awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

Securitatea și analiza rețelelor

Clasament actualizat la 23 iun. 2026

For Securitatea rețelelor și analiză, the strongest matches are gyulyvgc/sniffnet (This application is a desktop network traffic analyzer that), pi-hole/pi-hole (Pi-hole is a self-hosted network utility that functions as) and carpedm20/awesome-hacking (This project is a comprehensive, community-curated directory of cybersecurity). valdikss/goodbyedpi and threat9/routersploit round out the shortlist. Each is ranked by relevance to your query, popularity and recent activity.

Explorează instrumente open-source pentru monitorizarea traficului de rețea, detectarea intruziunilor și securizarea infrastructurii împotriva amenințărilor cibernetice.

Securitatea și analiza rețelelor

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • gyulyvgc/sniffnetAvatar GyulyVGC

    GyulyVGC/sniffnet

    39,325Vezi pe GitHub↗

    This application is a desktop network traffic analyzer that provides real-time monitoring and forensic inspection of data packets. By interfacing directly with low-level system drivers, it captures raw network traffic from physical or virtual adapters to identify communication patterns, track bandwidth usage, and diagnose connectivity issues. The system distinguishes itself through an immediate-mode graphical interface that rebuilds the display state every frame, ensuring high responsiveness during live data updates. It maintains performance by using asynchronous message passing to decouple t

    RustKernel NetworkingNetwork Security MonitorsNetwork Traffic Analyzers
    Vezi pe GitHub↗39,325
  • pi-hole/pi-holeAvatar pi-hole

    pi-hole/pi-hole

    59,314Vezi pe GitHub↗

    Pi-hole is a self-hosted network utility that functions as a DNS sinkhole server to provide network-wide ad blocking. By acting as a dedicated network gateway, it intercepts and discards requests for known advertising, tracking, and malicious domains across an entire local network, preventing unwanted content from loading on any connected device. The software operates through a lightweight background daemon that handles high volumes of concurrent DNS queries with minimal resource overhead. It utilizes a host-file injection mechanism to redirect traffic toward its local filtering engine and ap

    ShellDNS DaemonsDNS Filtering SolutionsDNS Sinkholes
    Vezi pe GitHub↗59,314
  • carpedm20/awesome-hackingAvatar carpedm20

    carpedm20/awesome-hacking

    15,722Vezi pe GitHub↗

    This project is a comprehensive, community-curated directory of cybersecurity resources, tools, and educational materials. It functions as a centralized index for researchers and students to discover frameworks and utilities across the entire security lifecycle, ranging from initial vulnerability assessment to post-exploitation analysis. The repository distinguishes itself through a hierarchical taxonomy that organizes diverse security disciplines into a searchable, version-controlled knowledge base. Rather than hosting software directly, it utilizes a decentralized aggregation model that lin

    Awesome ListPenetration Testing ResourcesPenetration Testing Tools
    Vezi pe GitHub↗15,722
  • valdikss/goodbyedpiAvatar ValdikSS

    ValdikSS/GoodbyeDPI

    27,936Vezi pe GitHub↗

    GoodbyeDPI is a censorship circumvention utility designed to bypass deep packet inspection and restrictive network filtering. It functions as a background engine that intercepts and modifies network traffic at the kernel level, allowing users to maintain connectivity in environments where specific protocols or web content are blocked. The tool employs active manipulation techniques to confuse inspection hardware, including TCP stream fragmentation, HTTP header obfuscation, and the injection of out-of-order packets. By altering packet structures and dropping specific redirection patterns, it m

    CCensorship Circumvention ToolsDPI Evasion ToolsActive DPI Circumvention
    Vezi pe GitHub↗27,936
  • threat9/routersploitAvatar threat9

    threat9/routersploit

    13,150Vezi pe GitHub↗

    Routersploit is a penetration testing framework designed for the security assessment of embedded network devices and routers. It functions as a comprehensive tool for auditing hardware configurations and testing network protocols to identify and verify security vulnerabilities. The framework utilizes a modular plugin architecture that allows for the dynamic loading of exploit and scanner modules. It provides a centralized command interface that manages target state and executes controlled payloads, enabling the automation of security testing across diverse network hardware. The platform cove

    PythonPenetration Testing FrameworksAutonomous Penetration TestingHardware Security Tools
    Vezi pe GitHub↗13,150
  • lissy93/personal-security-checklistAvatar Lissy93

