177 Open source projects that are alternatives of or similar to Chopchop

🔐 Docker Container for Penetration Testing & Security

kube-scan: Octarine k8s cluster risk assessment tool

Assembly scanning and decoration extensions for Microsoft.Extensions.DependencyInjection

Modular file scanning/analysis framework

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

🛡️ Make your web services secure by default !

Konan - Advanced Web Application Dir Scanner

Multithreaded monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools with support for Acunetix

🤖 The Modern Port Scanner 🤖

Identify hardcoded secrets and dangerous behaviours

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

RTAB-Map library and standalone application

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

Agile Threat Modeling Toolkit

DNS tool - display information about your domain

An android app that scans Bluetooth and WiFi for FIND3

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Curating the best DevSecOps resources and tooling.

Hunter作为中通DevSecOps闭环方案中的一环，扮演着很重要的角色，开源之后希望能帮助到更多企业。

Library used to deskew a scanned document

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Benchmarking repo for secrets scanning

IAST 灰盒扫描工具

Awesome Fingerprint Identify for react-native (android only)

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Security scanner for your Terraform code

This project is an attendance system which provides attendance on scanning QR code. The attendance is stored in Excel sheet named with the date of attendance taken. In this folder a file named Generate.py is used to generate the QR code for given input file. Attend.py file is for scanning the QR code

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana

Scientific analysis of nanoscale materials imaging data

Build a CI/CD for Microservices and Serverless Functions in AWS ☁️

Подборка выступлений и публикаций на тему DevSecOps на русском и не только)

Best practices and integrations available for Spring Boot based Microservice in a single repository.

The DevSecOps toolset for REST APIs

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

Affordable WiFi hacking platform for testing and learning

A DevSecOps framework powered by Nix.

Scan only once by IP address and reduce scan times with Nmap for large amounts of data.

Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

GitHub Advance Security Compliance Action

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

nodejsscan is a static security code scanner for Node.js applications.

Integrate SonarQube scanner to GitHub Actions

online port scan scraper

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Anteater - CI/CD Gate Check Framework

massive SQL injection vulnerability scanner

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

ContainerSSH: Launch containers on demand

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration