Top Security Projects

Top security tools gaining traction on GitHub. Vulnerability scanners, pentesting tools, and security frameworks.

Languages: Python JavaScript TypeScript Rust Go Java Swift Kotlin Ruby C++
Topics: Claude Code MCP Servers Vibe Coding AI Agents OpenClaw Machine Learning AI CLI Tools Developer Tools Web Frameworks Databases Security Automation
vercel-labs/ deepsec
100%

Someone built a vuln scanner that doesn't choke on massive repos.

TypeScript 2346 151 31d
jherrodthomas/ automotive-skills-suite
100%

This replaces your compliance Excel grind with instant AI builders and reviewers.

1165 23 31d
butthtio/ solidity-cot-auditor
100%

This replaces manual Solidity audits with instant exploits and fixes.

Python 498 313 28d
beenuar/ AiSOC
100%

Scale SecOps with self-hosted AI that fuses alerts and nails triage.

Python 475 54 30d
dwisiswant0/ next-16.2.4-pocs
100%

It does what security bulletins don't: runnable Next.js exploits.

Python 117 24 24d
Netxeo/ skill-file-security
100%

This swaps clunky vuln scanners for AI-powered audits in your IDE.

JavaScript 55 6 29d
Axisfrommall/ r02-alirezarezvani-claude-skills-security
100%

Replace manual security audits with Claude's instant compliance powerhouse.

46 0 33d
NestMeadowlark/ r13-danielrosehill-claude-slash-commands-security
100%

Someone built slash commands that breeze through security audits and compliance.

45 0 33d
RestraintSound/ r19-iannuttall-claude-agents-security
100%

Crushes security audits and compliance like enterprise suites, but agent-powered.

45 0 33d
mac119/ ssh_proxy
100%

Drop bastion hosts—this Rust proxy delivers audited SSH access without server changes.

Rust 41 8 27d
orcasecurity/ orca-skills
100%

Your AI sweats security triage so you sip coffee in peace.

41 2 28d
DensityFletcher/ b02-skills-main-security
100%

This replaces haphazard auth builds with TDD security mastery.

40 0 33d
califio/ skills
100%

Claude audits code like a jaded pentester spotting flaws you snoozed on.

Shell 39 6 31d
JFOZ1010/ repshot
100%

Makes manual screenshot assembly for security reports a thing of the past.

Java 31 3 11d
MyuriKanao/ src-hunter-skill
100%

This replaces your bug bounty chaos with one structured hunting playbook.

31 7 22d
0hardik1/ kubesplaining
100%

Prevent K8s breaches by mapping RBAC paths to cluster-admin and root.

Go 30 0 36d
redlyne-ai/ redlyne
100%

Your AI-generated Python patches its own security flaws.

Python 29 2 30d
netbiosX/ CyberSec-Blogs
100%

Lists of independent cybersecurity blogs covering threat intelligence, purple team, red team, threat hunting, and detection engineering. Most are pers

29 1 31d
jdevalk/ specification.website
100%

Website specification — HTML, accessibility, security, SEO, agent-readiness. Platform-agnostic, sourced, MIT.

TypeScript 28 3 3d
iamjosephmj/ DeviceIntelligence
100%

Someone built Android tamper detection into a tidy JSON report.

Kotlin 27 2 34d
gcampton/ Agent-Pixels
100%

Swap agent logs for pixel characters roaming a camera-filled virtual office.

TypeScript 27 3 32d
berabuddies/ Semia
100%

Semia, security audit for AI agent skills.

Python 27 2 27d
xiaocaip/ aperture
100%

Arm64 linux KVM introspection hypervisor via stage 2 translation traps & vcpu exit tracing

C 25 0 27d
Tangxihong0922/ QueryMind
100%

This swaps manual SQL for secure LLM agents that query data naturally.

Python 25 4 28d
KenyanRedwoods01/ Orbit
100%

Command your full server stack—deploy, secure, monitor—with total ease.

