Devsecops

122 projects

Showing 36 of 123 projects

A scanner that detects JavaScript libraries with known vulnerabilities and can generate a Software Bill of Materials (SBOM).

#sbom#vulnerabilities#owasp

An open-source Cloud Security Posture Management (CSPM) tool that scans AWS, Azure, GCP, Oracle, and GitHub for security misconfigurations.

#aws-security#compliance-auditing#infrastructure-security

Stars3.7k

Forks744

Last commit3 months ago

CloudGoatPython

A 'Vulnerable by Design' cloud deployment tool for creating and completing capture-the-flag style security scenarios on AWS and Azure.

#vulnerable-lab#aws-security#security-training

Stars3.6k

Forks753

Last commit1 month ago

Network-segmentation-cheat-sheet

A comprehensive guide with diagrams and best practices for implementing corporate network segmentation across four security maturity levels.

#network-isolation#segmentation-network#attack-prevention

Stars3.5k

Forks284

Last commit4 months ago

Deepfence SecretScannerGo

A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.

#scanning-tool#container-security#passwords

Stars3.4k

Forks347

Last commit3 months ago

TellerRust

A universal secret manager CLI for developers that centralizes secrets from multiple providers and prevents secret sprawl.

#environment-variables#rust-lang#secrets-management

Stars3.2k

Forks199

Last commit4 months ago

OpenRASPC++

Open source Runtime Application Self-Protection (RASP) solution that integrates security directly into application servers via instrumentation.

#php-security#waf#web-security

Stars3.0k

Forks620

Last commit8 months ago

bundle-auditRuby

A security audit tool for Ruby projects that checks Gemfile.lock for vulnerable gem versions and insecure sources.

#dependency-checker#patch-management#bundler-audit

Stars2.8k

Forks245

Last commit5 days ago

BearerGo

A static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

#privacy-compliance#code-security#data-flow-analysis

Static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

#privacy-compliance#code-security#data-flow-analysis

Stars2.7k

Forks142

Last commit1 day ago

KICSOpen Policy Agent

KICS is an open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in Infrastructure as Code.

#hacktoberfest#kubernetes#security-scanning

Stars2.6k

Forks373

Last commit10 days ago

driftctlGo

A CLI tool that scans cloud infrastructure to detect, track, and alert on drift from Terraform IaC definitions.

#hacktoberfest#infrastructure-drift#azure

Stars2.6k

Forks185

Last commit25 days ago

Find Security BugsJava

A SpotBugs plugin for detecting security vulnerabilities in Java web and Android applications.

#taint-analysis#owasp#spotbugs-plugin

Stars2.4k

Forks481

Last commit2 months ago

cicd-goatPython

A deliberately vulnerable CI/CD environment with 11 challenges to learn and practice CI/CD security.

#security-training#jenkins#devops

Stars2.3k

Forks410

Last commit1 year ago

policy_sentryPython

Automatically generate least-privilege IAM policies for AWS by specifying resource ARNs and access levels.

#aws-security#hacktoberfest#salesforce

Stars2.2k

Forks152

Last commit6 days ago

Policy SentryPython

Automatically generate least-privilege IAM policies for AWS based on resource ARNs and access levels.

#aws-security#hacktoberfest#salesforce

Stars2.2k

Forks152

Last commit6 days ago

sobelowElixir

Security-focused static analysis tool for Elixir and Phoenix applications, detecting common vulnerabilities.

#elixir#phoenix-framework#vulnerability-detection

Stars1.8k

Forks122

Last commit1 year ago

Awesome Threat ModellingDockerfile

A curated list of threat modeling resources including books, courses, videos, tools, tutorials, and examples for learning and practicing threat modeling.

#owasp#awesome-list#risk-assessment

A curated list of DevSecOps tools, resources, and training materials for integrating security into the development lifecycle.

#supply-chain-security#hacktoberfest#security-training

Stars1.7k

Forks241

Last commit1 year ago

open-appsecC++

A machine learning security engine that preemptively prevents web app and API threats using supervised and unsupervised models.

#owasp-top-10#self-hosted-security#zero-day-protection

Stars1.6k

Forks124

Last commit13 days ago

Principal Mapper (PMapper)Python

A tool for quickly evaluating IAM permissions and identifying security risks in AWS accounts through graph-based analysis.

#python-tool#botocore#cloudsecurity

Stars1.6k

Forks197

Last commit1 year ago

Secrets Patterns DatabasePython

The largest open-source database of regex patterns for detecting secrets, API keys, passwords, and tokens in code.

#secret-detection#regex-patterns#regex

Stars1.5k

Forks186

Last commit10 months ago

LunaSecTypeScript

Open-source supply chain security scanner that automatically detects vulnerabilities like Log4Shell in dependencies and notifies via GitHub pull requests.

#supply-chain-security#zero-trust#web-security

Stars1.5k

Forks167

Last commit2 years ago

WrongSecretsJava

An OWASP training app with 62 challenges demonstrating real-world secrets management mistakes and how to find them.

#security-training#vulnerable-app#owasp

Stars1.4k

Forks568

Last commit7 days ago

AllStarGo

A GitHub App that continuously monitors and enforces security policies across organizations and repositories.

#github-app#code-security#openssf

Stars1.4k

Forks148

Last commit6 days ago

OWASP NoirCrystal

An AI-powered tool that analyzes source code to discover every endpoint, exposing shadow APIs and mapping the complete attack surface for security testing.

#shadow api#hacktoberfest#endpoints

Stars1.3k

Forks132

Last commit1 day ago

Stelligent/cfn_nagRuby

A linting tool that scans AWS CloudFormation templates for insecure infrastructure patterns and security violations.

#cloudformation-templates#continuous-testing#devops

Stars1.3k

Forks209

Last commit1 year ago

pip-auditPython

Audits Python environments, requirements files, and dependency trees for known security vulnerabilities and can automatically fix them.

#sbom#vulnerability-management#security

Stars1.3k

Forks99

Last commit10 days ago

TerragoatHCL

A vulnerable-by-design Terraform repository for learning cloud security misconfigurations across AWS, Azure, and GCP.

#aws-security#security-training#vulnerable-by-design

Stars1.3k

Forks5.8k

Last commit11 months ago

DagdaPython

A tool for static vulnerability analysis and runtime monitoring of Docker images and containers to detect malware and anomalous activities.

#vulnerabilities#container-monitoring#runtime-security

A CLI tool that audits API specifications, validates OpenAPI compliance, and runs security tests to prevent undefined user behavior.

#firecracker#business-logic#cyber

Stars1.2k

Forks83

Last commit1 year ago

SonarJavaJava

A static analyzer for Java that detects code quality issues, security vulnerabilities, and bugs with over 600 rules.

#quality#code-smells#analyzer

Stars1.2k

Forks727

Last commit1 day ago

Harden Runner GitHub ActionTypeScript

A CI/CD security agent that monitors GitHub Actions runners for threats like network egress, file integrity, and process activity.

#supply-chain-security#actions#runners

Stars1.2k

Forks107

Last commit14 days ago

kingfisherRust

A high-performance open-source secret scanner with live validation, blast radius mapping, and 700+ detection rules for code, Git, CI, cloud, and SaaS platforms.

#scanning#blast-radius-mapping#secrets-management

Stars1.1k

Forks103

Last commit