tldrsec/awesome-secure-defaults external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tldrsec/awesome-secure-defaults

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tldrsec/awesome-secure-defaults)

Close

tldrsec / awesome-secure-defaultsView on GitHubMore

• External links
• Readme badge

Awesome secure by default libraries to help you eliminate bug classes!

☆701Dec 6, 2025Updated 3 months ago

Alternatives and similar repositories for awesome-secure-defaults

Users that are interested in awesome-secure-defaults are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• openai / openai-security-bots

  View on GitHub
  ☆382Apr 18, 2024Updated last year
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆331Updated this week
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆578Feb 12, 2026Updated last month
• dark-warlord14 / CVENotifier

  View on GitHub
  Customized CVE FEED Notifier
  ☆113Apr 22, 2025Updated 11 months ago
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 10 months ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• RefactorSecurity / vscode-security-notes

  View on GitHub
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆142Feb 26, 2026Updated last month
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆688Updated this week
• tldrsec / prompt-injection-defenses

  View on GitHub
  Every practical and proposed defense against prompt injection.
  ☆659Feb 22, 2025Updated last year
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆84Updated this week
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆454Updated this week
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 3 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆120Mar 16, 2026Updated last week
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆116Sep 18, 2025Updated 6 months ago
• sarperavci / ctf-writeups-search

  View on GitHub
  Search engine for CTF writeups with instant results.
  ☆154Mar 6, 2025Updated last year
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆836Mar 28, 2025Updated 11 months ago
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• edera-dev / am-i-isolated

  View on GitHub
  Validate the isolation posture of your container environment.
  ☆314Feb 11, 2026Updated last month
• google / localtoast

  View on GitHub
  ☆117Feb 11, 2026Updated last month
• referefref / aiocrioc

  View on GitHub
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆38Dec 4, 2024Updated last year
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆371Updated this week
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ByteSnipers / awesome-pentest-cheat-sheets

  View on GitHub
  Collection of cheat sheets useful for pentesting
  ☆601Jun 27, 2024Updated last year
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆650Updated this week
• ReversecLabs / IAMGraph

  View on GitHub
  ☆71Jan 8, 2025Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated 2 weeks ago
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,320Mar 10, 2026Updated 2 weeks ago
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆335Jan 12, 2026Updated 2 months ago
• infosecB / awesome-detection-engineering

  View on GitHub
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆1,155Dec 19, 2025Updated 3 months ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• chainguard-dev / malcontent

  View on GitHub
  #supply #chain #attack #detection
  ☆646Updated this week
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated 11 months ago
• elttam / semgrep-rules

  View on GitHub
  ☆229Dec 18, 2025Updated 3 months ago
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆232Jun 25, 2019Updated 6 years ago
• Escape-Technologies / awesome-graphql-security

  View on GitHub
  A curated list of awesome GraphQL Security frameworks, libraries, software and resources
  ☆355Feb 15, 2024Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 11 months ago