awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

71 repository-uri

Awesome GitHub RepositoriesWeb Application Security

Frameworks and middleware for securing web applications through authentication, authorization, and data protection.

Distinguishing note: Focuses on web-specific security layers rather than generic cryptographic primitives.

Explore 71 awesome GitHub repositories matching security & cryptography · Web Application Security. Refine with filters or upvote what's useful.

Awesome Web Application Security GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • awesome-selfhosted/awesome-selfhostedAvatar awesome-selfhosted

    awesome-selfhosted/awesome-selfhosted

    299,516Vezi pe GitHub↗

    Acest proiect este un director curatoriat de comunitate cu software open-source conceput pentru implementarea în medii de server private și laboratoare de acasă (home labs). Servește drept resursă cuprinzătoare pentru descoperirea alternativelor independente, auto-găzduite, la serviciile cloud mainstream, permițând utilizatorilor să mențină proprietatea deplină a datelor și controlul asupra infrastructurii lor digitale. Directorul este structurat printr-o taxonomie ierarhică ce organizează o colecție vastă de aplicații în categorii logice, variind de la gestionarea media și analiza datelor la comunicare privată și instrumente de productivitate în echipă. Se distinge printr-un proces colaborativ de peer-review, unde membrii comunității validează calitatea și relevanța fiecărei trimiteri pentru a se asigura că directorul rămâne precis și fiabil. Proiectul acoperă o suprafață largă de capabilități, inclusiv automatizarea infrastructurii, implementarea serviciilor bazate pe containere și gestionarea configurației declarative. Aceste instrumente ajută utilizatorii să mențină medii de server reproductibile și să gestioneze dependențele complexe ale serviciilor pe hardware privat. Directorul este menținut ca un repository controlat prin versiuni, asigurându-se că toate actualizările și modificările conduse de comunitate sunt urmărite și transparente.

    Inspects incoming web traffic using artificial intelligence and semantic analysis to block malicious requests.

    awesomeawesome-listcloud
    Vezi pe GitHub↗299,516
  • dotnet/aspnetcoreAvatar dotnet

    dotnet/aspnetcore

    38,143Vezi pe GitHub↗

    This project is a comprehensive server-side web framework designed for building scalable web applications and services. It provides a structured, component-based architecture that integrates a dependency injection container to manage service lifecycles and promote loose coupling across the software stack. The framework enables the creation of interactive client-side interfaces through a component-based model that synchronizes state directly with the browser. The platform distinguishes itself through a highly configurable middleware-based request pipeline and an attribute-based routing engine

    Protecting sensitive user data and system resources by implementing robust authentication and authorization layers within a web environment.

    C#aspnetcoredotnethacktoberfest
    Vezi pe GitHub↗38,143
  • nextauthjs/next-authAvatar nextauthjs

    nextauthjs/next-auth

    28,277Vezi pe GitHub↗

    Next-auth is an authentication and identity management library for web frameworks. It provides a unified system for handling user sign-in and session state across server and client environments, functioning as a session management framework and an OIDC authentication library. The project distinguishes itself through a provider-based identity abstraction that supports multiple authentication methods, including OAuth, email magic links, traditional credentials, and passwordless passkeys. It allows for the registration of custom OAuth or OIDC compliant providers and offers tools to define branda

    Provides security middleware to protect web applications using CSRF token validation and restrictive cookie policies.

    TypeScriptauthauthenticationcsrf
    Vezi pe GitHub↗28,277
  • iaincollins/next-authAvatar iaincollins

    iaincollins/next-auth

    28,272Vezi pe GitHub↗

    Next-auth is an authentication library and identity framework used to manage user sign-in and session state across web applications. It provides a system for handling user identity through OAuth, OpenID Connect, and passwordless sign-in flows. The project features a multi-provider framework that integrates third-party identity services and custom directory backends. It supports passwordless authentication via email magic links or hardware keys and utilizes a database-agnostic storage layer to persist authentication states across different database types or in-memory. Security is managed thro

    Secures web applications by protecting sign-in routes from CSRF and encrypting session tokens.

