Identify vulnerabilities in running containers, images, hosts and repositories

Awesome PHP Security Resources 🕶🐘🔐

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

secureCodeBox (SCB) - continuous secure delivery out of the box

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

kube-scan: Octarine k8s cluster risk assessment tool

ContainerSSH: Launch containers on demand

All-in-one tool for managing vulnerability reports from AppSec pipelines

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Best practices and integrations available for Spring Boot based Microservice in a single repository.

The Staff-Manager App Server for Enterprise Token Safe BOX

Test and monitor your projects for vulnerabilities with Jenkins. This plugin is officially maintained by Snyk.

A DevSecOps framework powered by Nix.

Trojan 🐍 (keylogger, take screenshots, open your webcam) 🔓

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)