LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+1514.31%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-53.89%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (-36.22%)
Gg Shield ActionGitGuardian Shield GitHub Action - Find exposed credentials in your commits
Stars: ✭ 248 (-56.18%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+374.73%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+26.33%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-71.38%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-39.93%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-49.12%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (-55.12%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+705.83%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+222.26%)
K3supbootstrap Kubernetes with k3s over SSH < 1 min 🚀
Stars: ✭ 4,012 (+608.83%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-80.39%)
KubesphereThe container platform tailored for Kubernetes multi-cloud, datacenter, and edge management ⎈ 🖥 ☁️
Stars: ✭ 8,315 (+1369.08%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+1462.54%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+465.02%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-62.37%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+40.64%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+51.41%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-36.57%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-87.28%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-66.96%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+395.05%)
OpenebsLeading Open Source Container Attached Storage, built using Cloud Native Architecture, simplifies running Stateful Applications on Kubernetes.
Stars: ✭ 7,277 (+1185.69%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-24.56%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-95.41%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (-38.87%)
posteeSimple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
Stars: ✭ 160 (-71.73%)
Meetup【❤️ 互联网最全大厂技术分享PPT 👍🏻 持续更新中!】🍻各大技术交流会、活动资料汇总 ,如 👉QCon👉全球运维技术大会 👉 GDG 👉 全球技术领导力峰会👉大前端大会👉架构师峰会👉敏捷开发DevOps👉OpenResty👉Elastic,欢迎 PR / Issues
Stars: ✭ 542 (-4.24%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+1321.55%)
galaxykubePolarDB-X Operator is a Kubernetes extension that aims to create and manage PolarDB-X cluster on Kubernetes.
Stars: ✭ 65 (-88.52%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (-9.36%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-8.66%)
humbleA humble, and fast, security-oriented HTTP headers analyzer
Stars: ✭ 17 (-97%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (-95.58%)
netmakerNetmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Stars: ✭ 4,147 (+632.69%)
docker-wallarm-node⚡️ Docker official image for Wallarm Node. API security platform agent.
Stars: ✭ 18 (-96.82%)
kcare-ucheckerA simple tool to detect outdated shared libraries
Stars: ✭ 174 (-69.26%)
vclustervcluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
Stars: ✭ 1,360 (+140.28%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-93.64%)
ApisixThe Cloud-Native API Gateway
Stars: ✭ 7,920 (+1299.29%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-87.81%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-54.95%)
RainbondCloud-native and easy-to-use application management platform | 云原生且易用的应用管理平台
Stars: ✭ 2,871 (+407.24%)
siddhi-operatorOperator allows you to run stream processing logic directly on a Kubernetes cluster
Stars: ✭ 16 (-97.17%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-50.71%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (-1.77%)
Carvel Kappkapp is a simple deployment tool focused on the concept of "Kubernetes application" — a set of resources with the same label
Stars: ✭ 489 (-13.6%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (-45.05%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-44.52%)
AdaptReactJS for your infrastructure. Create and deploy full-stack apps to any infrastructure using the power of React.
Stars: ✭ 317 (-43.99%)
Ssh Mitmssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
Stars: ✭ 335 (-40.81%)