    Lissy93/personal-security-checklist

    21,691Vezi pe GitHub↗

    This project provides a comprehensive, modular framework for auditing and hardening personal digital and physical security. It functions as a structured, platform-agnostic knowledge base that breaks down complex security standards into granular, actionable tasks. By utilizing a static documentation architecture, the project ensures that its guidance remains accessible and transparent, allowing users to track their security posture incrementally through a persistent, manual progress-tracking system. The project distinguishes itself by bridging the gap between digital cybersecurity and physical

    TypeScriptAwesome ListMulti-Factor AuthenticationPersonal Identity Protection
    Vezi pe GitHub↗21,691
  • swisskyrepo/payloadsallthethingsAvatar swisskyrepo

    swisskyrepo/PayloadsAllTheThings

    78,434Vezi pe GitHub↗

    This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data i

    PythonCommunity-Sourced Knowledge BasesOffensive Security CheatsheetsRemote File Inclusion Payloads
    Vezi pe GitHub↗78,434
  • byt3bl33d3r/crackmapexecAvatar byt3bl33d3r

    byt3bl33d3r/CrackMapExec

    9,144Vezi pe GitHub↗

    CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize

    PythonPenetration Testing FrameworksPenetration Testing SuitesActive Directory Security
    Vezi pe GitHub↗9,144
  • z4nzu/hackingtoolAvatar Z4nzu

    Z4nzu/hackingtool

    77,515Vezi pe GitHub↗

    This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext

    PythonExploit FrameworksHash Cracking ToolsPenetration Testing Suites
    Vezi pe GitHub↗77,515
  • voltagent/awesome-claude-code-subagentsAvatar VoltAgent

    VoltAgent/awesome-claude-code-subagents

    21,906Vezi pe GitHub↗

    This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven

    ShellAgent Discovery InterfacesAgentic Task AutomationAgentic Task Orchestrators
    Vezi pe GitHub↗21,906
  • oisf/suricataAvatar OISF

    OISF/suricata

    6,008Vezi pe GitHub↗

    Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in real-time to identify and alert on malicious activity. It operates as a rule-based threat detection system, matching traffic against user-defined signatures to detect known attack patterns and policy violations, and can be placed inline to actively block malicious packets before they reach their target. The engine inspects a wide range of application-layer protocols including HTTP, DNS, TLS, SMB, and MQTT, and supports high-performance packet capture through specialized hardware a

    CNetwork Intrusion DetectionTraffic Capture FrameworksApplication-Layer Protocol Inspections
    Vezi pe GitHub↗6,008
  • shadowsocks/shadowsocksAvatar shadowsocks

    shadowsocks/shadowsocks

    33,580Vezi pe GitHub↗

    Shadowsocks is a secure network tunneling tool designed for censorship circumvention and private internet connectivity. It functions as a proxy system that routes traffic through encrypted tunnels, allowing users to bypass regional network restrictions and protect data from interception across public infrastructures. The project utilizes a lightweight, custom proxy protocol that incorporates stream-based cipher encryption to obfuscate payload content and prevent deep packet inspection. By employing an asynchronous, event-driven networking model, the system manages concurrent connections effic

    PythonCensorship Circumvention ToolsProxy ClientsSecure Tunneling
    Vezi pe GitHub↗33,580
  • systemsapproach/bookAvatar SystemsApproach

    SystemsApproach/book

    3,298Vezi pe GitHub↗

    This project is a comprehensive computer networking textbook and instructional resource. It serves as a technical guide for the design and implementation of network layers, protocols, and hardware architecture, covering the spectrum from physical links to application-layer protocols. The content provides a detailed study of standards for congestion control, reliable data delivery, and internetwork routing. It includes specialized technical material on network security, public-key infrastructure, and the operation of modern cloud infrastructure and data centers. The material covers a broad ra

    PythonComputer NetworksProtocol Abstraction LayersTechnical Literature
    Vezi pe GitHub↗3,298
  • robertdavidgraham/masscanAvatar robertdavidgraham

    robertdavidgraham/masscan

    25,355Vezi pe GitHub↗

    Masscan is a command-line network scanner designed for large-scale discovery and infrastructure reconnaissance. It identifies open ports across specific network segments or the entire internet by probing vast address ranges with high efficiency. The tool functions as an asynchronous packet engine, bypassing standard operating system kernel networking stacks to transmit raw packets directly from application memory. The project distinguishes itself through a specialized architecture that manages millions of concurrent connections by separating packet transmission and reception into independent

