30 open-source projects similar to microsoft/security-101, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Security 101 alternative.
TheHive is a security incident response platform and multi-tenant case management system. It functions as a Security Orchestration, Automation, and Response (SOAR) tool and a threat intelligence platform designed to coordinate security investigations by managing alerts, cases, and observables. The platform is distinguished by its multi-tenant architecture, which isolates data across different organizations while supporting selective cross-tenant sharing. It features a SOAR automation engine capable of executing sandboxed JavaScript logic to automate workflows and trigger response actions thro
The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It
Spring Security is a comprehensive security framework for Java applications that provides authentication and authorization for both web and non-web environments. It functions as an implementation of authentication and authorization logic integrated with the Java runtime environment to protect sensitive resources from unauthorized access. The framework includes toolkits for implementing OpenID Connect and OAuth 2.0 authorization servers and clients, as well as tools for integrating SAML 2.0 identity providers to enable cross-domain single sign-on. It utilizes a role-based access control system
Learn-Web-Hacking is a structured web security study guide and penetration testing knowledge base. It provides a collection of research notes focused on identifying and exploiting vulnerabilities in web applications and network protocols. The project includes specialized frameworks for evaluating security risks in large language models to prevent prompt injection, as well as guides for hardening cloud-native infrastructure, including container standards and orchestration tools. It also covers the analysis of identity standards and authentication protocols. The material spans a broad range of
Keep is an open-source AIOps alert management platform that aggregates, deduplicates, and orchestrates the lifecycle of alerts from multiple monitoring tools. It functions as a multi-provider integration hub to centralize the flow of data between observability, ticketing, and communication tools. The platform distinguishes itself through incident workflow automation and AI-powered enrichment. It uses a declarative workflow engine to execute multi-step operational sequences and integrates large language models to summarize event data and correlate technical logs for faster incident resolution.
Sa-Token is a Java-based authentication and authorization framework designed to manage user sessions, permissions, and identity verification within web applications and microservice architectures. It provides a centralized security layer that enforces access control policies and identity validation across distributed service environments and API gateways. The framework distinguishes itself through its support for cross-domain single sign-on and its ability to function as an OAuth2 identity provider. It manages user session lifecycles by applying configurable rules for single or multi-login re
NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce
Maltrail is a malicious traffic detection system used for network intrusion detection. It consists of a network intrusion sensor for monitoring interfaces, a threat intelligence aggregator for syncing blacklists, and a detection engine that identifies security threats through signature matching and heuristic attack patterns. The system distinguishes itself through a distributed sensor architecture that collects traffic data from multiple remote probes and forwards events to a central analysis server. It employs heuristic behavioral analysis to identify unknown threats, such as port scanning o
This project is a governance, risk, and compliance platform designed to centralize security governance, risk management, and regulatory compliance activities. It functions as a cybersecurity framework manager and a quantitative risk management system, allowing organizations to track their security posture through a centralized hub. The platform is distinguished by its ability to decouple regulatory requirements from technical security controls, enabling users to map a single implementation across multiple global frameworks to reduce audit duplication. It further differentiates itself through
This project is a reference implementation and a collection of code samples for deploying the Apache Shiro security framework within Java-based web applications. It serves as a demonstration for implementing authentication, authorization, and user identity management. The implementation features distributed session management to coordinate user states across multiple server instances for high availability. It also includes samples for third-party OAuth2 integration, enabling external account authentication, and single sign-on support to grant access to multiple related applications. The proj
Talos is a minimal, immutable Linux distribution designed specifically for deploying and managing Kubernetes clusters. It functions as an API-driven infrastructure manager that replaces traditional shell access with a declarative gRPC interface to control operating system state and configuration. The system is distinguished by its use of a read-only root filesystem and a security-hardened kernel, which removes standard GNU utilities to reduce the attack surface. It ensures environment consistency by distributing the operating system as versioned, signed images and utilizes TPM-backed verified
Dependency-Track is a software composition analysis tool and vulnerability management system designed to track dependencies and supply chain risk. It functions as a platform for ingesting and analyzing CycloneDX software bills of materials to identify known vulnerabilities and license compliance issues within third-party software components. The system distinguishes itself by mirroring external vulnerability databases locally to enable fast offline analysis and using VEX documents to differentiate between technical vulnerabilities and actual contextual risks. It also integrates with identity
iBook is a self-hosted e-book library management system that allows individuals or organizations to set up and maintain their own digital collection. The platform provides durable storage for e-book files and their associated metadata, a RESTful API for library operations, static file serving for direct browser downloads, and a self-contained deployment model that runs on a user's own server. Beyond the core library functionality, iBook includes a freely accessible digital archive of technical and general e-books in EPUB and PDF formats, role-based access control for catalog and administrativ
This project is a comprehensive set of guides and frameworks designed to secure software-as-a-service infrastructure and company operations. It provides a collection of technical checklists, architectural patterns, and best practices for hardening cloud applications against cyber attacks. The project differentiates itself by providing specialized manuals for risk management and compliance readiness. It offers structured approaches to threat modeling, incident response planning, and the preparation of audit evidence required to meet industry security certifications and enterprise customer requ
This project is a comprehensive API security audit checklist and vulnerability audit framework. It provides a structured guide of security countermeasures for designing, testing, and deploying secure APIs across various protocols. The framework includes specialized guides for securing OAuth 2.0 authorization flows, implementing zero trust networking for service-to-service communication, and protecting GraphQL endpoints from resource exhaustion and information leakage. It also provides standards for integrating static analysis, dynamic scanning, and secret detection into CI/CD delivery pipelin
