ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (-43.31%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+13.56%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (-55.61%)
cis benchmarks auditSimple command line tool to check for compliance against CIS Benchmarks
Stars: ✭ 182 (-97.74%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (-98.14%)
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
Stars: ✭ 83 (-98.97%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (-95.7%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-99.48%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (-98.04%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (-84.33%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (-84.85%)
Wazuh DockerWazuh - Docker containers
Stars: ✭ 213 (-97.35%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (-54.98%)
cb-spiderCB-Spider provides a unified view and single interface for multi-cloud management.
Stars: ✭ 26 (-99.68%)
DevSecOpsUltimate DevSecOps library
Stars: ✭ 4,450 (-44.69%)
My LinksKnowledge seeks no man
Stars: ✭ 311 (-96.13%)
Go CloudThe Go Cloud Development Kit (Go CDK): A library and tools for open cloud development in Go.
Stars: ✭ 8,124 (+0.97%)
authA GitHub Action for authenticating to Google Cloud.
Stars: ✭ 567 (-92.95%)
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (-99.24%)
G ScoutGoogle Cloud Platform Security Tool
Stars: ✭ 210 (-97.39%)
Awesome Iam👤 Identity and Access Management Knowledge for Cloud Platforms
Stars: ✭ 186 (-97.69%)
HayatHayat is a script for report and analyze Google Cloud Platform resources.
Stars: ✭ 55 (-99.32%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (-97.99%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-99.18%)
WazuhWazuh - The Open Source Security Platform
Stars: ✭ 3,154 (-60.8%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-98.66%)
Immudbimmudb - world’s fastest immutable database, built on a zero trust model
Stars: ✭ 3,743 (-53.48%)
cloudpodsA cloud-native open-source unified multi-cloud and hybrid-cloud platform. 开源、云原生的多云管理及混合云融合平台
Stars: ✭ 1,469 (-81.74%)
tfquerytfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
Stars: ✭ 297 (-96.31%)
Cloud CustodianRules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Stars: ✭ 3,926 (-51.21%)
Gdpr TrackerA crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors
Stars: ✭ 142 (-98.24%)
Cloudquerycloudquery transforms your cloud infrastructure into SQL or Graph database for easy monitoring, governance and security.
Stars: ✭ 1,300 (-83.84%)
gtokenSecurely access AWS services from GKE cluster
Stars: ✭ 43 (-99.47%)
GimmeCreating time bound IAM Conditions with ease and flair
Stars: ✭ 92 (-98.86%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-98.62%)
cliThe universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Stars: ✭ 811 (-89.92%)
DatabunkerSecure storage for personal records built to comply with GDPR
Stars: ✭ 122 (-98.48%)
awesome-rails-securityA curated list of security resources for a Ruby on Rails application
Stars: ✭ 36 (-99.55%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-99.14%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-96.83%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (-99.42%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-92.97%)
Skf FlaskSecurity Knowledge Framework (SKF) Python Flask / Angular project
Stars: ✭ 573 (-92.88%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-99.7%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (-83.37%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (-60.25%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (-89.87%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-99.8%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-99.32%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+9.92%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-99.11%)
OpencspmOpen Cloud Security Posture Management Engine
Stars: ✭ 191 (-97.63%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-98.92%)