FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+3897.5%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+2307.5%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-10%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+202.5%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+797.5%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-13.75%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+10955%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+351.25%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (-68.75%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+353.75%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-65%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (+78.75%)
workshop-devsecopsLa intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …
Stars: ✭ 14 (-82.5%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+248.75%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+133.75%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (+31.25%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+102.5%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+2152.5%)
mobsf-ciAll that is required to run MobSF in the ci
Stars: ✭ 37 (-53.75%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+1476.25%)
kali-my-linuxInstall Kali Linux Tools & Others on your Linux.
Stars: ✭ 37 (-53.75%)
krakenKraken CI is a continuous integration and testing system.
Stars: ✭ 87 (+8.75%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+332.5%)
vurtifyLaravel 8 boilerplate project with Fortify + Vue 3 + Bootstrap 5
Stars: ✭ 61 (-23.75%)
actionsOur Library of GitHub Actions
Stars: ✭ 49 (-38.75%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+256.25%)
sfmc-devtoolsFast-track your developers and devops engineers by allowing them to programmatically copy-paste / deploy changes and work offline
Stars: ✭ 94 (+17.5%)
burp-aem-scannerBurp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (-25%)
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
Stars: ✭ 83 (+3.75%)
terraform-aws-s3-bucketTerraform module that creates an S3 bucket with an optional IAM user for external CI/CD systems
Stars: ✭ 138 (+72.5%)
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (-23.75%)
vilicusVilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Stars: ✭ 82 (+2.5%)
lara8authThis is a simple auth starter setup for laravel 8 projects using bootstrap and laravel fortify
Stars: ✭ 11 (-86.25%)
kdtCLI to interact with Kondukto
Stars: ✭ 18 (-77.5%)
versioA version number manager
Stars: ✭ 63 (-21.25%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-66.25%)
ggshield-actionGitGuardian Shield GitHub Action - Find exposed credentials in your commits
Stars: ✭ 304 (+280%)
nmap-formatterA tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
Stars: ✭ 129 (+61.25%)
setup-samAction to set up AWS SAM CLI and add it to the PATH
Stars: ✭ 107 (+33.75%)
DevSecOpsUltimate DevSecOps library
Stars: ✭ 4,450 (+5462.5%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+58.75%)
ggshieldFind and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Stars: ✭ 1,272 (+1490%)
UBUNTU20-CISAnsible role for Ubuntu 2004 CIS Baseline
Stars: ✭ 136 (+70%)
kubedockKubedock is a minimal implementation of the docker api that will orchestrate containers on a Kubernetes cluster, rather than running containers locally.
Stars: ✭ 79 (-1.25%)
travis-ios-scriptReusable iOS script for Travis CI with Slack, Testflight, HockeyApp support
Stars: ✭ 40 (-50%)
django-step-by-stepA Django + Vue reference project that focuses on developer tooling and CI/CD + IaC
Stars: ✭ 86 (+7.5%)
aws-ecs-devops-using-aws-cdkThis repository provides a general DevOps practices such MSA, IaC, CICD and Monitoring. AWS various services are used to provide DevOps best practices.
Stars: ✭ 110 (+37.5%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+9957.5%)
RapidRepoPullThe goal of this program is to quickly pull and install repos from its list
Stars: ✭ 40 (-50%)
Cml♾️ CML - Continuous Machine Learning | CI/CD for ML
Stars: ✭ 2,843 (+3453.75%)
swingletree☔ Integrate and observe the results of your CI/CD pipeline tools
Stars: ✭ 14 (-82.5%)
Github Pages Deploy ActionAutomatically deploy your project to GitHub Pages using GitHub Actions. This action can be configured to push your production-ready code into any branch you'd like.
Stars: ✭ 2,507 (+3033.75%)
perimeterator'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
Stars: ✭ 59 (-26.25%)
Spug开源运维平台:面向中小型企业设计的轻量级无Agent的自动化运维平台,整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。
Stars: ✭ 6,810 (+8412.5%)