    CNetwork Discovery ToolsPacket EnginesPort Scanners
    Vezi pe GitHub↗25,355
  • nmap/nmapAvatar nmap

    nmap/nmap

    13,065Vezi pe GitHub↗

    Nmap is a command-line network security scanner and reconnaissance framework designed for infrastructure mapping and security auditing. It functions as a packet crafting utility that probes target systems to identify active hosts, detect open ports, and determine the services and operating systems running on a network. The tool distinguishes itself through its ability to perform raw socket packet injection and stateful connection tracking, allowing it to bypass standard operating system networking stacks. It utilizes an asynchronous concurrency model to manage large-scale network scans and em

    CNetwork ScannersPort ScannersNetwork Device Discovery
    Vezi pe GitHub↗13,065
  • owasp/cheatsheetseriesAvatar OWASP

    OWASP/CheatSheetSeries

    32,298Vezi pe GitHub↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    PythonFramework Security ModulesInjection PreventionLLM Prompt Injection Prevention
    Vezi pe GitHub↗32,298
  • mitmproxy/mitmproxyAvatar mitmproxy

    mitmproxy/mitmproxy

    43,943Vezi pe GitHub↗

    Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using cust

    PythonCertificate AuthoritiesCertificate Authority ManagementHTTP Proxies
    Vezi pe GitHub↗43,943
  • rustfs/rustfsAvatar rustfs

    rustfs/rustfs

    28,850Vezi pe GitHub↗

    Rustfs is a distributed object storage system designed for high availability and horizontal scalability. It functions as a cluster-based platform that manages data across multiple nodes, providing a self-hosted infrastructure for large-scale storage requirements. The system is built to be container-native, utilizing an operator to automate deployment and management within orchestrated environments. It provides compatibility with standard object storage protocols, allowing existing applications and tools to interact with the storage layer through a translation interface. To ensure long-term re

    RustDistributed Storage ClustersCloud Native Object StorageKubernetes Operators
    Vezi pe GitHub↗28,850
  • aquasecurity/trivyAvatar aquasecurity

    aquasecurity/trivy

    36,462Vezi pe GitHub↗

    Trivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations agai

    GoContainer Security ScannersVulnerability ScannersInfrastructure as Code Scanners
    Vezi pe GitHub↗36,462
  • alibaba/tengineAvatar alibaba

    alibaba/tengine

    13,276Vezi pe GitHub↗

    Tengine is an enhanced Nginx web server distribution designed for high-traffic environments. It functions as a high-performance reverse proxy, dynamic load balancer, and HTTP/3 proxy server, integrating an embedded Lua scripting engine to allow for custom business logic and dynamic request processing. The project distinguishes itself through a focus on modern transport protocols and efficiency, featuring native support for QUIC and HTTP/3 to reduce connection latency. It implements userspace UDP forwarding to bypass the kernel for higher throughput and provides the ability to dynamically upda

    CHigh-Performance HTTP ServersNon-blocking IO ArchitecturesDynamic Configuration
    Vezi pe GitHub↗13,276
  • tailscale/tailscaleAvatar tailscale

    tailscale/tailscale

    32,596Vezi pe GitHub↗

    Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is it

    GoAccess Control PoliciesIdentity AuthenticationIdentity Provider Integrations
    Vezi pe GitHub↗32,596
  • zalando/postgres-operatorAvatar zalando

    zalando/postgres-operator

    5,093Vezi pe GitHub↗

    This project is a PostgreSQL Kubernetes operator and database orchestrator designed to automate the deployment, scaling, and lifecycle management of high-availability database clusters. It functions as a controller that uses declarative manifests to provision and synchronize the state of database instances within a cluster. The system manages high availability through streaming replication and ensures constant availability during maintenance via rolling updates. It also serves as a backup and recovery manager, handling point-in-time recovery, logical backups, and cluster cloning using cloud s

