gopass by gopasspw

The slightly more awesome standard unix password manager for teams

created at Feb. 2, 2017, 12:33 p.m.

79 +0

5,681 +6

475 +0

scanner-cli by hawkeyesec

A project security/vulnerability/risk scanning tool

created at March 18, 2017, 3:24 p.m.

19 +0

359 +0

89 +0

regula by fugue

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego

created at Dec. 17, 2019, 2:27 p.m.

30 +0

936 +2

106 +0

kics by Checkmarx

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

created at July 8, 2020, 9:46 p.m.

25 +0

1,924 +9

286 +0

appsec-education by duo-labs

Presentations, training modules, and other education materials from Duo Security's Application Security team.

created at Oct. 22, 2019, 4:40 p.m.

9 +0

67 +0

14 +0

netz by SpectralOps

Discover internet-wide misconfigurations while drinking coffee

created at March 3, 2021, 6:47 p.m.

14 +0

376 +1

46 +0

detect-secrets by Yelp

An enterprise friendly way of detecting and preventing secrets in code.

created at Dec. 5, 2017, 12:38 a.m.

48 +0

3,508 +16

436 +1

preflight by SpectralOps

preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.

created at April 29, 2021, 10:37 a.m.

6 +0

150 +0

45 +0

tfsec by aquasecurity

Security scanner for your Terraform code

created at March 4, 2019, 4:56 p.m.

71 +0

6,589 +6

530 +0

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

created at Sept. 19, 2014, 2:53 p.m.

156 +0

9,651 +20

9,526 +49

keyscope by SpectralOps

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

created at Oct. 1, 2021, 12:01 p.m.

17 +0

377 +0

119 +0

cosign by sigstore

Code signing and transparency for containers and binaries

created at Feb. 4, 2021, 12:49 p.m.

51 -1

4,148 +19

497 -1

fulcio by sigstore

Sigstore OIDC PKI

created at Feb. 23, 2021, 3:19 p.m.

17 +0

610 +2

127 +1

rekor by sigstore

Software Supply Chain Transparency Log

created at June 17, 2020, 12:04 p.m.

18 +0

840 +2

156 +0

trufflehog by trufflesecurity

Find and verify secrets

created at Dec. 31, 2016, 5:08 a.m.

167 +1

14,096 +66

1,532 +4

terrascan by tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

created at Sept. 11, 2017, 3:11 a.m.

68 +1

4,538 +4

495 +1

teller by tellerops

Cloud native secrets management for developers - never leave your command line for secrets.

created at March 24, 2021, 10:49 a.m.

28 +2

2,563 +7

166 +1

harden-runner by step-security

Network egress filtering and runtime security for GitHub-hosted and self-hosted runners

created at Oct. 28, 2021, 4:58 p.m.

6 -1

533 +2

41 +0

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

153 +1

15,400 +27

1,326 +1

selefra by selefra

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

created at March 21, 2023, 4:28 p.m.

6 +0

510 +0

36 +0