    TypeScript
    Vezi pe GitHub↗28,272
  • locustio/locustAvatar locustio

    locustio/locust

    27,516Vezi pe GitHub↗

    Locust is a distributed performance testing framework that allows users to define complex system stress scenarios using standard Python code. By modeling concurrent users as classes with weighted tasks and lifecycle hooks, it enables the simulation of realistic user behavior across large-scale environments. The tool functions as a scalable load generator capable of orchestrating traffic across multiple worker nodes to measure system stability and responsiveness under heavy, real-world conditions. The framework is distinguished by its protocol-agnostic architecture, which supports diverse comm

    Secures the web dashboard with custom authentication mechanisms like username-password validation or SSO.

    Pythonbenchmarkinghttpload-generator
    Vezi pe GitHub↗27,516
  • fallibleinc/security-guide-for-developersAvatar FallibleInc

    FallibleInc/security-guide-for-developers

    21,090Vezi pe GitHub↗

    This project is a web application security guide and developer training resource. It serves as a secure coding framework and vulnerability remediation manual, providing software engineers with the tools to identify, prioritize, and fix common security holes across different application layers. The resource utilizes a structured verification framework and security audit checklists to systematically find vulnerabilities. It features a technical reference that maps specific security flaws to step-by-step instructions for remediation, supported by vulnerability statistics to help determine which

    Offers a comprehensive security framework for web applications covering authentication, authorization, and data protection layers.

    Vezi pe GitHub↗21,090
  • gravitational/teleportAvatar gravitational

    gravitational/teleport

    19,863Vezi pe GitHub↗

    Teleport is a zero-trust access platform designed to provide secure, identity-based connectivity to servers, databases, and Kubernetes clusters. It functions as a centralized gateway that replaces static credentials with short-lived, identity-bound cryptographic certificates, effectively eliminating the need for traditional VPNs and long-term secret exposure. The platform distinguishes itself by orchestrating access through a unified control plane that maps external identity provider claims to granular, role-based infrastructure permissions. It enforces security through mutual TLS gateways an

    Exposes internal web applications through a secure gateway using unique subdomains and automated certificate management.

    Goauditbastioncertificate
    Vezi pe GitHub↗19,863
  • moientajik/aspnetcore-developer-roadmapAvatar MoienTajik

    MoienTajik/AspNetCore-Developer-Roadmap

    19,536Vezi pe GitHub↗

    This project provides a structured curriculum and visual guide for mastering web development within the ASP.NET Core ecosystem. It serves as a comprehensive roadmap that maps out the essential technologies, milestones, and proficiency sequences required for developers to progress from beginner to advanced levels. The repository distinguishes itself by curating high-quality learning resources and technical documentation into a logical progression. It visualizes complex development paths through structured diagrams, helping users navigate the technical requirements of building and maintaining m

    Covers secure web application development practices including identity management and authorization.

    asp-net-coreaspnet-coreaspnetcore
    Vezi pe GitHub↗19,536
  • micropoor/micro8Avatar Micropoor

    Micropoor/Micro8

    18,060Vezi pe GitHub↗

    Micro8 is a security auditing knowledge base and penetration testing resource library. It serves as a curated collection of guides and documentation focused on vulnerability assessment. The project provides educational content and study guides for manual source code review, domain escalation, and internal network auditing. It includes a toolkit of reference materials for analyzing network traffic logs and identifying brute-force patterns. The library covers technical domains including web penetration testing and privilege escalation. It organizes these materials through PDF-based knowledge r

    Includes educational materials on the systematic process of auditing web application security.

    micro8micropoorpenetration
    Vezi pe GitHub↗18,060
  • dotnet/runtimeAvatar dotnet

    dotnet/runtime

    17,966Vezi pe GitHub↗

    This project is a cross-platform managed execution environment and general-purpose application framework designed for building high-performance software. It provides a unified runtime that handles memory management, type safety, and code execution across diverse operating systems. By integrating a native code compilation toolchain, the platform enables developers to convert managed code into optimized machine instructions, significantly improving startup performance and reducing runtime dependencies for production environments. The framework distinguishes itself through a comprehensive toolch

    Secures web applications through built-in identity management and authentication policies.

