260 Open source projects that are alternatives of or similar to cscanner

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Security scanner for your Terraform code

在协同开发中让代码风格保持一致

Guardian is a tool for extensible and universal data access with automated access workflows and security controls across data stores, analytical systems, and cloud products.

Detect Sensitive REST API communication using Deep Neural Networks

A tool for verifying links in text-based files

Multi tool checker account validator 2020

🔥Fastest Parallel Request Double-Check Discord Token Checker🔥 Parse discord tokens from any file and directory.

一个打卡小程序 - 基于 leancloud 数据存储

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

Simple CLI tools for check `ngx-translate` keys

Wrapper for The Nu Html Checker (v.Nu)

Simple command line tool to check for compliance against CIS Benchmarks

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

Ruby Nagios Check Integration

🔥 The most efficient, open-source, and unlimited discord nitro generator & checker. 🚀

Ultimate DevSecOps library

CodeIgniter3 Filename Checker

A validator for checking different kinds of whitespaces in your files.

A schema and set of tools for using SQL to query cloud infrastructure.

Verify that pull request titles start with a ticket ID

DevSecOps Toolchain

Checklist for container security - devsecops practices

'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.

Create validations with ease

Wazuh - Tools for packages creation

Health Check is an application that provides an API to check the health health_check of some parts and some utilities like ping requests. This application can works as standalone or included in a Django project.

A set of tools to work on Akamai v1 anti-bot solution. Current supported version: 1.70

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

FedRAMP Tailored.

A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

Simple button for marking some items as selected.

Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker

A GitHub Action for checking broken links

CLI to interact with Kondukto

proxy checker to check the status of the ip-port proxy list

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Flycheck support for LanguageTool

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.

The GitHub CODEOWNERS file validator

checks whether a hyperlink is alive (`200 OK`) or dead.

The Solutions Delivery Platform runtime pipeline framework

Query Method Calls from Ruby Programs

Asynchronous linting and make framework for Neovim/Vim

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

OpenACR is a digital native Accessibility Conformance Report (ACR). The initial development is based on Section 508 requirements. The main goal is to be able to compare the accessibility claims of digital products and services. A structured, self-validated, machine-readable documentation will provide for this.

Policeman's Forbidden API Checker

checks that all of the hyperlinks in a markdown text to determine if they are alive or dead

Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Steampipe.

ISC Forge is an open source DHCP conformance validation framework, primarily used for testing ISC Kea.