295 Open source projects that are alternatives of or similar to MixewayHub

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Identify vulnerabilities in running containers, images, hosts and repositories

Improve your code security by running different security checks/validation in a simple way.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

GitHub Advance Security Compliance Action

Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

secureCodeBox (SCB) - continuous secure delivery out of the box

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Centralize Vulnerability Assessment and Management for DevSecOps Team

All that is required to run MobSF in the ci

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Install Kali Linux Tools & Others on your Linux.

Kraken CI is a continuous integration and testing system.

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

Laravel 8 boilerplate project with Fortify + Vue 3 + Bootstrap 5

Our Library of GitHub Actions

Deployment template for a continuous training pipeline.

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Fast-track your developers and devops engineers by allowing them to programmatically copy-paste / deploy changes and work offline

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬

Terraform module that creates an S3 bucket with an optional IAM user for external CI/CD systems

A schema and set of tools for using SQL to query cloud infrastructure.

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

This is a simple auth starter setup for laravel 8 projects using bootstrap and laravel fortify

CLI to interact with Kondukto

A version number manager

Advanced Reconnaissance tool to enumerate attacking surface of the target.

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.

Action to set up AWS SAM CLI and add it to the PATH

Ultimate DevSecOps library

Hourly updated database of exploit and exploitation reports

MCW OSS PaaS and DevOps

Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

Ansible role for Ubuntu 2004 CIS Baseline

Kubedock is a minimal implementation of the docker api that will orchestrate containers on a Kubernetes cluster, rather than running containers locally.

Reusable iOS script for Travis CI with Slack, Testflight, HockeyApp support

A Django + Vue reference project that focuses on developer tooling and CI/CD + IaC

This repository provides a general DevOps practices such MSA, IaC, CICD and Monitoring. AWS various services are used to provide DevOps best practices.

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

The goal of this program is to quickly pull and install repos from its list

The Solutions Delivery Platform runtime pipeline framework

♾️ CML - Continuous Machine Learning | CI/CD for ML

☔ Integrate and observe the results of your CI/CD pipeline tools

DevSecOps Toolchain

📗🌐 🚢 Comprehensive and exhaustive JavaScript & Node.js testing best practices (August 2021)

Automatically deploy your project to GitHub Pages using GitHub Actions. This action can be configured to push your production-ready code into any branch you'd like.

'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.

开源运维平台：面向中小型企业设计的轻量级无Agent的自动化运维平台，整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。