276 Open source projects that are alternatives of or similar to Kics

An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS

All-in-one tool for managing vulnerability reports from AppSec pipelines

Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

The OWASP ZAP core project

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

💥 Catapult is a DevOps website management platform for development teams.

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

Terraform AWS Auto Scaling Stack

Tools for managing DNS across multiple providers

The Render Farm Deployment Kit on AWS is a library for use with the AWS Cloud Development Kit that helps you define your render farm cloud infrastructure as code.

The Modern Application Platform.

AWS Lambda using Terraform., an Introductory Cookbook

The OWASP ZAP Heads Up Display (HUD)

Configuration management tool inspired by Chef, but simpler and lightweight. Formerly known as Lightchef.

Kumogata is a tool for AWS CloudFormation. It can define a template in Ruby DSL.

A Terraform module to create and maintain Kubernetes clusters on AWS easily, relying entirely on kops

This project is about creating and publishing threat model examples.

Example on how to create a AWS Lambda triggered by SQS in Terraform

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

⚖️Technical Oversight Committee (TOC)

Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Terraform Best Practices for AWS users

Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code

The simplest, most powerful way to build serverless applications

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols

AWS Workshop for Kubernetes

Terraform module for creating Kubernetes cluster running on Container Linux by CoreOS in an AWS VPC

Terraform automation for Cloud

A vulnerable version of Rails that follows the OWASP Top 10

Oversecured Vulnerable Android App

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

A tool for managing complex enterprise Kubernetes environments as code.

Manage Infrastructure as Code with less pain.

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

An application to assist in the organization and prioritization of software security activities.

🚀 Geodesic is a DevOps Linux Distro. We use it as a cloud automation shell. It's the fastest way to get up and running with a rock solid Open Source toolchain. ★ this repo! https://slack.cloudposse.com/

Infrastructure As Code Tutorial. Covers Packer, Terraform, Ansible, Vagrant, Docker, Docker Compose, Kubernetes

An enterprise-grade vendor-agnostic network automation platform.

A Table of Contents of all Gruntwork Code

A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.

Manage federated learning workload using cloud native technologies.

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Ansible module for Goss

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

KubeCon-CloudNativeCon-North-America-2018's slides. / 2018北美CNCF大会PPT。

CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code

Automate and expose complex infrastructure tasks to teams and services.

A Terraform provider for Kubernetes that uses dynamic resource types and server-side apply. Supports all Kubernetes resources.

A Clojure wrapper for the AWS Cloud Development Kit (AWS CDK)

DEPRECATED - no longer actively maintained. New repository: https://github.com/HewlettPackard/oneview-python

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

🎯 RFI/LFI Payload List

Automate application management on Kubernetes (project under CNCF)

Like Prometheus, but for logs.

mimic: Define your Deployments, Infrastructure and Configuration as a Go Code 🚀

Bootstrap Kubernetes the Ansible way on Everything (here: Vagrant). Inspired by Kelsey Hightower´s kubernetes-the-hard-way, but refactored to Infrastructure-as-Code.