collect telemetry and run embedded AI with containerized data science and real-time ML pipelines.
-
gh-safe-repo
Python CLI that creates GitHub repos with safe defaults — branch protection, Dependabot, secret scanning, and pre-flight security scanning — applied automatically.
-
linkedin-easyapply-antidetection-bot
Automate LinkedIn Easy Apply with stealth browser techniques and AI-driven form filling to test anti-detection and security research methods.
-
noai-watermark
Remove invisible AI watermarks and manage metadata from images generated by popular AI models like DALL-E, Midjourney, and Stable Diffusion.
-
OcyShield-Framework
Audit Android systems with this modular framework for security testing, payload deployment, and session management.
-
purrsh3ll
AI-powered terminal environment for penetration testers
-
QQgroup-annual-report-analyzer
📊 Analyze QQ group chat records to create stunning annual reports with customizable features and AI integration for enhanced insights.
-
quodeq
AI-powered code quality and security scanner. Open source, MIT, runs locally. <🧭>
-
Secure-Agent-Launcher
Block AI agent access to sensitive macOS paths and log all actions to protect private data during command execution.
-
security-playbooks
Explore open-source ATT&CK scenarios, detection rules, and blue-team labs for hands-on security testing
-
TrashDroid
Automate comprehensive Android app security testing with TrashDroid using adb, drozer, and apktool for a full nine-phase dynamic analysis.
-
trusca
Self-hosted, open-source SCA portal — vulnerability (CVE), license compliance, and SBOM management in one UI. Black Duck/Snyk-class capabilities, Apache-2.0.
-
vigil-tui
Monitor real-time power consumption, thermals, and clock speeds for CPU, GPU, and RAM directly in your terminal.
-
VoiceGuard
🔒 Enhance security with VoiceGuard, an AI-driven voice authentication system powered by OpenAI’s ChatGPT and Whisper for reliable voice identification.
-
zzyCaptcha
🛡️ Generate secure, animated GIF CAPTCHAs with zzyCaptcha, a self-hostable service designed for easy integration and effective bot protection.
Security Python