log4j-cve-2021-44228Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
devops-infra-demoGrowing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)
secureCodeBox-v2This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
netmakerNetmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
cfngoatCfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
cdkgoatCdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
nightfall dlp actionGitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.
gitleaksProtect and discover secrets using Gitleaks 🔑
mapi-action🤖 Run a Mayhem for API scan in GitHub Actions
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
ochrona-cliA command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
cscannerAn open source, multi-cloud DevSecOps compliance checker
dohq-ai-best-practicesВнедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/
gitavscanGit Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.
workshop-devsecopsLa intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …
DongTai-agent-javaJava Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
tfquerytfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
awesome-policy-as-codeA curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
MixewayHubMixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
posteeSimple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
nmap-formatterA tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
perimeterator'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
privapiDetect Sensitive REST API communication using Deep Neural Networks
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
kdtCLI to interact with Kondukto
ggshield-actionGitGuardian Shield GitHub Action - Find exposed credentials in your commits
ggshieldFind and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.