ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+45.56%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (+185.48%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+128.23%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+983.47%)
TeamvisionTeamvision软件工程协作工具
Stars: ✭ 380 (+53.23%)
OpendevopsCODO是一款为用户提供企业多混合云、一站式DevOps、自动化运维、完全开源的云管理平台、自动化运维平台
Stars: ✭ 2,990 (+1105.65%)
Awesome CiList of Continuous Integration services
Stars: ✭ 2,737 (+1003.63%)
Flow Core XPowerful and user-friendly CI / CD server with high availability, parallel build, agent scaling
Stars: ✭ 1,108 (+346.77%)
OrkestraFunctional DevOps with Scala and Kubernetes
Stars: ✭ 102 (-58.87%)
Terraform MultienvA template for maintaining a multiple environments infrastructure with Terraform. This template includes a CI/CD process, that applies the infrastructure in an AWS account.
Stars: ✭ 107 (-56.85%)
Previs🎯 Testing your project locally in a clean environment.
Stars: ✭ 312 (+25.81%)
Lnmp💻 🐳 🐘 🐬 🐧 🚀 Start Docker LNMP(LEMP) In less than 2 minutes Powered by Docker Compose. 让 PHP 开发者快速(一键)搭建基于容器技术(Docker、Kubernetes)的开发、测试、生产(CI/CD by Drone)环境.
Stars: ✭ 341 (+37.5%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (+140.32%)
SemaphoreModern UI for Ansible
Stars: ✭ 4,588 (+1750%)
DoactA Terraform module for hosting your own runner for CI/CD on Digital Ocean to run jobs in your GitHub Actions workflows. 🚀
Stars: ✭ 42 (-83.06%)
Fluenttc🌊 👬 🏢 Integrate with TeamCity fluently
Stars: ✭ 42 (-83.06%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-66.53%)
Webhookwebhook is a lightweight incoming webhook server to run shell commands
Stars: ✭ 7,201 (+2803.63%)
KubectlA Github action for kubectl, the Kubernetes CLI
Stars: ✭ 128 (-48.39%)
SkanScan Kubernetes resource files , and helm charts for security configurations issues and best practices.
Stars: ✭ 127 (-48.79%)
Opensa资产管理、资产采集、灰度发布、反向代理、批量任务、任务编排、计划任务、日志审计、权限管理、角色管理、部门管理、运维自动化
Stars: ✭ 220 (-11.29%)
Solo CiA lightweight CI/CD tool powered by Golang
Stars: ✭ 168 (-32.26%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+626.61%)
Devsecops🔱 Collection and Roadmap for everyone who wants DevSecOps.
Stars: ✭ 171 (-31.05%)
Pypyrpypyr task-runner cli & api for automation pipelines. Automate anything by combining commands, different scripts in different languages & applications into one pipeline process.
Stars: ✭ 173 (-30.24%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (+25.4%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+1739.11%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-24.6%)
Nvwa IoNvwa-io is a open source DevOps CI/CD auto-build and auto-deploy system(女娲 - 开源 DevOps CI/CD 自动构建和自动部署系统). http://nvwa-io.com
Stars: ✭ 283 (+14.11%)
Awesome DevsecopsCurating the best DevSecOps resources and tooling.
Stars: ✭ 188 (-24.19%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1340.32%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+72.18%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+12.5%)
IceciIceCI is a continuous integration system designed for Kubernetes from the ground up.
Stars: ✭ 29 (-88.31%)
Octopod🐙🛠️ Open-source self-hosted solution for managing multiple deployments in a Kubernetes cluster with a user-friendly web interface.
Stars: ✭ 47 (-81.05%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+3800.4%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-70.97%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+3584.27%)
DevsecopsThis repository contains information about DevSecOps and how to get involved in this community effort.
Stars: ✭ 103 (-58.47%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+1189.52%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-48.39%)
MirrorgateMirrorGate DevOps Dashboard
Stars: ✭ 117 (-52.82%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+1360.48%)
Jenkins RestJava client, built on top of jclouds, for working with Jenkins REST API
Stars: ✭ 201 (-18.95%)
ActRun your GitHub Actions locally 🚀
Stars: ✭ 19,915 (+7930.24%)
WoodpeckerA fork of the Drone CI system version 0.8, right before the 1.0 release and license changes
Stars: ✭ 132 (-46.77%)
LastbackendSystem for containerized apps management. From build to scaling.
Stars: ✭ 1,536 (+519.35%)
Awesome DevsecopsAn authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Stars: ✭ 2,805 (+1031.05%)
Wflow🐆 EXPERIMENTAL -- Runs GitHub Actions workflows locally (local) -- Don't run your YAML like a 🐪
Stars: ✭ 187 (-24.6%)
RocketAutomated software delivery as fast and easy as possible 🚀
Stars: ✭ 217 (-12.5%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (-25.81%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (+5.24%)
FlintFast and configurable filesystem (file and directory names) linter
Stars: ✭ 115 (-53.63%)
MbtThe most flexible build tool for monorepo
Stars: ✭ 184 (-25.81%)
ContainersshContainerSSH: Launch containers on demand
Stars: ✭ 195 (-21.37%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-14.11%)