The Wayback Machine - http://web.archive.org/web/20220107195814/https://github.com/topics/security
Skip to content
#

Security

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 15,115 public repositories matching this topic...

Language: All
Filter by language
All 15,115 Python 2,854 JavaScript 1,738 Java 1,335 Go 949 PHP 931 Shell 832 C 614 HTML 529 C# 460 C++ 402
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated
caddy

caddyserver / caddy

Star 36.4k
Open

Add support for wildcards/ expression matching in header_up/ header_down

3
gucki
gucki commented Dec 12, 2020

It seems Caddy does not support wildcards/ expression matching in the reverse proxy's header_up.

For example this does not remove any headers:

header_up -X-SHIBBOLETH-*

This works as expected, but is limited in its use:

header_up -X-SHIBBOLETH-LOGIN

It'd be great if Caddy would support wildcards/ expression matching in the reverse proxy's header_up/ header_down.

Read more
feature good first issue
algo

trailofbits / algo

Star 24.4k
Open

Better Documentation For Other Cloud Providers

8
RandomDSdevel
RandomDSdevel commented Sep 23, 2017

OS/Environment

None yet, but I'm working on OS X v10.11.6 'El Capitan' client-side. (See 'The way of deployment (cloud or local)' below for details on considered server infrastructure.)

Ansible version

None yet, as I haven't yet gotten that far into setting up Algo.

Version of components from requirements.txt

Not applicable (see above.)

Summary of the pro

Read more
documentation good first issue hacktoberfest

matomo-org / matomo

Star 15.8k

Liberating Web Analytics. Star us on Github? +1. Matomo is the leading open alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. We love Pull Requests!

mysql php security website marketing privacy mobile log analytics web-analytics piwik intranet growth hacktoberfest matomo
  • Updated Jan 7, 2022
  • PHP

radareorg / radare2

Star 15.5k
Open

Opcodes `jecxz` and `jrcxz` Cannot Assemble

elliotkillick
elliotkillick commented Dec 11, 2021

Environment

Sat Dec 11 06:20:24 AM UTC 2021
rasm2 5.5.2 27280 @ linux-x86-64 git.5.5.2
commit: e65e385e5308293c23611e16e531df8c52a9ff18 build: 2021-12-11__06:31:42
Linux x86_64

Description

The opcodes jecxz and jrcxz cannot assemble.

Test

$ rasm2 -a x86 -b 64 'jecxz 0x1'
Cannot assemble 'jecxz 0x1' at line 3
invalid
$ rasm2 -a x86 -b 64 'jrcxz 0x1
Read more
good first issue RAsm-Assembler
Find more good first issues
nginxconfig.io

digitalocean / nginxconfig.io

Star 15.1k
Open

wordpress.conf disable xmlrpc service by default

2
RebelliousWhiz
RebelliousWhiz commented Dec 29, 2021

Sorry for not following the template. It's a straightforward question.

By enabling "WordPress-specific rules", the following codes will be added to the wordpress.conf:

# WordPress: deny general stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
    deny all;
}

However, this disables xmlrpc feature, which disa

Read more
enhancement help wanted good first issue hacktoberfest

ory / hydra

Star 12k
Open

ed448 support for jwk keys?

3
Librechain
Librechain commented Oct 15, 2021

Asking about this since the NSA recently published guidance advising the public and private sectors to transition to cryptographic algorithms that are no less than sha384 & ec384 (elliptic curves).

While Edwards' Curves are different, its worth noting that prior to this update sha256 & secp256k1 were both on the list of acceptable cryptographic algorithms. My deduction was that 128-bit securit

Read more
feat help wanted good first issue
Find more good first issues

docker-slim / docker-slim

Star 11.9k
Open

Ability to override the container image when targeting compose service for minification (`--target-compose-svc-image` param)

kcq
kcq commented Jan 4, 2022

You might have a compose file that doesn't reference the exact version of the container image you want to minified (e.g., the target service might reference the latest tag and you want to minify v1.2.3 for your target image).

The --target-compose-svc-image command parameter (for build and profile commands) should provide a way to use the desired image version without having to rewrite

Read more
enhancement help wanted good first issue
Find more good first issues
Wikipedia
Wikipedia

Security apps

Sonatype DepShield logo

Sonatype DepShield

Monitor your open source components for security vulnerabilities - goodbye muda, hello kaizen

GitProtect.io Backup logo

GitProtect.io Backup

Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support

Snyk logo

Snyk

Find, fix (and prevent!) known vulnerabilities in your code

Renovate logo

Renovate

Keep dependencies up-to-date with automated Pull Requests

BackHub Backups by Rewind logo

BackHub Backups by Rewind

Backup your GitHub repos & metadata automatically. Get daily backups that can be restored in seconds – AWS storage available

Semgrep logo

Semgrep

Code scanning at ludicrous speed. Find bugs, apply guardrails across your repos, and get feedback in PRs, Slack, or email

LGTM logo

LGTM

Find and prevent zero-days and other critical bugs, with customizable alerts and automated code review

GuardRails logo

GuardRails

GuardRails provides continuous security feedback for modern development teams

WhiteSource Bolt logo

WhiteSource Bolt

Detect open source vulnerabilities in real time with suggested fixes for quick remediation

See more Security apps