591 Open source projects that are alternatives of or similar to Kccss

kube-scan: Octarine k8s cluster risk assessment tool

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.

Identify hardcoded secrets and dangerous behaviours

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Identify vulnerabilities in running containers, images, hosts and repositories

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Find leaked secrets via github search

🐞 Primitive Erlang Security Tool

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

This repository contains information about DevSecOps and how to get involved in this community effort.

Workflows for automation of AWS services setup from Github CI/CD

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Unit testing framework for test driven security of AWS, GCP, Heroku and more.

An open-registry for hosting Jina executors via container images

A curated list of tutorials and labs for learning cloud native concepts

A curated list of Microservice Architecture related principles and technologies.

Threading, Resiliency and Monitoring for Java EE 7/8

Kubernetes Helm chart to deploy HA Postgresql cluster based on Stolon

A curated list for awesome cloud native tools, software and tutorials. - https://jimmysong.io/awesome-cloud-native/

Integration between Cloudfoundry and the Spring Cloud APIs

Kogito examples - Kogito is a cloud-native business automation technology for building cloud-ready business applications.

Run Elasticsearch in Kubernetes

微服务(Microservices)和云原生架构教学案例项目，基于Spring Boot和Kubernetes技术栈

Storage Orchestration for Kubernetes

Cloud Native ML/DL Platform

Stream Processing and Complex Event Processing Engine

Micro is a distributed cloud operating system

GNES is Generic Neural Elastic Search, a cloud-native semantic search system based on deep neural network.

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Zenko CloudServer, an open-source Node.js implementation of the Amazon S3 protocol on the front-end and backend storage capabilities to multiple clouds, including Azure and Google.

High-Performance server for NATS.io, the cloud and edge native messaging system.

IotShark - Monitoring and Analyzing IoT Traffic

Distributed tracing for spring cloud

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A command line security audit tool for Amazon Web Services

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Kubernetes中文指南/云原生应用架构实践手册 - https://jimmysong.io/kubernetes-handbook

VOIP Security Audit Framework

Collection of the most common vulnerabilities found in iOS applications

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Container Service for VMware vCloud Director

CLI for searching Rego policies

The Labs for Cloud Native Roadshow on OpenShift https://www.openshift.com/

A flexible and easy way to connect and extend enterprise applications in a cloud-native world

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

Infrastructure turn-key solution for app service workloads

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Подборка выступлений и публикаций на тему DevSecOps на русском и не только)

Run Cloud Native workflows on any environment using Dapr

Scripts to gather system configuration information for offline/remote auditing