TypeScript 21 5 25d
walt-app/ walt-passes-android
100%

Replace your wallet's opaque pass handling with auditable open-source security.

Kotlin 19 0 28d
OpenOSINT/ OpenOSINT
100%

Get AI to profile targets and deliver structured intel reports from your terminal.

Python 19 7 26d
Hossiy21/ razify
100%

A developer CLI tool that manages .env files, detects secret leaks, syncs env drift across teammates, and validates environment parity between local/s

Go 18 1 28d
CiscoDevNet/ foundry-security-spec
100%

Deploy agentic AI securely with battle-tested evaluation standards.

18 7 28d
secureagentics/ Adrian
100%

Someone built runtime security for AI agents that keeps them from going rogue.

Python 18 7 20d
mega-edo/ mega-security-leaderboard
100%

Someone built a leaderboard ranking LLMs on prompt attack resilience.

Python 16 0 32d
RivalSecurity/ sastbench
100%

Give your SAST agent a lie detector for vuln reports.

Python 15 0 31d
peterjohncasasola/ FlexQuery.NET
100%

Does OData queries on EF Core, minus the bloat and risks.

C# 15 1 30d
xiaocaip/ counter
100%

Profile L2 guests in nested KVM to crush VMExit mysteries fast.

C 14 0 26d
Perufitlife/ supabase-security-skill
100%

It audits Supabase like a pentester, but spits out SQL fixes instantly.

JavaScript 14 0 23d
0x5t4l1n/ AURHub
100%

A security-focused modern package manager frontend for Arch Linux with unified AUR/repository search, package analysis, and update management.

JavaScript 14 0 11d
0xPira/ SSKills
100%

SSkills (Slop Skills) is a public collection of specialist skills for security agents and human reviewers. Each skill packages structured domain knowl

JavaScript 13 4 4d
kavishka-dot/ libminerva
100%

MINERVA - Minimal Inference Engine for Robust, Verifiable, and Authenticated ML. Encrypted, integrity-verified neural network inference for MCUs down

C 13 2 21d
valleytechsolutions/ Skid-Detector
100%

Your mood light moonlights as a stealth network sentinel.

C++ 12 0 19d
Deconstruct2021/ hermes-bumblebee-bridge
100%

Read-only supply-chain scanning for Hermes Agent, powered by Perplexity's Bumblebee. Daily scans, Telegram alerts, JARVIS narration.

Shell 12 1 8d
pikapods/ docker-freescout
100%

A Freescout Docker image with a focus on simplicity, maintainability and fast security updates.

Python 12 0 18d
ClouGence/ open-cdm
100%

Empower your team to manage databases securely across regions and workflows.

Java 11 1 20d
secorizon/ SecorizonAI
100%

Ace pentests faster with a terminal AI agent that strategizes and searches.

Go 11 1 19d
hieuchaydi/ MCPGuard
100%

This replaces your entire MCP security process with one CLI.

Python 11 1 24d
YutoTerashima/ mcp-tool-security-playground
100%

MCP-style tool-use security playground with permission policies.

Python 11 0 30d
fevziegeyurtsevenler/ LLM-Security-Nedir
100%

Master LLM security essentials to shield your AI from hidden threats.

10 0 33d
rad-security/ goal-blueprints
100%

Give your AI coding tools ready‑made security audit blueprints and ship fewer vulnerabilities.

10 1 14d
Coff0xc/ coffee-skill
100%

Comprehensive Codex skills pack for engineering, AI agents, docs, and defensive security, with multilingual triggers, validation checklists, and a rou

Python 10 0 19d
vaultmcp/ vault
89%

MCP prompt-injection scanning proxy — runtime security for MCP tool responses

Solidity 94 1 12d
compartmentdev/ compartment
89%

Compartment is a self-hosted application deployment system for teams that want to ship and share internal, private, or public web apps without buildin

TypeScript 61 3 6d

Want daily updates on trending Security repos?

Subscribe to Weekly Digest