tldrsec/awesome-secure-defaults external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tldrsec/awesome-secure-defaults

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tldrsec/awesome-secure-defaults)

Close

tldrsec / awesome-secure-defaultsView on GitHubMore

• External links
• Readme badge

Awesome secure by default libraries to help you eliminate bug classes!

☆707Dec 6, 2025Updated 5 months ago

Alternatives and similar repositories for awesome-secure-defaults

Users that are interested in awesome-secure-defaults are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• openai / openai-security-bots

  View on GitHub
  ☆390Apr 15, 2026Updated last month
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆334Updated this week
• dark-warlord14 / CVENotifier

  View on GitHub
  Customized CVE FEED Notifier
  ☆113Apr 22, 2025Updated last year
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆596Feb 12, 2026Updated 3 months ago
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 5, 2026Updated 2 weeks ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆149Jun 18, 2024Updated last year
• RefactorSecurity / vscode-security-notes

  View on GitHub
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆142May 3, 2026Updated 3 weeks ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆733Updated this week
• tldrsec / prompt-injection-defenses

  View on GitHub
  Every practical and proposed defense against prompt injection.
  ☆692Feb 22, 2025Updated last year
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆86Apr 7, 2026Updated last month
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆458May 16, 2026Updated last week
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 5 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆121Mar 16, 2026Updated 2 months ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• google / localtoast

  View on GitHub
  ☆116Feb 11, 2026Updated 3 months ago
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆119Mar 31, 2026Updated last month
• sarperavci / ctf-writeups-search

  View on GitHub
  Search engine for CTF writeups with instant results.
  ☆157Mar 6, 2025Updated last year
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆872Mar 28, 2025Updated last year
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• edera-dev / am-i-isolated

  View on GitHub
  Validate the isolation posture of your container environment.
  ☆316Feb 11, 2026Updated 3 months ago
• referefref / aiocrioc

  View on GitHub
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆38Dec 4, 2024Updated last year
• boostsecurityio / poutine

  View on GitHub
  poutine, a supply chain vulnerability scanner for build pipelines
  ☆460May 6, 2026Updated 2 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆378May 7, 2026Updated 2 weeks ago
• ByteSnipers / awesome-pentest-cheat-sheets

  View on GitHub
  Collection of cheat sheets useful for pentesting
  ☆635Jun 27, 2024Updated last year
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆656Updated this week
• ReversecLabs / IAMGraph

  View on GitHub
  ☆73Jan 8, 2025Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated 2 months ago
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆98Jun 18, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,382Apr 21, 2026Updated last month
• mrwadams / stride-gpt

  View on GitHub
  An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…
  ☆1,039May 11, 2026Updated 2 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆337Apr 8, 2026Updated last month
• infosecB / awesome-detection-engineering

  View on GitHub
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆1,201May 16, 2026Updated last week
• chainguard-dev / malcontent

  View on GitHub
  #supply #chain #attack #detection
  ☆655Updated this week
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆193Apr 16, 2025Updated last year
• elttam / semgrep-rules

  View on GitHub
  ☆234Apr 24, 2026Updated last month
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆232Jun 25, 2019Updated 6 years ago