gopass by gopasspw

The slightly more awesome standard unix password manager for teams

created at Feb. 2, 2017, 12:33 p.m.

79 +1

5,675 +8

475 +0

scanner-cli by hawkeyesec

A project security/vulnerability/risk scanning tool

created at March 18, 2017, 3:24 p.m.

19 +0

359 +1

89 +0

regula by fugue

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego

created at Dec. 17, 2019, 2:27 p.m.

30 +0

934 +0

106 +0

kics by Checkmarx

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

created at July 8, 2020, 9:46 p.m.

25 +0

1,915 +6

286 +0

appsec-education by duo-labs

Presentations, training modules, and other education materials from Duo Security's Application Security team.

created at Oct. 22, 2019, 4:40 p.m.

9 +0

67 +0

14 +0

netz by SpectralOps

Discover internet-wide misconfigurations while drinking coffee

created at March 3, 2021, 6:47 p.m.

14 +0

375 +1

46 +0

detect-secrets by Yelp

An enterprise friendly way of detecting and preventing secrets in code.

created at Dec. 5, 2017, 12:38 a.m.

48 +0

3,492 +7

435 +2

preflight by SpectralOps

preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.

created at April 29, 2021, 10:37 a.m.

6 +0

150 +0

45 +0

tfsec by aquasecurity

Security scanner for your Terraform code

created at March 4, 2019, 4:56 p.m.

71 +0

6,583 +7

530 +1

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

created at Sept. 19, 2014, 2:53 p.m.

156 +0

9,631 +42

9,477 +78

keyscope by SpectralOps

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

created at Oct. 1, 2021, 12:01 p.m.

17 +0

377 +1

119 +0

cosign by sigstore

Code signing and transparency for containers and binaries

created at Feb. 4, 2021, 12:49 p.m.

52 +0

4,129 +14

498 +0

fulcio by sigstore

Sigstore OIDC PKI

created at Feb. 23, 2021, 3:19 p.m.

17 +0

608 +1

126 +1

rekor by sigstore

Software Supply Chain Transparency Log

created at June 17, 2020, 12:04 p.m.

18 +0

838 +0

156 +0

trufflehog by trufflesecurity

Find and verify secrets

created at Dec. 31, 2016, 5:08 a.m.

166 +0

14,030 +37

1,528 +8

terrascan by tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

created at Sept. 11, 2017, 3:11 a.m.

67 +0

4,534 +7

494 +2

teller by tellerops

Cloud native secrets management for developers - never leave your command line for secrets.

created at March 24, 2021, 10:49 a.m.

26 +0

2,556 +5

165 +0

harden-runner by step-security

Network egress filtering and runtime security for GitHub-hosted and self-hosted runners

created at Oct. 28, 2021, 4:58 p.m.

7 +0

531 +7

41 +0

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

152 -1

15,373 +37

1,325 +4

selefra by selefra

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

created at March 21, 2023, 4:28 p.m.

6 +0

510 +0

36 +0