awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

318 个仓库

Awesome GitHub RepositoriesWeb and Network Security

Standards, policies, and tools designed to protect web applications and network traffic from common internet-based threats.

Explore 318 awesome GitHub repositories matching security & cryptography · Web and Network Security. Refine with filters or upvote what's useful.

Awesome Web and Network Security GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • sindresorhus/awesomesindresorhus 的头像

    sindresorhus/awesome

    476,211在 GitHub 上查看↗

    这是一个由社区维护的目录,作为软件工具、框架和教育资源的综合索引。它充当开源知识库,将不同的工程领域和技术资源组织成结构化的分类体系,以帮助开发者发现高质量内容。 该目录通过去中心化的同行评审模型脱颖而出,由独立贡献者策划、验证和更新条目,以确保准确性和相关性。所有信息均以版本控制的纯文本 Markdown 格式存储,确保了整个集合的平台独立性、透明度和可审计性。 该项目涵盖了广泛的能力领域,包括技术资源发现、职业发展和软件开发知识管理。它提供结构化的学习路径、基础设施和安全工具、数据管理实用程序,以及从医疗保健到数字人文等领域的专业资源。 该仓库作为公共版本控制集合进行维护,支持程序化访问和社区驱动的数据更新。

    Enables the generation, sniffing, and modification of individual network packets.

    awesomeawesome-listlists
    在 GitHub 上查看↗476,211
  • donnemartin/system-design-primerdonnemartin 的头像

    donnemartin/system-design-primer

    353,387在 GitHub 上查看↗

    这是一个关于分布式系统架构和后端基础设施设计的综合教育资源和学习指南。它为掌握设计复杂软件系统所需的扩展性、可靠性和性能原则提供了结构化课程。 该仓库通过提供一种系统化的技术面试准备方法脱颖而出,结合了设计模式、架构权衡和间隔重复工具,帮助用户记忆复杂概念。它强调约束驱动的分析,教授用户在起草架构设计时如何评估延迟、一致性和可用性等相互竞争的需求。 内容涵盖了广泛的系统设计能力,包括数据库扩展、流量管理和基础设施优化策略。它详细介绍了水平扩展、多层缓存、异步通信和服务发现技术,同时还提供了用于执行资源估算和容量规划的框架。 文档以学习指南的形式组织,为后端工程和大规模系统设计的基础知识提供了系统化的路径。

    Discusses configuring firewall rules to restrict network access and secure backend components.

    Pythondesigndesign-patternsdesign-system
    在 GitHub 上查看↗353,387
  • awesome-selfhosted/awesome-selfhostedawesome-selfhosted 的头像

    awesome-selfhosted/awesome-selfhosted

    299,516在 GitHub 上查看↗

    这是一个由社区策划的开源软件目录,专为在私有服务器环境和家庭实验室中部署而设计。它作为发现主流云服务独立自托管替代方案的综合资源,使用户能够保持对数字基础设施的完全数据所有权和控制权。 该目录通过层级分类法构建,将庞大的应用程序集合组织成逻辑类别,范围从媒体管理和数据分析到私有通信和团队生产力工具。它通过协作同行评审流程脱颖而出,社区成员验证每个提交的质量和相关性,以确保目录保持准确和可靠。 该项目涵盖了广泛的能力领域,包括基础设施自动化、基于容器的服务部署和声明式配置管理。这些工具协助用户维护可复现的服务器环境,并管理私有硬件上的复杂服务依赖。 该目录作为版本控制仓库进行维护,确保所有更新和社区驱动的变更都是可追踪且透明的。

    Delivers email messages to clients using standard retrieval protocols while prioritizing security and data protection during the transmission process.

    awesomeawesome-listcloud
    在 GitHub 上查看↗299,516
  • trimstray/the-book-of-secret-knowledgetrimstray 的头像

    trimstray/the-book-of-secret-knowledge

    228,641在 GitHub 上查看↗

    该项目作为一个中心化的、社区驱动的技术知识和管理资源仓库。它提供了一个结构化的分类体系,将分散的信息聚合到一个可搜索的框架中,支持系统管理员和网络安全从业者的持续学习和快速问题解决。通过映射跨越进攻性安全、基础设施管理和软件开发的资源,它为技能获取和专业参考提供了统一路径。 该项目由命令行优先的设计理念定义,优先考虑基于终端的实用程序和可脚本化的接口,以促进高效的系统管理和可重复的安全工作流。它通过平台无关的方法脱颖而出,维护在不同类 Unix 和云环境中保持适用的文档和操作指南。这种模块化的工具链集成允许用户组合针对特定管理或安全任务定制的自定义环境。 该仓库涵盖了广泛的能力领域,包括用于系统审计、网络管理和基础设施加固的综合工具包。它为网络安全技能发展提供了结构化的学习路径,范围从道德黑客实验室和渗透测试标准到漏洞评估和系统配置最佳实践。该集合还包含广泛的生产力工具、诊断实用程序和教育材料,旨在简化日常维护并增强整体安全态势。