    GoDatabase High AvailabilityPostgreSQL Kubernetes AdministrationBackup & Recovery
    Vezi pe GitHub↗5,093
  • danielmiessler/seclistsAvatar danielmiessler

    danielmiessler/SecLists

    71,596Vezi pe GitHub↗

    SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log

    PHPSecurity WordlistsVulnerability Assessment and TestingAwesome List
    Vezi pe GitHub↗71,596
  • open-webui/open-webuiAvatar open-webui

    open-webui/open-webui

    142,694Vezi pe GitHub↗

    Open WebUI is a self-hosted, web-based platform designed for interacting with local and remote artificial intelligence models. It functions as a unified interface and orchestration suite, enabling users to build, deploy, and manage specialized AI agents equipped with custom instructions, external tool access, and private knowledge bases. The platform distinguishes itself through a modular architecture that supports complex AI workflows. It features a plugin-based framework for custom logic and pipeline-based request processing, allowing developers to filter or transform data streams before th

    PythonAgent FrameworksAgent OrchestrationChat Interfaces
    Vezi pe GitHub↗142,694
  • juanfont/headscaleAvatar juanfont

    juanfont/headscale

    40,074Vezi pe GitHub↗

    Headscale is a self-hosted control plane for private mesh networking that enables the creation of secure, encrypted peer-to-peer networks. By acting as a centralized coordination server, it manages device authentication, cryptographic key exchange, and network topology, allowing distributed infrastructure to communicate without relying on third-party services. It implements a zero-trust security architecture, verifying device and user identity before granting access to internal resources. The project distinguishes itself by providing a fully independent, self-hosted alternative for managing n

    GoControl Plane ProtocolsIdentity-Aware InfrastructureMesh Networking
    Vezi pe GitHub↗40,074
  • projectdiscovery/naabuAvatar projectdiscovery

    projectdiscovery/naabu

    5,766Vezi pe GitHub↗

    Naabu is a port scanner library and tool that probes hosts for open ports using SYN, CONNECT, and UDP methods to identify active services. It functions as a Go library for embedding port scanning into programs, and as a standalone tool that accepts targets as hostnames, IP addresses, CIDR ranges, or ASN numbers. The tool discovers live hosts before scanning, filters ports by range or top lists, and can integrate with Nmap for service version detection. The project distinguishes itself through its SYN-based port probing approach that sends TCP SYN packets and analyzes responses without complet

    GoActive Wordlist BruteforcingASN-Based ScanningAsset
    Vezi pe GitHub↗5,766
  • gfwlist/gfwlistAvatar gfwlist

    gfwlist/gfwlist

    25,067Vezi pe GitHub↗

    This project is a community-curated database of network patterns designed to facilitate regional access bypass. It functions as a centralized, crowdsourced registry where distributed contributors submit and verify domain identifiers to maintain an accurate and up-to-date list of network rules. The registry provides a declarative syntax that allows diverse proxy clients to distinguish between local and restricted traffic. By standardizing these rules, the project enables automated configuration of routing tables, ensuring that only specific requests are directed through external proxy tunnels.

    Access Bypass ToolsNetwork Traffic FiltersAwesome List
    Vezi pe GitHub↗25,067
  • grpc/grpc-goAvatar grpc

    grpc/grpc-go

    22,962Vezi pe GitHub↗

    grpc-go is a Go language implementation of the gRPC framework, providing a remote procedure call library for high-performance service communication. It uses the HTTP/2 protocol to execute functions on remote servers as if they were local methods and utilizes protobuf service bindings to generate type-safe client and server code. The project features a bidirectional streaming transport that supports asynchronous, full-duplex message streams between clients and servers. This networking layer allows for various communication patterns, including client-to-server and server-to-client streaming, to

    GoHTTP/2 Transport LayersRemote Procedure CallsAPI Binding Generators
    Vezi pe GitHub↗22,962
  • gorhill/ublockAvatar gorhill

    gorhill/uBlock

    65,524Vezi pe GitHub↗

    uBlock is a browser-based content blocker that functions as a declarative filtering engine to intercept network requests and modify web page content. It operates by parsing standardized filter lists into optimized data structures, allowing it to block network hosts, enforce security policies, and prevent unauthorized data transmission. The extension provides a comprehensive security layer that monitors outgoing traffic and disables intrusive browser features to enhance user privacy. What distinguishes this project is its granular control over filtering behavior through a dynamic rule orchestr

    JavaScriptDeclarative Filtering EnginesNetwork Host BlockersBrowser Privacy Configurations
    Vezi pe GitHub↗65,524
  • unetworking/uwebsocketsAvatar uNetworking

    uNetworking/uWebSockets

    18,888Vezi pe GitHub↗

    uWebSockets is a high-performance networking engine providing an HTTP web server and a WebSocket server framework. It implements a multi-threaded event loop architecture to deploy isolated application instances across multiple CPU cores and includes an SSL/TLS network layer for secure, encrypted communication. The project features a dedicated WebSocket pub/sub engine for distributing messages to specific groups of connected clients. It optimizes network throughput through syscall corking to reduce kernel overhead and employs payload compression to minimize data transfer sizes. The system cov

