Security & Governance339 projects
Security & Governance open-source projects ranked by GitHub Stars
This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org
TodayFully automatic censorship removal for language models
TodayA game theoretic approach to explain the output of any machine learning model.
TodayFHEVM, a full-stack framework for integrating Fully Homomorphic Encryption (FHE) with blockchain applications
1d ago🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026
TodaySafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
TodayIdentity-aware VPN and tunneled reverse proxy for remote access based on WireGuard®.
TodayThe LLM Evaluation Framework
1d agoPython SDK for Agent AI Observability, Monitoring and Evaluation Framework. Includes features like agent, llm and tools tracing, debugging multi-agentic system, self-hosted dashboard and advanced analytics with timeline and execution graph view
TodayZama Bounty Program: Contribute to the FHE space and Zama's open source libraries and get rewarded 💰
1d agoSupercharge Your LLM Application Evaluations 🚀
TodayA framework for few-shot evaluation of language models.
TodayAdvanced AI Explainability for computer vision. Support for CNNs, Vision Transformers, Classification, Object detection, Segmentation, Image similarity and more.
TodaySecurity scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
TodayForce Remove Copilot, Recall and More in Windows 11
TodayLime: Explaining the predictions of any machine learning classifier
TodayAI Observability & Evaluation
TodayPerform data science on data that remains in someone else's server
TodayAn open-source framework for detecting, redacting, masking, and anonymizing sensitive data (PII) across text, images, and structured data. Supports NLP, pattern matching, and customizable pipelines.
TodayCybersecurity AI (CAI), the framework for AI Security
TodayTransformer Explained Visually: Learn How LLM Transformer Models Work with Interactive Visualization
TodayBertViz: Visualize Attention in Transformer Models
TodayThis is a multi-use bash script for Linux systems to audit wireless networks.
1d agoEvidently is an open-source ML and LLM observability framework. Evaluate, test, and monitor any AI-powered system or data pipeline. From tabular data to Gen AI. 100+ metrics.
Today🛡️ Windows Hello™ style facial authentication for Linux
Today😈Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness
2d agoOpenShell is the safe, private runtime for autonomous AI agents.
TodayWiFi security auditing tools suite
1d agoOpenCompass is an LLM evaluation platform, supporting a wide range of models (Llama3, Mistral, InternLM2,GPT-4,LLaMa2, Qwen,GLM, Claude, etc) over 100+ datasets.
TodayAdding guardrails to large language models.
TodayFit interpretable models. Explain blackbox machine learning.
TodaySuperagent protects your AI applications against prompt injections, data leaks, and harmful outputs. Embed safety directly into your app and prove compliance to your customers.
2d agoNeMo Guardrails is an open-source toolkit for easily adding programmable guardrails to LLM-based conversational systems.
TodayAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
TodayAn Industrial Grade Federated Learning Framework
TodayPassbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
1d agoDemocratizing Reinforcement Learning for LLMs
TodayA huge blocklist of manually curated sites that contain AI generated imagery for uBlock Origin & uBlacklist.
1d agoRobust recipes to align language models with human and AI preferences
TodayFawkes, privacy preserving tool against facial recognition systems. More info at https://sandlab.cs.uchicago.edu/fawkes
TodaySWE-bench: Can Language Models Resolve Real-world Github Issues?
TodayAdversary simulation and Red teaming platform with AI
TodayAgentic execution layer for modern cyber security, turning security intent into precise, governed, auditable action through AI agents, MCP-native tools, knowledge, approvals, and attack-chain context.
Today《可解释的机器学习--黑盒模型可解释性理解指南》,该书为《Interpretable Machine Learning》中文版
2d agoOpen-Source Unified Vulnerability Management, DevSecOps & ASPM
TodayUniversal and Transferable Attacks on Aligned Language Models
TodayAI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.
TodayA collection of infrastructure and tools for research in neural network interpretability.
TodayAlign Anything: Training All-modality Model with Feedback
3d agoAutonomous Hacking Agent for Red Team
TodayLocal-first healthcare AI: clinical NER & HIPAA PII de-identification that runs 100% on-device. 1,000+ medical models, 12 languages, Apple MLX + Python, no cloud, no patient data leaving your network. Apache-2.0
TodayOne-for-All Multimodal Evaluation Toolkit Across Text, Image, Video, and Audio Tasks
Today中文语言理解测评基准 Chinese Language Understanding Evaluation Benchmark: datasets, baselines, pre-trained models, corpus and leaderboard
TodayOpen-source evaluation toolkit of large multi-modality models (LMMs), support 220+ LMMs, 80+ benchmarks
TodayCISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, BIA, Privacy, and Reporting. It supports 150+ global frameworks with automatic control mapping, including ISO 27001, NIST CSF, SOC 2, CIS, PCI DSS, NIS2, DORA, GDPR, HIPAA, CMMC, and more.
