tldrsec/awesome-secure-defaults external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tldrsec/awesome-secure-defaults

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tldrsec/awesome-secure-defaults)

Close

tldrsec / awesome-secure-defaultsView on GitHubMore

• External links
• Readme badge

Awesome secure by default libraries to help you eliminate bug classes!

☆703Dec 6, 2025Updated 4 months ago

Alternatives and similar repositories for awesome-secure-defaults

Users that are interested in awesome-secure-defaults are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• openai / openai-security-bots

  View on GitHub
  ☆384Apr 15, 2026Updated 2 weeks ago
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆334Apr 23, 2026Updated last week
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆586Feb 12, 2026Updated 2 months ago
• dark-warlord14 / CVENotifier

  View on GitHub
  Customized CVE FEED Notifier
  ☆112Apr 22, 2025Updated last year
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 11 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆148Jun 18, 2024Updated last year
• RefactorSecurity / vscode-security-notes

  View on GitHub
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆142Updated this week
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆708Updated this week
• tldrsec / prompt-injection-defenses

  View on GitHub
  Every practical and proposed defense against prompt injection.
  ☆681Feb 22, 2025Updated last year
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆86Apr 7, 2026Updated 3 weeks ago
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆458Apr 12, 2026Updated 3 weeks ago
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 4 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆121Mar 16, 2026Updated last month
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆118Mar 31, 2026Updated last month
• sarperavci / ctf-writeups-search

  View on GitHub
  Search engine for CTF writeups with instant results.
  ☆156Mar 6, 2025Updated last year
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆868Mar 28, 2025Updated last year
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• edera-dev / am-i-isolated

  View on GitHub
  Validate the isolation posture of your container environment.
  ☆314Feb 11, 2026Updated 2 months ago
• google / localtoast

  View on GitHub
  ☆116Feb 11, 2026Updated 2 months ago
• referefref / aiocrioc

  View on GitHub
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆38Dec 4, 2024Updated last year
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆378Apr 26, 2026Updated last week
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• ByteSnipers / awesome-pentest-cheat-sheets

  View on GitHub
  Collection of cheat sheets useful for pentesting
  ☆621Jun 27, 2024Updated last year
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆655Updated this week
• ReversecLabs / IAMGraph

  View on GitHub
  ☆72Jan 8, 2025Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆175Mar 11, 2026Updated last month
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• boostsecurityio / poutine

  View on GitHub
  poutine, a supply chain vulnerability scanner for build pipelines
  ☆443Apr 17, 2026Updated 2 weeks ago
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,370Apr 21, 2026Updated last week
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆337Apr 8, 2026Updated 3 weeks ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• infosecB / awesome-detection-engineering

  View on GitHub
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆1,181Updated this week
• chainguard-dev / malcontent

  View on GitHub
  #supply #chain #attack #detection
  ☆652Updated this week
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated last year
• elttam / semgrep-rules

  View on GitHub
  ☆233Apr 24, 2026Updated last week
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆232Jun 25, 2019Updated 6 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year