    C++High-Performance Web ServicesWebSocket ServersEncrypted Connection Handlers
    Vezi pe GitHub↗18,888
  • sqlmapproject/sqlmapAvatar sqlmapproject

    sqlmapproject/sqlmap

    37,676Vezi pe GitHub↗

    This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuris

    PythonInjection TestersSQL Injection ToolsDatabase Enumerators
    Vezi pe GitHub↗37,676
  • crystal-lang/crystalAvatar crystal-lang

    crystal-lang/crystal

    20,299Vezi pe GitHub↗

    Crystal is a statically typed, compiled programming language designed for high performance and memory safety. It leverages an LLVM-based compiler to translate source code into optimized machine-executable binaries, while its type-inference-based static analysis enforces strict safety rules during the build process. The language distinguishes itself through a fiber-based concurrent runtime that manages lightweight execution units for asynchronous input and output without blocking the main process. It also features a powerful compile-time macro system that allows for the inspection and transfor

    CrystalBinary Compilation ToolchainsCompile-Time Metadata InspectionHigh-Performance Systems Programming
    Vezi pe GitHub↗20,299
  • mhsanaei/3x-uiAvatar MHSanaei

    MHSanaei/3x-ui

    40,785Vezi pe GitHub↗

    This project is a comprehensive network traffic orchestrator and server infrastructure manager designed to provide centralized control over secure tunneling, routing, and security policies. It functions as a web-based dashboard that enables administrators to deploy and maintain network services, enforce access restrictions, and manage traffic flow through a private server environment. The platform distinguishes itself by integrating advanced traffic anonymization and routing capabilities, including support for relay networks and secure tunnels to bypass regional restrictions. It provides gran

    GoTraffic Orchestration PlatformsContainer OrchestrationNetwork Security Hardening
    Vezi pe GitHub↗40,785
  • getumbrel/llama-gptAvatar getumbrel

    getumbrel/llama-gpt

    10,991Vezi pe GitHub↗

    Llama-GPT is a self-hosted generative AI model runner that provides a private web interface for interacting with large language models. By executing these models directly on local hardware, it ensures that all intelligent assistance remains offline and independent of external cloud service providers. The project functions as a private assistant that maintains complete data ownership by storing all application state and model interactions on local storage volumes. It is designed to operate within a broader self-hosted computing environment, allowing users to maintain control over their persona

    TypeScriptSelf-Hosted AI ModelsLLM Chat InterfacesLocal Inference Engines
    Vezi pe GitHub↗10,991
  • loyalsoldier/clash-rulesAvatar Loyalsoldier

    Loyalsoldier/clash-rules

    27,127Vezi pe GitHub↗

    Clash-rules provides a standardized, declarative system for managing network traffic routing across desktop and mobile proxy clients. It functions as a centralized configuration provider that uses structured rule sets to categorize outgoing requests, allowing users to define whether specific connections should be proxied, rejected, or routed directly. The project distinguishes itself through its comprehensive, curated rulesets that enable granular control over network behavior. By employing domain-pattern matching, CIDR-based network analysis, and application-specific signatures, it ensures c

    Clash Configuration ManagersTraffic Routing RulesNetwork Traffic Routing Rulesets
    Vezi pe GitHub↗27,127
  • jpillora/chiselAvatar jpillora

    jpillora/chisel

    15,615Vezi pe GitHub↗

    Chisel is a network tunneling tool that facilitates secure communication by encapsulating TCP and UDP traffic within HTTP requests. It functions as a connection multiplexer, consolidating multiple logical network streams into a single persistent connection to improve throughput and reduce overhead. By leveraging standard web protocols, the system enables firewall traversal and provides a mechanism for remote port forwarding and proxying. The project distinguishes itself through its focus on resilient connectivity and granular access control. It maintains persistent network sessions across uns

    GoConnection MultiplexingHTTP TunnelsRemote Access Tunnels
    Vezi pe GitHub↗15,615
  • rapid7/metasploit-frameworkAvatar rapid7

    rapid7/metasploit-framework

    38,415Vezi pe GitHub↗

    The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to

    RubyPenetration Testing PlatformsExploit FrameworksExploitation Frameworks
    Vezi pe GitHub↗38,415
  • adguardteam/adguardfiltersAvatar AdguardTeam

    AdguardTeam/AdguardFilters

    4,142Vezi pe GitHub↗

    AdguardFilters is a collection of curated adblock filter lists, content blocking rulesets, and DNS blocklists. Its primary purpose is to provide the rules necessary to identify and remove advertisements, tracking scripts, and intrusive elements across web browsers and applications. The project includes specialized rules for cosmetic filtering to hide layout gaps and a malware domain database to block phishing and spyware destinations. It provides distinct filtering sets for different regions and purposes, such as social media blocking. The repository covers broad capability areas including m

    Adblock Filter ListAd Blocking and Breakage RepairsDeclarative Blocking RulesPrivacy and Ad Blocking
    Vezi pe GitHub↗4,142
  • metacubex/mihomoAvatar MetaCubeX

    MetaCubeX/mihomo

    31,596Vezi pe GitHub↗

    Mihomo is a rule-based network proxy and traffic orchestrator designed to manage internet connections by intercepting and routing data packets. It functions as a background service that directs traffic through various proxy nodes based on user-defined policies, allowing for granular control over outbound network paths. The engine distinguishes itself through a sophisticated domain pattern matching system that utilizes wildcard and suffix-based algorithms to categorize web traffic. It supports complex configuration management by allowing users to define reusable data blocks and import external

    PythonTraffic Interception RulesTraffic Routing ToolsRule-Based Proxies
    Vezi pe GitHub↗31,596
  • trimstray/the-book-of-secret-knowledgeAvatar trimstray

    trimstray/the-book-of-secret-knowledge

    228,641Vezi pe GitHub↗

    This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal

    Awesome ListHyperlink-Centric Knowledge MapsSystem Administration Operations
    Vezi pe GitHub↗228,641
  • angristan/wireguard-installAvatar angristan

    angristan/wireguard-install

    10,588Vezi pe GitHub↗

    This project is a shell-based orchestration tool designed to automate the deployment and administration of WireGuard virtual private network servers on Linux hosts. It functions as a system-level networking utility that handles the installation of kernel modules, the configuration of secure tunnel interfaces, and the management of network routing rules to enable encrypted remote access. The tool provides an interactive command-line interface that simplifies the lifecycle management of network peers. It allows administrators to dynamically add or remove client access profiles, assign custom DN

    ShellWireGuard ManagementVPN InstallersSecure Remote Access
    Vezi pe GitHub↗10,588
  • metacubex/clashmetaforandroidAvatar MetaCubeX

    MetaCubeX/ClashMetaForAndroid

    34,190Vezi pe GitHub↗

    Clash Meta for Android is a system-level network utility that functions as a rule-based proxy engine for mobile devices. It operates by intercepting system-wide network traffic through a virtual interface, allowing it to route data packets through configurable tunnels based on domain, IP, and geo-location patterns. By acting as a transparent proxy, the application manages connectivity and enhances privacy for all installed software on the device. The project distinguishes itself by utilizing a high-performance, cross-compiled proxy kernel that handles concurrent connections and protocol trans

    KotlinRule-Based Network ProxiesTraffic Routing EnginesRule-Based Tunnels
    Vezi pe GitHub↗34,190
  • cilium/ciliumAvatar cilium

    cilium/cilium

    23,806Vezi pe GitHub↗

    Cilium is a networking, security, and observability platform for containerized environments that leverages kernel-level data paths to process traffic. By executing programs directly within the Linux kernel, it provides high-performance packet filtering, routing, and load balancing without the need for traditional user-space proxies or context switching. The platform distinguishes itself through identity-based security enforcement, which filters traffic based on service labels rather than volatile IP addresses. It integrates containerized workloads with external physical or virtual infrastruct

    GoKubernetes Traffic ControllersIdentity-Based Access ControlKernel Networking Hooks
    Vezi pe GitHub↗23,806
  • xx-net/xx-netAvatar XX-net

    XX-net/XX-Net

    33,454Vezi pe GitHub↗

    XX-Net is a cross-platform desktop application that functions as a local proxy server and network traffic router. It intercepts outgoing network requests from a local machine and redirects them through encrypted tunnels to a distributed mesh of cloud-based nodes, facilitating secure and reliable access to external resources. The software distinguishes itself by providing a centralized management interface for coordinating complex proxy infrastructure. It employs rule-based traffic routing, allowing users to define custom logic based on destination addresses and protocols to determine the opti

