blackbox by StackExchange

Safely store secrets in Git/Mercurial/Subversion

created at April 6, 2014, 5:53 p.m.

121 +0

6,630 +3

370 +0

gosec by GoASTScanner

Go security checker

created at July 18, 2016, 6:01 p.m.

89 +0

7,499 +9

588 +2

kube-score by zegl

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.

created at Sept. 16, 2018, 1:19 p.m.

23 +0

2,609 +8

173 -1

clair by quay

Vulnerability Static Analysis for Containers

created at Nov. 13, 2015, 6:46 p.m.

228 +0

10,070 +14

1,150 +1

kubectl-kubesec by controlplaneio

Security risk analysis for Kubernetes resources

created at May 8, 2018, 8:52 a.m.

25 +0

503 +2

37 +0

ssllabs-scan by ssllabs

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

created at Oct. 14, 2014, 10:10 a.m.

95 +0

1,682 +1

239 -1

knox by pinterest

Knox is a secret management service

created at March 11, 2016, 7:19 p.m.

43 +0

1,220 +0

120 +0

conftest by open-policy-agent

Write tests against structured configuration data using the Open Policy Agent Rego query language

created at March 28, 2019, 5:12 p.m.

27 +0

2,798 +6

297 +0

trivy by aquasecurity

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

created at April 11, 2019, 1:01 a.m.

169 +0

21,584 +70

2,128 +10

gopass by gopasspw

The slightly more awesome standard unix password manager for teams

created at Feb. 2, 2017, 12:33 p.m.

79 +1

5,675 +8

475 +0

netz by SpectralOps

Discover internet-wide misconfigurations while drinking coffee

created at March 3, 2021, 6:47 p.m.

14 +0

375 +1

46 +0

preflight by SpectralOps

preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.

created at April 29, 2021, 10:37 a.m.

6 +0

150 +0

45 +0

tfsec by aquasecurity

Security scanner for your Terraform code

created at March 4, 2019, 4:56 p.m.

71 +0

6,583 +7

530 +1

cosign by sigstore

Code signing and transparency for containers and binaries

created at Feb. 4, 2021, 12:49 p.m.

52 +0

4,129 +14

498 +0

fulcio by sigstore

Sigstore OIDC PKI

created at Feb. 23, 2021, 3:19 p.m.

17 +0

608 +1

126 +1

rekor by sigstore

Software Supply Chain Transparency Log

created at June 17, 2020, 12:04 p.m.

18 +0

838 +0

156 +0

trufflehog by trufflesecurity

Find and verify secrets

created at Dec. 31, 2016, 5:08 a.m.

166 +0

14,030 +37

1,528 +8

terrascan by tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

created at Sept. 11, 2017, 3:11 a.m.

67 +0

4,534 +7

494 +2

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

152 -1

15,373 +37

1,325 +4

selefra by selefra

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

created at March 21, 2023, 4:28 p.m.

6 +0

510 +0

36 +0