    Anonymize network connections by routing traffic through Tor gateways.

    awesomeawesome-listbsd
    在 GitHub 上查看↗228,641
  • yt-dlp/yt-dlpyt-dlp 的头像

    yt-dlp/yt-dlp

    170,963在 GitHub 上查看↗

    This project is a command-line media downloader designed for the systematic retrieval and organization of digital content from diverse online platforms. It functions as an extensible extraction engine that utilizes a declarative format-selection pipeline to automate the identification, merging, and downloading of specific audio and video streams based on user-defined criteria. The system distinguishes itself through a modular architecture that supports custom plugins and site-specific scripts, allowing for the bypass of platform restrictions and the handling of complex authentication challeng

    Manipulates request headers and query parameters to simulate legitimate client behavior and bypass platform-specific access restrictions.

    Pythonclidownloaderpython
    在 GitHub 上查看↗170,963
  • denoland/denodenoland 的头像

    denoland/deno

    107,110在 GitHub 上查看↗

    Deno is a high-performance runtime for JavaScript and TypeScript that prioritizes security and developer productivity. Built on the V8 engine, it provides a secure execution environment that enforces a default-deny security model, requiring explicit user authorization for access to system resources like the file system, network, and environment variables. The runtime natively supports modern web-standard APIs, ensuring consistent behavior and portability across different environments. What distinguishes Deno is its integrated approach to the software development lifecycle. It bundles essentia

    Controls network connectivity by enforcing explicit allow or deny rules for specific hostnames, IP addresses, and ports.

    Rustdenojavascriptrust
    在 GitHub 上查看↗107,110
  • chatgptnextweb/nextchatChatGPTNextWeb 的头像

    ChatGPTNextWeb/NextChat

    88,256在 GitHub 上查看↗

    NextChat is a self-hosted web application that provides a unified interface for interacting with multiple large language models. It functions as a conversational platform where users can manage and switch between diverse AI providers through configurable API backends, maintaining full control over their data and infrastructure. The platform features a persistent session layer designed to handle long-running dialogues by managing message history and context. It distinguishes itself through a structured prompt engineering environment that allows for the development and application of templates

    Masks sensitive API credentials by acting as a secure backend proxy for all outgoing model requests.

    TypeScriptcalclaudechatgptclaude
    在 GitHub 上查看↗88,256
  • chatgptnextweb/chatgpt-next-webChatGPTNextWeb 的头像

    ChatGPTNextWeb/ChatGPT-Next-Web

    88,262在 GitHub 上查看↗

    ChatGPT-Next-Web is a cross-platform web interface and frontend for interacting with large language models. It functions as a self-hosted client that allows users to connect to various AI model providers through a unified chat interface compatible with web browsers and desktop operating systems. The project includes a prompt template manager for creating and organizing reusable masks to standardize interactions. It supports self-hosting on private clouds to maintain data security and provides a centralized administrative panel for managing API resources and member access permissions. The app

    Implements a middleware proxy layer to securely manage API keys and route requests to various model providers.

    TypeScript
    在 GitHub 上查看↗88,262
  • syncthing/syncthingsyncthing 的头像

    syncthing/syncthing

    85,400在 GitHub 上查看↗

    Syncthing 是一个去中心化的文件同步引擎,通过点对点网状网络在多个设备间保持一致的数据状态。它作为后台守护进程运行,在受信任的节点之间自动复制文件的创建、修改和删除,无需中央服务器。通过利用内容可寻址块索引和块级增量同步,系统仅识别并传输文件的修改部分,从而确保在异构环境中高效地传播数据。 该项目以安全优先的架构著称,依赖相互 TLS 认证来验证设备身份,确保所有连接在加密上绑定到受信任的证书指纹。它支持灵活的同步模式,包括双向复制、用于备份的单向镜像以及基于引用的强制执行。为了增加隐私性,系统为不受信任的设备提供了文件夹级加密,并允许对网络流量进行细粒度控制,包括限制操作仅在本地网络进行或利用中继基础设施进行 NAT 穿透。 除了核心复制功能外,该平台还提供全面的管理工具,包括用于监控连接状态和吞吐量的 Web 仪表板,以及用于高级配置的命令行界面。它包含强大的版本控制策略以防止数据丢失,并通过原生服务集成和可观测性指标支持复杂的部署场景。该软件专为跨平台兼容性而设计,可通过标准包管理器或容器化环境安装。

    Restricts network exposure by disabling relaying, global discovery, and usage reporting to harden private environments.

