Daytonaa vault client, but for containers and servers.
Stars: β 255 (+162.89%)
StrongboxA secret manager for AWS
Stars: β 243 (+150.52%)
Cfn nagLinting tool for CloudFormation templates
Stars: β 808 (+732.99%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: β 602 (+520.62%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: β 128 (+31.96%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: β 191 (+96.91%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: β 3,572 (+3582.47%)
HuskyciPerforming security tests inside your CI
Stars: β 398 (+310.31%)
Jsprimea javascript static security analysis tool
Stars: β 556 (+473.2%)
SalusSecurity scanner coordinator
Stars: β 441 (+354.64%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: β 915 (+843.3%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: β 596 (+514.43%)
AmdhAndroid Mobile Device Hardening
Stars: β 95 (-2.06%)
Kube Secret SyncerA Kubernetes operator to sync secrets from AWS Secrets Manager
Stars: β 154 (+58.76%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: β 213 (+119.59%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: β 216 (+122.68%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: β 360 (+271.13%)
SkyarkSkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Stars: β 526 (+442.27%)
GosecGolang security checker
Stars: β 5,694 (+5770.1%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: β 93 (-4.12%)
Deprecated Patrol Rules AwsA set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.
Stars: β 16 (-83.51%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: β 509 (+424.74%)
Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: β 64 (-34.02%)
CloudfruntA tool for identifying misconfigured CloudFront domains
Stars: β 281 (+189.69%)
CfripperLibrary and CLI tool for analysing CloudFormation templates and check them for security compliance.
Stars: β 265 (+173.2%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: β 3,873 (+3892.78%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: β 6,281 (+6375.26%)
SecretscannerFind secrets and passwords in container images and file systems
Stars: β 895 (+822.68%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: β 207 (+113.4%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: β 4,561 (+4602.06%)
ConsolemeA Central Control Plane for AWS Permissions and Access
Stars: β 2,631 (+2612.37%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: β 2,687 (+2670.1%)
SmogcloudFind cloud assets that no one wants exposed π βοΈ
Stars: β 168 (+73.2%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: β 100 (+3.09%)
TfsecSecurity scanner for your Terraform code
Stars: β 3,622 (+3634.02%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: β 218 (+124.74%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: β 255 (+162.89%)
T VaultSimplified secrets management solution
Stars: β 316 (+225.77%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: β 254 (+161.86%)
WhalerProgram to reverse Docker images into Dockerfiles
Stars: β 670 (+590.72%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: β 83 (-14.43%)
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: β 90 (-7.22%)
UnimportA linter, formatter for finding and removing unused import statements.
Stars: β 96 (-1.03%)
Password LeakA library to check for compromised passwords
Stars: β 92 (-5.15%)
Securify2Securify v2.0
Stars: β 92 (-5.15%)
Jpacman FrameworkPacman-inspired game, for teaching testing purposes.
Stars: β 95 (-2.06%)
FlorentinoFast Static File Analysis Framework
Stars: β 92 (-5.15%)
S3 Beamπ direct-to-S3 uploading using ClojureScript
Stars: β 91 (-6.19%)
Laravel Plain SqsCustom SQS connector for Laravel (or Lumen) that supports third-party, plain JSON messages
Stars: β 91 (-6.19%)
SystemdloggerExports systemd logs to an external service, eg cloudwatch, elasticsearch
Stars: β 91 (-6.19%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: β 97 (+0%)
Ops Aws VpnServerless OpenVPN Certificate Authority running on AWS
Stars: β 97 (+0%)
Instance ManagerCreate and manage instance groups with Kubernetes
Stars: β 95 (-2.06%)