mall4j is a Java-based e-commerce platform and B2B2C commerce suite designed to manage retail operations across web, mobile, and H5 storefronts. It serves as an omnichannel backend and multi-tenant retail manager, providing the infrastructure to handle product catalogs, shopping carts, and order processing. The system is built on a Spring Boot microservice framework, featuring an omnichannel architecture that exposes a unified API gateway to power diverse client interfaces. It distinguishes itself through a B2B2C workflow that coordinates sales between administrators, merchants, and end consu
RuoYi is a Spring Boot admin framework designed for building enterprise applications. It provides a foundation for creating management dashboards and orchestrating systems using either monolithic or microservices architectures. The project features a low-code application generator that produces ready-to-compile source code and API documentation based on database table configurations. It implements a role-based access control system to map users and roles to specific menus and buttons for secure resource access. The framework includes capabilities for system health monitoring, real-time perfo
Shiro is a Java security framework that provides an identity and access manager for implementing authentication, authorization, cryptography, and session management. It serves as a security layer to verify user identities and enforce role-based access control for protected system resources. The project features a pluggable realm architecture that decouples security logic from identity data and a standalone session management system that tracks user state independently of the underlying servlet container. It includes an integrator for external identity providers using federation protocols such
Cloudsploit is a cloud security posture management tool and multi-cloud security auditor. It audits cloud infrastructure for misconfigurations and compliance risks across multiple providers, specifically AWS and Azure, by evaluating resource configurations against a set of security plugins. The project functions as a cloud compliance scanner that maps infrastructure scan results to regulatory frameworks and security policy standards. It also serves as an automated cloud remediation tool, executing corrective actions to fix detected misconfigurations via SDK calls. The system covers resource
This project is a software-as-a-service application boilerplate and foundation designed to provide the core business infrastructure for building software services. It functions as a multi-tenant user management system that handles account creation, user authentication, and organizational team structures across multiple customer accounts. The kit integrates enterprise identity features, including a service for automating user and group management via the System for Cross-domain Identity Management standard. It also includes a billing implementation for managing recurring payments, one-time tra
LoopBack Next is a Node.js API framework used for building REST and multi-protocol APIs. It functions as an OpenAPI server implementation that can either generate machine-readable specifications from code or produce implementation controllers and models from existing specifications. The framework distinguishes itself through a central dependency injection container and a repository-pattern data access layer. This architecture decouples application logic from component construction and persistent storage, allowing for a pluggable system where data sources and business logic are isolated throug
Skateshop is a Next.js e-commerce storefront and subscription-based commerce platform. It provides a retail website featuring product catalogs, shopping carts, and checkout flows, paired with a retail store management dashboard for tracking inventory, orders, and payments. The project includes a subscription system to process recurring payments and manage tiered access to premium services. It also integrates a markdown blog engine for publishing technical content and an email marketing system to collect subscribers and distribute newsletters. The platform covers identity management through u
Dispatch is an incident response orchestration platform that automates the coordination of detection, participant assembly, and task tracking across existing communication and project management tools. It provides a web-configurable state machine to manage incident lifecycle transitions, with template-driven incident models that define types, priorities, and severity levels. The platform enforces role-based access control to map user roles to specific actions and data access, while maintaining a database-backed audit trail of all incident events and system changes for compliance and post-incid
Horizon is a realtime API server and RethinkDB backend designed to push database changes instantly to front-end clients. It utilizes a WebSocket data streaming API to synchronize data between the database and user interfaces without requiring manual polling. The project integrates an OAuth identity manager for verifying user identities through third-party providers and a role-based access control system to define granular permissions for viewing or modifying database documents. It is delivered as a containerized backend framework, allowing the server and its dependencies to be deployed as a p
Zend Framework is a comprehensive set of decoupled components for building modular, event-driven web applications. It implements an MVC architecture to separate business logic from the user interface and provides a structured request-handling system through a sequential middleware pipeline. The project features a factory-driven dependency injection container to automate object instantiation and manage class lifecycles. It also includes a comprehensive security suite for verifying user identities and restricting resource access using access control lists and role-based access control adapters.
mall4cloud is a multi-tenant B2B2C e-commerce platform built on a Spring Cloud microservice architecture. It orchestrates independently deployable services with service discovery, configuration, caching, messaging, distributed transactions, object storage, and full-text search to support a marketplace with separate interfaces for platform administrators, merchants, and customers. The platform distinguishes itself through its comprehensive microservice infrastructure, using RocketMQ for event-driven messaging, Seata for distributed transaction coordination across services, and Redis for cachin
This project is a comprehensive enterprise architecture for building multi-tenant distributed systems, implemented as a Spring Cloud microservices platform. It provides a complete framework for managing microservices, focusing on multi-tenant data architecture and centralized identity provision. The platform is distinguished by its integrated approach to identity and security, utilizing an OAuth2 identity provider to manage single sign-on, role-based access control, and JWT token issuance across distributed services. It further separates organizational boundaries through multi-tenant data iso
This platform is a comprehensive, white-label software suite designed for launching and managing on-demand food delivery services. It provides a unified ecosystem that connects customers, restaurant staff, and delivery riders through integrated mobile and web interfaces, supported by a centralized backend infrastructure that synchronizes data and business logic across all user roles. The system distinguishes itself through its focus on self-hosted deployment, granting operators full control over their data, backups, and server environments. It supports multi-vertical business models, allowing
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Graylog2-server is an open-source centralized log management system and aggregator. It functions as a log analysis platform designed to collect, index, and analyze log data from multiple sources within a centralized searchable index. The system provides capabilities for enterprise log aggregation and infrastructure monitoring. It enables the gathering of logs from various servers and applications to facilitate log data analysis and root cause troubleshooting across a network. The platform utilizes a distributed indexing pipeline and message-queue based ingestion to handle log streams. It inc