gopass by gopasspw

The slightly more awesome standard unix password manager for teams

created at Feb. 2, 2017, 12:33 p.m.

78 +0

5,667 +8

475 +1

scanner-cli by hawkeyesec

A project security/vulnerability/risk scanning tool

created at March 18, 2017, 3:24 p.m.

19 +0

358 -1

89 +0

regula by fugue

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego

created at Dec. 17, 2019, 2:27 p.m.

30 +0

934 +0

106 +1

kics by Checkmarx

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

created at July 8, 2020, 9:46 p.m.

25 +0

1,909 +7

286 +0

appsec-education by duo-labs

Presentations, training modules, and other education materials from Duo Security's Application Security team.

created at Oct. 22, 2019, 4:40 p.m.

9 +0

67 +0

14 +0

netz by SpectralOps

Discover internet-wide misconfigurations while drinking coffee

created at March 3, 2021, 6:47 p.m.

14 +0

374 +0

46 +0

detect-secrets by Yelp

An enterprise friendly way of detecting and preventing secrets in code.

created at Dec. 5, 2017, 12:38 a.m.

48 +0

3,485 +7

433 +2

preflight by SpectralOps

preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.

created at April 29, 2021, 10:37 a.m.

6 +0

150 +1

45 +0

tfsec by aquasecurity

Security scanner for your Terraform code

created at March 4, 2019, 4:56 p.m.

71 +0

6,576 +4

529 +0

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

created at Sept. 19, 2014, 2:53 p.m.

156 +0

9,589 +31

9,399 +50

keyscope by SpectralOps

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

created at Oct. 1, 2021, 12:01 p.m.

17 +0

376 +0

119 +0

cosign by sigstore

Code signing and transparency for containers and binaries

created at Feb. 4, 2021, 12:49 p.m.

52 +0

4,115 +20

498 +2

fulcio by sigstore

Sigstore OIDC PKI

created at Feb. 23, 2021, 3:19 p.m.

17 +0

607 +3

125 -1

rekor by sigstore

Software Supply Chain Transparency Log

created at June 17, 2020, 12:04 p.m.

18 +0

838 +4

156 +0

trufflehog by trufflesecurity

Find and verify secrets

created at Dec. 31, 2016, 5:08 a.m.

166 +0

13,993 +38

1,520 +4

terrascan by tenable

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

created at Sept. 11, 2017, 3:11 a.m.

67 +0

4,527 +9

492 +0

teller by tellerops

Cloud native secrets management for developers - never leave your command line for secrets.

created at March 24, 2021, 10:49 a.m.

26 +0

2,551 +0

165 +1

harden-runner by step-security

Network egress filtering and runtime security for GitHub-hosted and self-hosted runners

created at Oct. 28, 2021, 4:58 p.m.

7 +0

524 +10

41 +0

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

153 +0

15,336 +28

1,321 +6

sops by getsops

Simple and flexible tool for managing secrets

created at Aug. 13, 2015, 10:11 p.m.

116 -1

15,209 +36

815 +1