    PythonProxy MeshesCensorship Circumvention ToolsCross-Platform Proxy Clients
    Vezi pe GitHub↗33,454
  • slackhq/nebulaAvatar slackhq

    slackhq/nebula

    17,405Vezi pe GitHub↗

    Nebula is a scalable, decentralized overlay networking tool designed to create secure, encrypted peer-to-peer connections between distributed hosts. By utilizing a certificate-based identity authority, it enables the construction of private communication fabrics across disparate physical infrastructures, such as multiple cloud providers or on-premises data centers, without requiring central authentication servers. The project distinguishes itself through a zero-trust architecture that enforces granular, policy-driven firewall filtering based on certificate-derived group memberships. It facili

    GoCertificate AuthoritiesMesh NetworkingOverlay Networks
    Vezi pe GitHub↗17,405
  • shadowsocks/shadowsocks-windowsAvatar shadowsocks

    shadowsocks/shadowsocks-windows

    59,574Vezi pe GitHub↗

    Shadowsocks-Windows is a desktop proxy manager that provides a graphical interface for configuring system-wide network routing. It functions as a local SOCKS5 or HTTP proxy server, intercepting outbound traffic through system-level injection to route requests through secure, encrypted remote tunnels. The application distinguishes itself through a modular architecture that supports plugin-based transport extensibility, allowing users to integrate external binaries for custom traffic obfuscation and specialized cryptographic protocols. It also enables high-availability networking by automatical

    C#Tunneling ProtocolsWindowsExtensible
    Vezi pe GitHub↗59,574
  • signalapp/signal-androidAvatar signalapp

    signalapp/Signal-Android

    28,964Vezi pe GitHub↗

    Signal-Android is an end-to-end encrypted messaging platform designed to ensure that only the sender and recipient can access communication content. The project provides a comprehensive framework for secure, asynchronous message initiation and key agreement, allowing users to establish private channels without requiring simultaneous online presence. It relies on a state machine architecture to manage communication epochs and authentication, ensuring consistent security transitions throughout the messaging lifecycle. The platform distinguishes itself through a hybrid cryptographic approach tha

    KotlinCryptographic ProtocolsDigital Signature LibrariesDigital Signature Schemes
    Vezi pe GitHub↗28,964
  • wg-easy/wg-easyAvatar wg-easy

    wg-easy/wg-easy

    24,645Vezi pe GitHub↗

    This project provides a self-hosted, containerized WireGuard VPN server that simplifies network administration through a web-based management interface. It allows users to deploy and manage VPN tunnels, configure peer identities, and monitor connection status without the need for manual configuration file editing. By bundling the VPN stack into a portable container, it ensures consistent deployment and persistent state management across diverse host environments. A key differentiator is the built-in support for traffic obfuscation, which modifies packet headers and handshake patterns to help

    TypeScriptWireGuard ManagementVPN ClientsTraffic Obfuscation
    Vezi pe GitHub↗24,645
Compară top 10 dintr-o privire
RepositorySteleLimbajLicențăUltimul push
gyulyvgc/sniffnet39.3KRustApache-2.014 iun. 2026
pi-hole/pi-hole59.3KShellNOASSERTION14 iun. 2026
carpedm20/awesome-hacking15.7K—mit2 iun. 2024
valdikss/goodbyedpi27.9KCapache-2.019 ian. 2026
threat9/routersploit13.2KPythonNOASSERTION5 mai 2026
lissy93/personal-security-checklist21.7KTypeScriptNOASSERTION28 feb. 2026
swisskyrepo/payloadsallthethings78.4KPythonMIT6 iun. 2026
byt3bl33d3r/crackmapexec9.1KPythonBSD-2-Clause6 dec. 2023
z4nzu/hackingtool77.5KPythonMIT15 mar. 2026
voltagent/awesome-claude-code-subagents21.9KShellMIT15 iun. 2026

Related searches

  • an open source tool for network security
  • a professional certification for network security
  • Network traffic analyzer
  • instrument pentru capturarea și analizarea traficului de rețea
  • an open source firewall for network security
  • sistem de detecție a intruziunilor
  • traseu de învățare în security engineering
  • a collection of security cheat sheets