Topic: devsecops Goto Github
Some thing interesting about devsecops
Some thing interesting about devsecops
devsecops,This repo includes Books and imp notes related to GCP, Azure, AWS, Docker, K8s, and DevOps. More, exam and interview prep notes.
User: ahmedtariq01
devsecops,CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
User: ajinabraham
Home Page: https://opensecurity.in
devsecops,nodejsscan is a static security code scanner for Node.js applications.
User: ajinabraham
Home Page: https://opensecurity.in
devsecops,Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
Organization: akto-api-security
Home Page: https://www.akto.io/
devsecops,Tfsec is now part of Trivy
Organization: aquasecurity
Home Page: https://aquasecurity.github.io/trivy/
devsecops,Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Organization: aquasecurity
Home Page: https://aquasecurity.github.io/trivy
devsecops,ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
Organization: archerysec
Home Page: https://www.archerysec.com/
devsecops,《深入理解CodeQL》Finding vulnerabilities with CodeQL.
Organization: astteam
devsecops,Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Organization: bearer
Home Page: https://docs.bearer.com
devsecops,TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Organization: bridgecrewio
Home Page: https://www.bridgecrew.io/
devsecops,🛡️ Open-source and next-generation Web Application Firewall (WAF)
Organization: bunkerity
Home Page: https://www.bunkerweb.io
devsecops,Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Organization: checkmarx
Home Page: https://kics.io
devsecops,ContainerSSH: Launch containers on demand
Organization: containerssh
Home Page: https://containerssh.io/
devsecops,:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
Organization: deepfence
Home Page: https://deepfence.io
devsecops,Open Source Cloud Native Application Protection Platform (CNAPP)
Organization: deepfence
Home Page: https://deepfence.io
devsecops,🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Organization: deepfence
Home Page: https://deepfence.io/
devsecops, DevSecOps, ASPM, Vulnerability Management. All on one platform.
Organization: defectdojo
Home Page: https://defectdojo.com
devsecops,Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Organization: dependencytrack
Home Page: https://dependencytrack.org/
devsecops,An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Organization: devsecops
Home Page: http://devsecops.org
devsecops,Enterprise-ready zero-trust access platform built on WireGuard®.
Organization: firezone
Home Page: https://www.firezone.dev
devsecops,Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Organization: gitguardian
Home Page: https://gitguardian.com
devsecops,Protect and discover secrets using Gitleaks 🔑
Organization: gitleaks
Home Page: https://gitleaks.io
devsecops,Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Organization: gravitl
Home Page: https://netmaker.io
devsecops,Awesome PHP Security Resources 🕶🐘🔐
Organization: guardrailsio
devsecops,🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
User: hahwul
Home Page: https://dalfox.hahwul.com
devsecops,♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
User: hahwul
devsecops,A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Organization: hysnsec
Home Page: https://www.practical-devsecops.com/devsecops-university/
devsecops,Open Source Vulnerability Management Platform
Organization: infobyte
Home Page: https://www.faradaysec.com
devsecops,The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Organization: intel
Home Page: https://cve-bin-tool.readthedocs.io/en/latest/
devsecops,Curating the best DevSecOps resources and tooling.
User: jakobthedev
devsecops,ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
User: jonrau1
devsecops,Awesome Trainings from Cloud Native Computing Foundation Projects and Kubernetes related software
User: joseadanof
devsecops,Checklist for container security - devsecops practices
User: krol3
Home Page: https://krol3.github.io/container-security-checklist/
devsecops,LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Organization: lunasec-io
Home Page: https://www.lunasec.io/
devsecops,Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
User: madhuakula
Home Page: https://madhuakula.com/kubernetes-goat
devsecops,Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Organization: mobsf
Home Page: https://opensecurity.in
devsecops,OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Organization: owasp-dep-scan
Home Page: https://owasp.org/www-project-dep-scan/
devsecops,Vulnerable app with examples showing how to not use secrets
Organization: owasp
Home Page: https://owasp.org/www-project-wrongsecrets/
devsecops,Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
Organization: praetorian-inc
devsecops,🧵 CLI tool for directly patching container images!
Organization: project-copacetic
Home Page: https://project-copacetic.github.io/copacetic/
devsecops,Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Organization: prowler-cloud
Home Page: https://prowler.com
devsecops,Ultimate DevSecOps library
User: sottlmarek
devsecops,Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Organization: tenable
Home Page: https://runterrascan.io
devsecops,Find, verify, and analyze leaked credentials
Organization: trufflesecurity
Home Page: https://trufflesecurity.com
devsecops,Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
Organization: turbot
Home Page: https://steampipe.io
devsecops,A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
User: we5ter
devsecops,OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Organization: xmirrorsecurity
Home Page: https://opensca.xmirror.cn
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.