TodayOpen Source Data Security Platform for Developers to Monitor and Detect PII, Anonymize Production Data and Sync it across environments.
5d agoThe Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.
TodayA full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailbreak evaluation.
TodayA Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
TodayDeepchecks: Tests for Continuous Validation of ML Models & Data. Deepchecks is a holistic open-source solution for all of your AI & ML validation needs, enabling to thoroughly test your data and models from research to production.
TodayA list of AI agents and robots to block.
Todayautonomous red teaming platform; multi-agent offensive-security meta-harness
Today[CCS'24] A dataset consists of 15,140 ChatGPT prompts from Reddit, Discord, websites, and open-source datasets (including 1,405 jailbreak prompts).
TodayOpen-source security automation platform for teams and AI agents
TodayAutomation for internal Windows Penetrationtest / AD-Security
TodayThe Learning Interpretability Tool: Interactively analyze ML models to understand their behavior in an extensible and framework agnostic interface.
3d agoA library for mechanistic interpretability of GPT-style language models
TodayOML 1.0 via Fingerprinting: Open, Monetizable, and Loyal AI
TodayTextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master/
TodayEvaluation and Tracking for LLM Experiments and AI Agents
TodayLeaderboard Comparing LLM Performance at Producing Hallucinations when Summarizing Short Documents
2d agoBeyond the Imitation Game collaborative benchmark for measuring and extrapolating the capabilities of language models
TodayThe Security Toolkit for LLM Interactions
TodayA streamlined and customizable framework for efficient large model (LLM, VLM, AIGC) evaluation and performance benchmarking.
TodayNeural network visualization toolkit for keras
TodayA Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX
TodaySandbox any AI agent in seconds - zero setup, zero latency.
Today[ACL 2024] An Easy-to-use Knowledge Editing Framework for LLMs.
TodayHolistic Evaluation of Language Models (HELM) is an open source Python framework created by the Center for Research on Foundation Models (CRFM) at Stanford for holistic, reproducible and transparent evaluation of foundation models, including large language models (LLMs) and multimodal models.
TodayA unified evaluation framework for large language models
3d agoA library for debugging/inspecting machine learning classifiers and explaining their predictions
TodaySecurity scanner for AI agents, MCP servers and agent skills.
TodayA unified framework for privacy-preserving data analysis and machine learning
2d agoAlgorithms for outlier, adversarial and drift detection
TodayUpTrain is an open-source unified platform to evaluate and improve Generative AI applications. We provide grades for 20+ preconfigured checks (covering language, code, embedding use-cases), perform root cause analysis on failure cases and give insights on how to resolve them.
5d agoInspect: A framework for large language model evaluations
TodayExplain, analyze, and visualize NLP language models. Ecco creates interactive visualizations directly in Jupyter notebooks explaining the behavior of Transformer-based language models (like GPT2, BERT, RoBERTA, T5, and T0).
TodaySource code about machine learning and security.
TodayAgentic LLM Vulnerability Scanner / AI red teaming kit 🧪
1d agoHuman preference data for "Training a Helpful and Harmless Assistant with Reinforcement Learning from Human Feedback"
TodaySafe RLHF: Constrained Value Alignment via Safe Reinforcement Learning from Human Feedback
1d agoConvert Apple NeuralHash model for CSAM Detection to ONNX.
TodayInformation Gathering Instagram.
TodayLLM Prompt Injection Detector
TodaySecrets of RLHF in Large Language Models Part I: PPO
1d agoModel explainability that works seamlessly with 🤗 transformers. Explain your transformers model in just 2 lines of code.
1w agoPrivacy-Preserving Computing Platform 由密码学专家团队打造的开源隐私计算平台,支持多方安全计算、联邦学习、隐私求交、匿踪查询等。
3d agoHuman ChatGPT Comparison Corpus (HC3), Detectors, and more! 🔥
1d agoSemantica • Build AI systems that can explain, trace, and justify every decision. Knowledge graphs, context graphs, reasoning engines, provenance, and governance for production AI.
TodayOWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)
1d agoAttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
1w agoa security scanner for custom LLM applications
TodayChinese safety prompts for evaluating and improving the safety of LLMs. 中文安全prompts,用于评估和提升大模型的安全性。
TodayEvaluate your LLM's response with Prometheus and GPT4 💯
TodayBenchmarking Generalized Out-of-Distribution Detection
TodayA framework for the evaluation of autoregressive code generation language models.
1w agoThe Continuous-Improvement Stack for Agents. Our environment data and evals power agent improvement and monitoring.
2d agoReinforcement Learning via Self-Distillation (SDPO)
TodayFramework-agnostic implementation for state-of-the-art saliency methods (XRAI, BlurIG, SmoothGrad, and more).
3d agoA security scanner for your LLM agentic workflows
Today:art: A CNN visualizer
TodaySafety-first guardrails for AI-driven cloud and Kubernetes operations
1d ago🔍 LangKit: An open-source toolkit for monitoring Large Language Models (LLMs). 📚 Extracts signals from prompts & responses, ensuring safety & security. 🛡️ Features include text quality, relevance metrics, & sentiment analysis. 📊 A comprehensive tool for LLM observability. 👀
TodayThe nnsight package enables interpreting and manipulating the internals of deep learned models.
1d agoScan MCP servers for potential threats & security findings.
TodayOffen Fair Web Analytics
3d agoOmniXAI: A Library for eXplainable AI
TodayAI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️
TodayAI-Native Risk Intelligence Systems, OpenDeRisk——Your application system risk intelligent manager provides 7* 24-hour comprehensive and in-depth protection.
2d agoFacTool: Factuality Detection in Generative AI
1w agoThis is a repository that aims to provide updates on the status of jailbreaking the OpenAI GPT language model.
1w agoOpen Security Controls Assessment Language (OSCAL)
1d agoWinner of Mozilla's $50,000 prize for AI
1w agoSafety guardrails for ai coding agents and human terminal commands
3d agoAI-first security scanner. NEW in v2026.7: Claude Code compromise detection — vet .claude/ hooks, permissions & skills before you clone — plus an always-on AI attack-signature scanner and native Rust & PHP rules. Also: medusa scan --git to vet any repo, medusa secrets scan for leaked API keys. 40,000+ patterns, zero setup.
Today[ICCV 2021- Oral] Official PyTorch implementation for Generic Attention-model Explainability for Interpreting Bi-Modal and Encoder-Decoder Transformers, a novel method to visualize any Transformer-based network. Including examples for DETR, VQA.
TodayOfficial repository for the paper "LiveCodeBench: Holistic and Contamination Free Evaluation of Large Language Models for Code"
TodayAn easy-to-use Python framework to generate adversarial jailbreak prompts.
TodayRepository for the paper "Automated Hate Speech Detection and the Problem of Offensive Language", ICWSM 2017
3d agoA simulation framework for RLHF and alternatives. Develop your RLHF method without collecting human data.
1w agoThe repository is for safe reinforcement learning baselines.
TodayDiffusion attentive attribution maps for interpreting Stable Diffusion.
1w agoMetis is an open-source, AI-driven tool for deep security code review
TodayBLEURT is a metric for Natural Language Generation based on transfer learning.
2d agoA filter list that hides website features & content that uses Generative AI.
TodayAIRecon is an autonomous cybersecurity agent that combines a self-hosted Large Language Model (Ollama) with a Kali Linux Docker sandbox and a Textual TUI. It is designed to automate security assessments, penetration testing, and bug bounty reconnaissance — without any API keys or cloud dependency.
TodayCodeGate: Security, Workspaces and Multiplexing for AI Agentic Frameworks
1w agoAn Open-Source Package for Textual Adversarial Attack.
1w agoA deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.
2d agoLocating and editing factual associations in GPT (NeurIPS 2022)
3d agoBruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
2d agoA Deep Graph-based Toolbox for Fraud Detection
1w agoA library for making RepE control vectors
3d agoOpenJudge: A Unified Framework for Holistic Evaluation and Quality Rewards
TodayMake your GenAI Apps Safe & Secure :rocket: Test & harden your system prompt
TodayBenchmark of federated learning. Dedicated to the community. 🤗
3d agoRaising the Cost of Malicious AI-Powered Image Editing
TodayExamples of techniques for training interpretable ML models, explaining ML models, and debugging ML models for accuracy, discrimination, and security.