    Gogop2ppeer-to-peer
    在 GitHub 上查看↗85,400
  • caddyserver/caddycaddyserver 的头像

    caddyserver/caddy

    73,492在 GitHub 上查看↗

    Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework. What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. I

    Handles the full lifecycle of certificates, including automated issuance, renewal, and HTTP-to-HTTPS redirection.

    Goacmeautomatic-httpscaddy
    在 GitHub 上查看↗73,492
  • apache/supersetapache 的头像

    apache/superset

    73,451在 GitHub 上查看↗

    Superset is a web-based business intelligence platform designed for data exploration, visualization, and interactive dashboarding. It functions as a query-driven analytics engine that connects to various SQL databases, allowing users to perform ad-hoc analysis, define virtual metrics, and build complex data visualizations through a centralized interface. The platform distinguishes itself through a robust semantic layer that transforms raw database schemas into calculated columns and virtual metrics, enabling consistent business logic across an organization. It features a plugin-based visualiz

    Permits controlled interaction with the application interface by specifying allowed origins for cross-domain requests.

    TypeScriptanalyticsapacheapache-superset
    在 GitHub 上查看↗73,451
  • thedaviddias/front-end-checklistthedaviddias 的头像

    thedaviddias/Front-End-Checklist

    72,941在 GitHub 上查看↗

    This project provides a comprehensive web development checklist designed to verify the production readiness of websites before they are launched. It serves as a technical audit framework that guides developers through a systematic, manual validation process to ensure that all quality, performance, and accessibility standards are met. The checklist distinguishes itself through a hierarchical taxonomy that organizes complex technical requirements into logical domains, such as security, performance, and semantic structure. By utilizing a progressive enhancement methodology, it encourages develop

    Define essential browser-level policies and encryption standards to safeguard user information and secure data transmission.

    MDXchecklistcssfront-end-developer-tool
    在 GitHub 上查看↗72,941
  • daytonaio/daytonadaytonaio 的头像

    daytonaio/daytona

    72,416在 GitHub 上查看↗

    Daytona is a cloud-native development environment platform designed to orchestrate ephemeral, containerized workspaces. It provides a centralized system for managing reproducible coding environments as code, ensuring consistency across distributed teams by abstracting the underlying infrastructure. By utilizing declarative configuration, the platform automates the entire lifecycle of development sandboxes, from initial provisioning to resource governance. The platform distinguishes itself through its infrastructure-agnostic runner layer, which allows development environments to be deployed ac

    Controls outbound internet connectivity for sandboxes using allow lists to prevent unauthorized data exfiltration.

    TypeScriptagentic-workflowaiai-agents
    在 GitHub 上查看↗72,416
  • gorhill/ublockgorhill 的头像

    gorhill/uBlock

    65,524在 GitHub 上查看↗

    uBlock is a browser-based content blocker that functions as a declarative filtering engine to intercept network requests and modify web page content. It operates by parsing standardized filter lists into optimized data structures, allowing it to block network hosts, enforce security policies, and prevent unauthorized data transmission. The extension provides a comprehensive security layer that monitors outgoing traffic and disables intrusive browser features to enhance user privacy. What distinguishes this project is its granular control over filtering behavior through a dynamic rule orchestr

    Directs network traffic flow by blocking requests to domains associated with tracking or malicious activity.

    JavaScriptblockerbrowser-extensionchromium
    在 GitHub 上查看↗65,524
  • containous/traefikcontainous 的头像

    containous/traefik

    63,656在 GitHub 上查看↗

    Traefik is a cloud-native load balancer and dynamic reverse proxy designed for microservices traffic routing. It automatically discovers services and generates network routes by listening to infrastructure changes in orchestrators and service registries. The project distinguishes itself through auto-configuring service routing, which eliminates manual configuration by updating routing rules in real time as infrastructure scales. It also provides automated SSL certificate management, utilizing ACME-based automation to request and renew certificates from remote authorities. Additional capabili

    Automates the complete lifecycle of TLS certificates, including issuance and renewal, via the ACME protocol.

