TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+660.46%)
prancer-compliance-testThis repository includes cloud security policies for IaC and live resources.
Stars: ✭ 32 (-97.48%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+111.24%)
devops-infra-demoGrowing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)
Stars: ✭ 31 (-97.56%)
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Stars: ✭ 227 (-82.15%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (-75.55%)
Gg ShieldDetect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Stars: ✭ 708 (-44.34%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+33.65%)
awesome-iac-testingA list of awesome IaC testing articles, speeches & links. Especially about Ansible.
Stars: ✭ 56 (-95.6%)
ggshield-actionGitGuardian Shield GitHub Action - Find exposed credentials in your commits
Stars: ✭ 304 (-76.1%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+180.82%)
secureCodeBox-v2This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
Stars: ✭ 23 (-98.19%)
driftctlDetect, track and alert on infrastructure drift
Stars: ✭ 2,020 (+58.81%)
tfutfu is a terraform helper to update the providers.
Stars: ✭ 13 (-98.98%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+41.67%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (-0.86%)
gotfManaging multiple environments with Terraform made easy
Stars: ✭ 25 (-98.03%)
NietzscheScrap quotes from Goodreads and schedule random tweets.
Stars: ✭ 44 (-96.54%)
ChopchopChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
Stars: ✭ 227 (-82.15%)
infrastructure-pipelineAn example pipeline for executing HashiCorp Terraform with ephemeral cloud provider credentials managed by HashiCorp Vault
Stars: ✭ 44 (-96.54%)
icp-ce-on-linux-containersMulti node IBM Cloud Private Community Edition 3.2.x w/ Kubernetes 1.13.5 in a Box. Terraform, Packer and BASH based Infrastructure as Code script sets up a multi node LXD cluster, installs ICP-CE and clis on a metal or VM Ubuntu 18.04 host.
Stars: ✭ 52 (-95.91%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+184.75%)
yorExtensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
Stars: ✭ 459 (-63.92%)
big-bangBig Bang is a declarative, continuous delivery tool for core DoD hardened and approved packages into a Kubernetes cluster.
Stars: ✭ 55 (-95.68%)
PSRule-pipelinesValidate infrastructure as code (IaC) and DevOps repositories using Azure Pipelines.
Stars: ✭ 16 (-98.74%)
nightfall dlp actionGitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.
Stars: ✭ 46 (-96.38%)
heat-examplesHeat examples tested against the SysEleven Stack infrastructure cloud.
Stars: ✭ 36 (-97.17%)
PulumiPulumi - Developer-First Infrastructure as Code. Your Cloud, Your Language, Your Way 🚀
Stars: ✭ 10,887 (+755.9%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-60.77%)
ChameleonCustomizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres and MySQL)
Stars: ✭ 230 (-81.92%)
Swifty🔑 Free Offline Password Manager
Stars: ✭ 496 (-61.01%)
Dashi💯 Get a notification in Slack every time someone asks you to check some code on Github or Bitbucket.
Stars: ✭ 29 (-97.72%)
Upash🔒Unified API for password hashing algorithms
Stars: ✭ 484 (-61.95%)
ScavengerCrawler (Bot) searching for credential leaks on different paste sites.
Stars: ✭ 347 (-72.72%)
Buttercup Core🎩 The mighty NodeJS password vault
Stars: ✭ 340 (-73.27%)
PoshkeepassPowerShell module for KeePass
Stars: ✭ 177 (-86.08%)
RtspallthethingsDeprecated RTSP media server -- Use github.com/aler9/rtsp-simple-server instead.
Stars: ✭ 258 (-79.72%)
driftwoodPrivate key usage verification
Stars: ✭ 262 (-79.4%)
memcheck-coverAn HTML generator for Valgrind's Memcheck tool
Stars: ✭ 30 (-97.64%)
vicopoAPI HTTP et Script pour trouver les villes à partir d'un code postal et code postaux à partir d'une ville
Stars: ✭ 27 (-97.88%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-87.11%)
MirrorDumpAnother LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
Stars: ✭ 197 (-84.51%)
windows-Credential-Provider-libraryThis repository will be updated with all the examples and links that I can find with relevant knowledge & information about CP in MS Windows vista up to version 10.
Stars: ✭ 122 (-90.41%)
KeepassbrowserimporterKeePass 2.x plugin which imports credentials from various browsers.
Stars: ✭ 139 (-89.07%)
webextensionDetect secrets in your request/response using secretlint.
Stars: ✭ 40 (-96.86%)
Magento-2-aws-cluster-terraformMagento 2 AWS autoscaling cluster with Terraform and Packer or ImageBuilder. Adobe Commerce Cloud alternative. The best ecommerce infrastructure. Drive more sales online. Transparent billing. Developer-friendly. No hidden bottlenecks.
Stars: ✭ 107 (-91.59%)
pscale-workflow-helper-scriptsWorkflows and helper scripts around the PlanetScale DB workflow to automate database branch creation, association, update and merge directly out of your pull/merge request or favourite CI/CD.
Stars: ✭ 42 (-96.7%)
pyarkCyberArk Enterprise Password Vault API CLI tool
Stars: ✭ 25 (-98.03%)
IMAPLoginTesterA simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Stars: ✭ 47 (-96.31%)
Cfn Secret ProviderA CloudFormation custom resource provider for deploying secrets and keys
Stars: ✭ 125 (-90.17%)
wifiqrCreate a QR code with your Wi-Fi login details
Stars: ✭ 207 (-83.73%)
macaroons-rsMacaroons: bearer credentials with caveats for distributed authorization
Stars: ✭ 62 (-95.13%)
tryceratopsA linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (-70.05%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-88.99%)
Git-SecretGo scripts for finding sensitive data like API key / some keywords in the github repository
Stars: ✭ 156 (-87.74%)
vault-token-helper@hashicorp Vault Token Helper for macOS, Linux and Windows with support for secure token storage and multiple Vault servers 🔐
Stars: ✭ 74 (-94.18%)