1w agoPreimage attack against NeuralHash 💣
2w agoUnified Multilingual Robustness Evaluation Toolkit for Natural Language Processing
1w agoWinDBG Anti-RootKit Extension
2d agoMicrosoft Security Copilot is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles
1d agoGenAI compliance benchmark is a evaluation benchmarks for generative AI in regulated industries.
1mo ago一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具
1d agoTools for understanding how transformer predictions are built layer-by-layer
6d agoReal Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
1d agoFailure archive for ChatGPT and similar models
3w agoCode for IDS-ML: intrusion detection system development using machine learning algorithms (Decision tree, random forest, extra trees, XGBoost, stacking, k-means, Bayesian optimization..)
1w agoThis repo contains evaluation code for the paper "MMMU: A Massive Multi-discipline Multimodal Understanding and Reasoning Benchmark for Expert AGI"
3d agoFind zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents.
TodayVULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!
1d agoDeliver safe & effective language models
3d agoCasbin AI & MCP security gateway for HTTP, online demo: https://door.caswaf.com
2d agoA Privacy-Preserving Framework Based on TensorFlow
1mo agoA Model for Natural Language Attack on Text Classification and Inference
2d agoOfficial implementation of the paper "The Stable Signature Rooting Watermarks in Latent Diffusion Models"
1d agoData-Driven Evaluation for LLM-Powered Applications
1w ago[ICLR'25] BigCodeBench: Benchmarking Code Generation Towards AGI
1d agoPromptInject is a framework that assembles prompts in a modular fashion to provide a quantitative analysis of the robustness of LLMs to adversarial prompt attacks. 🏆 Best Paper Awards @ NeurIPS ML Safety Workshop 2022
3d agoThe official GitHub repository of the paper "Recent advances in large language model benchmarks against data contamination: From static to dynamic evaluation"
1d agoA robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [BETA]
2d ago⚡ Vigil ⚡ Detect prompt injections, jailbreaks, and other potentially risky Large Language Model (LLM) inputs
TodayDiffusion Explainer: Visual Explanation for Text-to-image Stable Diffusion
1d ago[Pattern Recognition 25] CLIP Surgery for Better Explainability with Enhancement in Open-Vocabulary Tasks
3d ago[CVPR'25 highlight] RLAIF-V: Open-Source AI Feedback Leads to Super GPT-4V Trustworthiness
1w agoMachine learning driven web application firewall to detect malicious queries with high accuracy.
1mo agoGovern & Secure your AI
1d agoA library that incorporates state-of-the-art explainers for text-based machine learning models and visualizes the result with a built-in dashboard.
TodaySecurity and Privacy Risk Simulator for Machine Learning (arXiv:2312.17667)
TodayA tool for evaluating LLMs
3w agoEVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.
TodayEverything you want about DP-Based Federated Learning, including Papers and Code. (Mechanism: Laplace or Gaussian, Dataset: femnist, shakespeare, mnist, cifar-10 and fashion-mnist. )
3w agoFilter sensitive information from free text before sending it to external services or APIs, such as chatbots and LLMs.
Today🗣️ Tool to generate adversarial text examples and test machine learning models against them
1mo agoVisualize the intermediate output of Mistral 7B
1w agoSimulate a federated setting and run differentially private federated learning.
5d agoRequests based captcha solver for Arkose Labs using speech recognition
3w agoSurveillance Detection Scout: Your Lookout on Autopilot
1mo agoBackdoors Framework for Deep Learning and Federated Learning. A light-weight tool to conduct your research on backdoors.
3d agoBenchmark for automated failure attributions in agentic systems (🏆 ICML 2025 Spotlight)
2d agoLyrie.ai — The world's first autonomous AI cybersecurity agent. Built by OTT Cybersecurity LLC.
TodayAutoAudit—— the LLM for Cyber Security 网络安全大语言模型
1w agoSimulation framework for accelerating research in Private Federated Learning
1w agoAI engine for smart contract audit
1d agoA Python library for Interpretable Machine Learning in Text Classification using the SS3 model, with easy-to-use visualization tools for Explainable AI :octocat:
3d ago🤖 Admyral enables continuous control monitoring for any custom control
1mo agoprompt attack-defense, prompt Injection, reverse engineering notes and examples | 提示词对抗、破解例子与笔记
TodayBreaching privacy in federated learning scenarios for vision and text
TodayMarkDiffusion: An Open-Source Toolkit for Generative Watermarking of Latent Diffusion Models
1w agoAutonomous white-hat security auditor for AI-driven code review, bug bounty research, exploit construction, and execution-grounded verification.
Today