Security tooling has split into four buckets that teams adopt across, not from. Static analysis (semgrep, CodeQL, Bearer and language-specific linters) inspects code at rest. Software composition analysis (Trivy, Grype, OSV-Scanner, Syft) tracks dependency CVEs and licence drift. Secret scanners (Gitleaks, TruffleHog, detect-secrets) catch credentials in commits before they hit history. And the security-automation layer — SBOM builders, policy engines, IaC scanners, the red-team toolbox — orchestrates the rest into CI pipelines or runtime guardrails. Signal patterns are weird in this category. A critical CVE drop drives huge traffic to whichever scanner detects it first, then settles. Project usage routinely outpaces star counts because enterprises adopt scanners without publicly contributing love. And the long tail of pen-testing and red-team tooling produces continuous low-key activity. The ranking smooths over the spikes by counting sustained mention activity alongside stars. The unflashy security tools are usually the best ones — the projects with a decade of incremental release notes outperform the viral newcomer over any horizon longer than a quarter. When evaluating, the things that actually matter: signal-to-noise ratio (every scanner produces false positives — read the issue tracker to see how the project triages them), the provenance of the security tool itself (a security tool with weak provenance is worse than no tool), and integration shape: CI plugin, pre-commit hook, runtime daemon, or standalone CLI.
Terminal security for developers and AI agents. Intercepts homograph URLs, pipe-to-shell, ANSI injection, obfuscated payloads, data exfiltration, and malicious AI skills/configs before they execute.
A curated list of public-source, research, and commercial tools for AI security and AI-assisted cybersecurity — autotriage, agent security, AI/ML supply chain, pentest agents, AI SAST, LLM-driven fuzzing, threat intelligence, SOC/SIEM triage, reverse engineering, LLM red-teaming, and more.
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
Scan and flag suspicious neovim plugins
nordlocker password manager download windows — NordLocker for Windows 11 & 10. Direct download, install steps and setup guide.
OpenFlare is an open-source CDN orchestration and edge security platform. It supports reverse proxies, centralized configuration synchronization, secure intranet penetration (Tunnels), dynamic WAF protection, and anti-CC challenges.
Local Area Network discovery tool with an interactive Terminal User Interface (TUI) written in Go. Discover, explore, and understand your LAN in an intuitive way. Knock Knock.. who's there? 🚪
Spoof hardware identifiers to bypass system-level bans and restrictions.