177 Open source projects that are alternatives of or similar to Chopchop

An advanced and highly optimized Java library to build frameworks: it's useful for scanning class paths, generating classes at runtime, facilitating the use of reflection, scanning the filesystem, executing stringified source code and much more...

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Android application for scanning and managing documents.

GitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.

👀 Analyze Websites and Resources They Request

An app to modify and read memory in the Libre blood glucose monitor.

Improve your code security by running different security checks/validation in a simple way.

Protect and discover secrets using Gitleaks 🔑

Deploy, update, and stage your WAFs while managing them centrally via FMS.

🤖 Run a Mayhem for API scan in GitHub Actions

iOScanX (iOS Application Scanner for OS X) is a Cocoa application for semi-automated iOS app analysis and evaluation

Octopus - Network Scan/Infos & Web Scan

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

This repository includes cloud security policies for IaC and live resources.

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

Discover vulnerabilities and container image misconfiguration in production environments.

KNXnet/IP scanning and auditing tool for KNX home automation installations.

An open source, multi-cloud DevSecOps compliance checker

Batch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.

Внедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Checklist for container security - devsecops practices

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Scriptable desktop app to correct the perspective of images

A simple program written in bash that contains basic Linux network tools, information gathering tools and scanning tools.

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬

XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.

Exam Prep for the Ec-council Certified Ethical Hacker 312-50

Deskew is a command line tool for deskewing scanned text documents. It uses Hough transform to detect "text lines" in the image. As an output, you get an image rotated so that the lines are horizontal.

A schema and set of tools for using SQL to query cloud infrastructure.

DevSecOps Toolchain

'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.

💀 A bash hacking and scanning framework.

Detect Sensitive REST API communication using Deep Neural Networks

WiFi Based Indoor Positioning System, A MVP android Application

ScanTailor Universal - a fork based on Enhanced+Featured+Master versions of ST

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

CLI to interact with Kondukto

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Ultimate DevSecOps library

Python module containing bluetooth utility functions, in particular for easy BLE scanning and advertising

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

The Solutions Delivery Platform runtime pipeline framework

📶 NodeJS tool to manage wifi (connections, scans)

an easy pentesting tool.

📷 Computer-Vision Demos

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…