    C#dotnethacktoberfesthelp-wanted
    Vezi pe GitHub↗17,966
  • vxcontrol/pentagiAvatar vxcontrol

    vxcontrol/pentagi

    17,766Vezi pe GitHub↗

    Pentagi is an autonomous security testing framework and agent orchestrator designed to plan and execute end-to-end security assessments. It utilizes a coordination engine to decompose complex goals into actionable subtasks, performing automated penetration testing and vulnerability research within isolated container environments. The system distinguishes itself through a temporal knowledge graph that tracks semantic relationships between entities and vulnerabilities to reuse intelligence across projects. It includes a web intelligence reconnaissance tool for automated data gathering and agent

    Includes tools for automated web reconnaissance to gather intelligence and map targets for security workflows.

    Goai-agentsai-security-toolanthropic
    Vezi pe GitHub↗17,766
  • projectdiscovery/katanaAvatar projectdiscovery

    projectdiscovery/katana

    15,584Vezi pe GitHub↗

    Katana is a web crawler and spider designed for security reconnaissance and web application mapping. It functions as a utility for identifying endpoints, forms, and API structures across web targets by combining standard HTTP request traversal with headless browser automation to render dynamic, JavaScript-heavy content. The tool distinguishes itself through its ability to maintain authenticated sessions and handle complex web interactions, such as automated form submission and captcha resolution. It provides granular control over the discovery process, allowing users to define specific crawl

    Maps web application structures and endpoints to identify hidden resources during security assessments.

    Goclicrawlergocrawler
    Vezi pe GitHub↗15,584
  • quarkusio/quarkusAvatar quarkusio

    quarkusio/quarkus

    15,479Vezi pe GitHub↗

    Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program

    Implements comprehensive web security mechanisms including OpenID Connect, OAuth2, and Basic authentication to protect application resources.

    Javacloud-nativehacktoberfestjava
    Vezi pe GitHub↗15,479
  • s0md3v/xsstrikeAvatar s0md3v

    s0md3v/XSStrike

    14,752Vezi pe GitHub↗

    XSStrike is an automated security scanning engine designed for web application discovery, input

    Mapping web application structures and discovering hidden paths to identify potential injection points for comprehensive security analysis.

    Pythonwaf-detectionxssxss-bruteforce
    Vezi pe GitHub↗14,752
  • oauth2-proxy/oauth2-proxyAvatar oauth2-proxy

    oauth2-proxy/oauth2-proxy

    14,576Vezi pe GitHub↗

    This project is a reverse proxy server that secures internal web services by enforcing authentication against external identity providers. It acts as a gatekeeper for incoming HTTP traffic, validating user identity before forwarding requests to protected backend applications. By integrating with OAuth2 and OIDC providers, the proxy ensures that only authorized users can access internal resources. The proxy distinguishes itself through its flexible session management and granular access control. It maintains authenticated user state across requests using either encrypted client-side cookies or

    Secures internal web applications by enforcing mandatory authentication against external identity providers.

    Gocloud-infrastructurehacktoberfestoauth2-proxy
    Vezi pe GitHub↗14,576
  • maurosoria/dirsearchAvatar maurosoria

    maurosoria/dirsearch

    14,403Vezi pe GitHub↗

    dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio

    Implements utilities for mapping and discovering the structure of web applications through active reconnaissance.