    Go
    在 GitHub 上查看↗63,656
  • traefik/traefiktraefik 的头像

    traefik/traefik

    63,644在 GitHub 上查看↗

    Traefik is a cloud-native edge router and API gateway designed to manage service communication and traffic flow across distributed infrastructure. It functions as a dynamic service proxy that automatically discovers backend services and configures routing rules in real time, eliminating the need for manual restarts or complex configuration updates. By integrating directly with container orchestrators and service registries, it maintains a consistent state for network traffic, load balancing, and security policy enforcement. The project distinguishes itself through its deep integration with di

    Secures API endpoints by applying traffic inspection and defensive policies against unauthorized access.

    Goconsuldockeretcd
    在 GitHub 上查看↗63,644
  • dani-garcia/vaultwardendani-garcia 的头像

    dani-garcia/vaultwarden

    62,749在 GitHub 上查看↗

    Vaultwarden is a self-hosted password management server designed to store and synchronize sensitive credentials, identities, and organizational data across multiple client devices. It functions as a database-backed web application that provides an API layer for secure client-server communication, enabling users to manage personal vaults and organizational data sharing with multi-factor authentication. The project distinguishes itself through a comprehensive administrative infrastructure that provides centralized control over server configuration, user accounts, and system diagnostics via a de

    Injects custom HTTP security headers into proxy traffic to mitigate common web vulnerabilities and obscure sensitive server information.

    Rustbitwardenbitwarden-rsdocker
    在 GitHub 上查看↗62,749
  • addyosmani/agent-skillsaddyosmani 的头像

    addyosmani/agent-skills

    60,849在 GitHub 上查看↗

    Agent-skills is a collection of structured instructions and behavioral personas designed to standardize how AI coding agents perform engineering tasks. It functions as a workflow orchestrator that maps natural language intent to repeatable technical sequences and verification checklists. The project distinguishes itself through the use of specialized markdown-defined roles, such as security auditors or test engineers, to apply targeted domain expertise. It employs an evidence-based verification model that requires runtime data or passing tests as mandatory exit criteria to ensure AI-generated

    Validates URLs and allowlists hosts to reject private or reserved IP addresses, mitigating SSRF.

    Shellagent-skillsantigravityantigravity-ide
    在 GitHub 上查看↗60,849
  • xingshaocheng/architect-awesomexingshaocheng 的头像

    xingshaocheng/architect-awesome

    60,821在 GitHub 上查看↗

    This project serves as a comprehensive knowledge base and reference for distributed systems engineering and enterprise software architecture. It provides a structured collection of technical resources, design patterns, and methodologies intended to assist in the design, maintenance, and scaling of complex, high-performance software environments. The repository distinguishes itself by offering deep dives into core architectural concepts such as actor-based concurrency, aspect-oriented interception, and inversion-of-control containers. It emphasizes the practical application of distributed syst

    Defend network infrastructure against traffic floods by applying robust filtering and rate-limiting protocols.

    在 GitHub 上查看↗60,821
  • pi-hole/pi-holepi-hole 的头像

    pi-hole/pi-hole

    59,314在 GitHub 上查看↗

    Pi-hole is a self-hosted network utility that functions as a DNS sinkhole server to provide network-wide ad blocking. By acting as a dedicated network gateway, it intercepts and discards requests for known advertising, tracking, and malicious domains across an entire local network, preventing unwanted content from loading on any connected device. The software operates through a lightweight background daemon that handles high volumes of concurrent DNS queries with minimal resource overhead. It utilizes a host-file injection mechanism to redirect traffic toward its local filtering engine and ap

    Redirects queries for malicious or unwanted domains to a null address, effectively preventing connections to those servers.

    Shellad-blockerblockercloud
    在 GitHub 上查看↗59,314
上一个123456…16下一个
  1. Home
  2. Security & Cryptography
  3. Network and Infrastructure Security
  4. Web and Network Security

探索子标签

  • API Security1 个子标签Security measures and monitoring tools designed to protect application programming interfaces from unauthorized access and abuse.
  • Email Security5 个子标签Tools and protocols designed to protect electronic communications from unauthorized access, interception, or tampering.
  • Network Security9 个子标签Systems and practices that defend network infrastructure against unauthorized access, malicious traffic, and communication vulnerabilities.
  • Network Security Tools4 个子标签Utilities used to monitor, filter, and control network traffic to prevent malicious activity and unauthorized data access.
  • Security & HTTPS8 个子标签Solutions for managing digital certificates and encryption protocols to ensure secure, authenticated communication over the web.
  • Web Application Firewalls5 个子标签Gateways that monitor and filter incoming web traffic to block malicious requests targeting specific applications.
  • Web Security Policies4 个子标签Frameworks and configurations that enforce security rules to protect web applications from common browser-based attacks.