tldrsec/awesome-secure-defaults external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tldrsec/awesome-secure-defaults

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tldrsec/awesome-secure-defaults)

Close

tldrsec / awesome-secure-defaultsView on GitHubMore

• External links
• Readme badge

Awesome secure by default libraries to help you eliminate bug classes!

☆702Dec 6, 2025Updated 4 months ago

Alternatives and similar repositories for awesome-secure-defaults

Users that are interested in awesome-secure-defaults are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• openai / openai-security-bots

  View on GitHub
  ☆382Apr 18, 2024Updated last year
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆332Updated this week
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆581Feb 12, 2026Updated 2 months ago
• dark-warlord14 / CVENotifier

  View on GitHub
  Customized CVE FEED Notifier
  ☆112Apr 22, 2025Updated 11 months ago
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 11 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆148Jun 18, 2024Updated last year
• RefactorSecurity / vscode-security-notes

  View on GitHub
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆142Feb 26, 2026Updated last month
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆700Updated this week
• tldrsec / prompt-injection-defenses

  View on GitHub
  Every practical and proposed defense against prompt injection.
  ☆671Feb 22, 2025Updated last year
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆85Apr 7, 2026Updated last week
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆457Updated this week
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 3 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆120Mar 16, 2026Updated 3 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆117Mar 31, 2026Updated 2 weeks ago
• sarperavci / ctf-writeups-search

  View on GitHub
  Search engine for CTF writeups with instant results.
  ☆155Mar 6, 2025Updated last year
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆841Mar 28, 2025Updated last year
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• edera-dev / am-i-isolated

  View on GitHub
  Validate the isolation posture of your container environment.
  ☆314Feb 11, 2026Updated 2 months ago
• google / localtoast

  View on GitHub
  ☆117Feb 11, 2026Updated 2 months ago
• referefref / aiocrioc

  View on GitHub
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆38Dec 4, 2024Updated last year
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆373Apr 1, 2026Updated last week
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• ByteSnipers / awesome-pentest-cheat-sheets

  View on GitHub
  Collection of cheat sheets useful for pentesting
  ☆610Jun 27, 2024Updated last year
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆653Updated this week
• ReversecLabs / IAMGraph

  View on GitHub
  ☆72Jan 8, 2025Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Mar 11, 2026Updated last month
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,340Updated this week
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆335Updated this week
• infosecB / awesome-detection-engineering

  View on GitHub
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆1,164Apr 1, 2026Updated last week
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• chainguard-dev / malcontent

  View on GitHub
  #supply #chain #attack #detection
  ☆649Apr 8, 2026Updated last week
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated 11 months ago
• elttam / semgrep-rules

  View on GitHub
  ☆231Dec 18, 2025Updated 3 months ago
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆232Jun 25, 2019Updated 6 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year
• mrwadams / stride-gpt

  View on GitHub
  An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…
  ☆1,004Mar 2, 2026Updated last month