    Python
    Vezi pe GitHub↗14,403
  • casdoor/casdoorAvatar casdoor

    casdoor/casdoor

    13,814Vezi pe GitHub↗

    Casdoor is a centralized identity and access management platform that functions as an OAuth 2.0 authorization server. It provides a comprehensive suite of services for managing user identities, authentication sessions, and access policies across both web and machine-to-machine applications. Built with a decoupled frontend-backend architecture in Go, the platform supports high-concurrency environments and offers a web-based management interface for administrative tasks. The platform distinguishes itself through its extensive support for federated identity management, allowing integration with

    Applies distinct security policies by categorizing traffic between user-facing web applications and machine-to-machine services.

    Goai-gatewayauthauthentication
    Vezi pe GitHub↗13,814
  • dotnet/aspnetcore.docsAvatar dotnet

    dotnet/AspNetCore.Docs

    13,115Vezi pe GitHub↗

    ASP.NET Core is a unified, cross-platform framework designed for building scalable web applications and services. It provides a comprehensive environment for constructing server-side rendered applications, real-time communication services, and interactive web components using C# and .NET. The framework distinguishes itself through a modular architecture that centers on a built-in dependency injection container, which manages service lifecycles and component modularity to improve testability. It utilizes a middleware pipeline to process requests and employs policy-based authorization to secure

    Protects services with built-in mechanisms for authentication, authorization, and data encryption.

    C#aspaspnetaspnet-core
    Vezi pe GitHub↗13,115
  • spatie/laravel-permissionAvatar spatie

    spatie/laravel-permission

    12,911Vezi pe GitHub↗

    This is a role-based access control system for Laravel applications that manages user permissions and roles within a database. It provides a database permissions manager to assign specific abilities to users and roles, utilizing authorization gates to restrict access to routes and interface elements. The project features a wildcard permission system that uses pattern matching to grant broad access across multiple related permissions. It also supports team-scoped access control, allowing users to maintain different roles and permission levels across separate organizational contexts or teams.

    Secures Laravel applications by implementing route guards and middleware to protect sensitive application areas.

    PHP
    Vezi pe GitHub↗12,911
  • crowdsecurity/crowdsecAvatar crowdsecurity

    crowdsecurity/crowdsec

    12,574Vezi pe GitHub↗

    CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl

    Integrates security inspection components with web applications to enforce request filtering and blocking.

    Goattacks-preventiondetectionids
    Vezi pe GitHub↗12,574
Înapoi123…4Înainte
  1. Home
  2. Security & Cryptography
  3. Web Application Security

Explorează sub-etichetele

  • CORS IntegrationsUsing cross-origin resource sharing to allow web applications to interact with remote file servers. **Distinct from Web Application Security:** Focuses specifically on the CORS-based connectivity between web apps and servers.
  • Java Security Manager PoliciesFine-grained permission control over web application behavior using the Java Security Manager. **Distinct from Web Application Security:** Distinct from general Web Application Security: specifically uses the Java Security Manager for fine-grained permission control.
  • Reconnaissance ToolsUtilities for mapping and discovering the structure of web applications. **Distinct from Web Application Security:** Distinct from Web Application Security: focuses on active discovery and mapping of endpoints rather than defensive security layers.
  • Secure Web Gateways1 sub-tagExposes internal web applications through a secure proxy with automated certificate management. **Distinct from Web Application Security:** Distinct from Web Application Security: focuses on the proxying and gateway functionality rather than application-level vulnerability protection.
  • Web Application AnalysisActive probing and fuzzing of web applications to identify endpoints and secrets. **Distinct from Web Application Security:** Focuses on the analysis and discovery of application flaws rather than the implementation of security middleware.
  • Web Security Auditing2 sub-tag-uriProcesses and toolsets for systematically verifying the security posture of web applications. **Distinct from Web Application Security:** Distinct from general Web Application Security by focusing on the auditing and verification process rather than the protective middleware.