ggshieldFind and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Stars: ✭ 1,272 (+460.35%)
secureCodeBox-v2This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
Stars: ✭ 23 (-89.87%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+455.51%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+693.83%)
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-44.93%)
DevsecopsThis repository contains information about DevSecOps and how to get involved in this community effort.
Stars: ✭ 103 (-54.63%)
RitaReal Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Stars: ✭ 1,352 (+495.59%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-17.62%)
Scap WorkbenchSCAP Scanner And Tailoring Graphical User Interface
Stars: ✭ 145 (-36.12%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-43.61%)
Devsecops🔱 Collection and Roadmap for everyone who wants DevSecOps.
Stars: ✭ 171 (-24.67%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-51.1%)
PlatypusLarge-scale server monitoring application written in Golang
Stars: ✭ 190 (-16.3%)
PygreynoisePython3 library and command line for GreyNoise
Stars: ✭ 100 (-55.95%)
TangoThis repository is providing source codes of Tango projects I created.
Stars: ✭ 156 (-31.28%)
Nmap ErpscanNmap custom probes for better detecting SAP services
Stars: ✭ 96 (-57.71%)
Openrasp🔥Open source RASP solution
Stars: ✭ 2,036 (+796.92%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-68.28%)
Sane Scan PdfSane command-line scan-to-pdf script on Linux with OCR and deskew support
Stars: ✭ 58 (-74.45%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (-20.26%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+703.52%)
SkanScan Kubernetes resource files , and helm charts for security configurations issues and best practices.
Stars: ✭ 127 (-44.05%)
ScrutorAssembly scanning and decoration extensions for Microsoft.Extensions.DependencyInjection
Stars: ✭ 1,915 (+743.61%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1473.57%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+1083.7%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+940.09%)
MonitorizerMultithreaded monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools with support for Acunetix
Stars: ✭ 110 (-51.54%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-70.93%)
RtabmapRTAB-Map library and standalone application
Stars: ✭ 1,376 (+506.17%)
ThreagileAgile Threat Modeling Toolkit
Stars: ✭ 162 (-28.63%)
Awesome DevsecopsCurating the best DevSecOps resources and tooling.
Stars: ✭ 188 (-17.18%)
DeskewLibrary used to deskew a scanned document
Stars: ✭ 98 (-56.83%)
Leaky RepoBenchmarking repo for secrets scanning
Stars: ✭ 149 (-34.36%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+1495.59%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+4398.68%)
PycroscopyScientific analysis of nanoscale materials imaging data
Stars: ✭ 144 (-36.56%)
Awesome Devsecops ruПодборка выступлений и публикаций на тему DevSecOps на русском и не только)
Stars: ✭ 62 (-72.69%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (-18.94%)
Esp8266 deautherAffordable WiFi hacking platform for testing and learning
Stars: ✭ 9,312 (+4002.2%)
UnimapScan only once by IP address and reduce scan times with Nmap for large amounts of data.
Stars: ✭ 141 (-37.89%)
NugetdefenseAn MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.
Stars: ✭ 44 (-80.62%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+1022.47%)
Nodejsscannodejsscan is a static security code scanner for Node.js applications.
Stars: ✭ 1,874 (+725.55%)
ReapsawReapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Stars: ✭ 37 (-83.7%)
Scanlessonline port scan scraper
Stars: ✭ 875 (+285.46%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (-23.35%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+282.38%)
DracnmapDracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Stars: ✭ 861 (+279.3%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (-2.64%)
Awesome DevsecopsAn authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Stars: ✭ 2,805 (+1135.68%)