#

devsecops

Here are 202 public repositories matching this topic...

Mobile-Security-Framework-MobSF

MobSF / Mobile-Security-Framework-MobSF

Star

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Updated Oct 5, 2020
Python

infobyte / faraday

Star

Collaborative Penetration Test and Vulnerability Management Platform

security devops chatops security-audit collaboration orchestration nmap penetration-testing vulnerability infosec pentesting collaborative cve nessus vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Sep 10, 2020
JavaScript

devsecops / awesome-devsecops

Star

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

devops podcast devsecops threat-intelligence

Updated Sep 7, 2020

baidu / openrasp

Star

🔥Open source RASP solution

security waf devsecops openrasp

Updated Sep 17, 2020
C++

ajinabraham / nodejsscan

Star

nodejsscan is a static security code scanner for Node.js applications.

nodejs javascript security node static-analysis code-analysis code-review security-scanner devsecops sast node-security

Updated Oct 2, 2020
CSS

archerysec / archerysec

Star

Centralize Vulnerability Assessment and Management for DevSecOps Team

devops opensource pentesting vulnerabilities devops-tools scanning vulnerability-management vulnerability-assessment secdevops pentesters devsecops

Updated Oct 4, 2020
HTML

DefectDojo / django-DefectDojo

Star

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

python kubernetes security automation django analytics owasp vulnerability-databases vulnerability-management hacktoberfest security-orchestration security-automation devsecops vulnerability-correlation

Updated Oct 5, 2020
HTML

ajinabraham / CMSScan

Star

CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues

wordpress security automation drupal joomla vbulletin devsecops security-dashboard

Updated Oct 2, 2020
CSS

GitGuardian / gg-shield

Star

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

python cli ci secret leak security-tools devsecops shift-left secrets-detection gitguardian

Updated Oct 2, 2020
Python

guardrailsio / awesome-php-security

Star

Awesome PHP Security Resources 🕶

🐘

🔐

php security awesome application-security awesome-list security-tools devsecops

Updated Mar 9, 2019

terrascan

accurics / terrascan

Star

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

infrastructure aws security devops terraform architecture infrastructure-as-code security-tools cloudsecurity devsecops cloud-security terrascan security-violations

Updated Oct 5, 2020
Go

DependencyTrack / dependency-track

Star

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.

Updated Sep 29, 2020
Java

kube-scan

octarinesec / kube-scan

Star

kube-scan: Octarine k8s cluster risk assessment tool

kubernetes security devops security-audit k8s cloud-native security-scanner security-tools devsecops security-scanners

Updated Sep 12, 2020
Go

OWASP / glue

Star

Open

Document ZAP

1

omerlh opened May 9, 2018

documentation good first issue stale

Open

Document how to write a filter.

1

Open

Add dummy task

1

Find more good first issues →

bridgecrewio / terragoat

Star

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

terraform aws-security goat devsecops cloud-security azure-security gcp-security

Updated Sep 18, 2020
HCL

dowjones / hammer

Star

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

aws aws-security cloudsecurity devsecops

Updated Jun 1, 2020
Python

ThreatMapper

deepfence / ThreatMapper

Star

Identify vulnerabilities in running containers, images, hosts and repositories

github docker kubernetes jenkins devops circleci gitlab serverless secops cloud-native security-vulnerability vulnerability-management threat-analysis security-tools devsecops vulnerability-scanning compliance-automation registry-scanning

Updated Sep 28, 2020
HCL

jturgasen / my-links

Star

Knowledge seeks no man

linux docker kubernetes aws devops cloud containers site-reliability-engineering gcp gke infrastructure-as-code sre information-security devsecops

Updated Aug 16, 2020

ztosec / hunter

Star

Hunter作为中通DevSecOps闭环方案中的一环，扮演着很重要的角色，开源之后希望能帮助到更多企业。

security devsecops

Updated Jan 14, 2020
Python

GitGuardian / gg-shield-action

Star

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

devops ci security-tools devsecops github-actions secrets-detection gitguardian

Updated Jul 10, 2020
Dockerfile

baidu-security / openrasp-iast

Star

IAST 灰盒扫描工具

security-tools iast devsecops rasp

Updated Apr 20, 2020
Python

awesome-threat-modelling

hysnsec / awesome-threat-modelling

Star

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

awesome awesome-list threat-modeling appsec devsecops security-review practical-devsecops devsecops-university

Updated Sep 30, 2020
Dockerfile

security-prince / Application-Security-Engineer-Interview-Questions

Star

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc websecurity devsecops websec websecurity-reference security-team security-engineer-interview

Updated Aug 7, 2020

michelin / ChopChop

Star

Open

Integrate new signatures from nmap

PaulSec commented Sep 28, 2020

Hi,

It would be interesting to have those new rules integrated in ChopChop, see : https://github.com/nnposter/nndefaccts/blob/master/http-default-accounts-fingerprints-nndefaccts.lua

Read more

good first issue

OWASP / RiskAssessmentFramework

Star

The Secure Coding Framework

secure-coding devsecops static-application-security-tool owasp-raf

Updated Aug 18, 2020
TypeScript

ellerbrock / docker-security-images

Star

🔐 Docker Container for Penetration Testing & Security

docker devops container secops cybersecurity penetration-testing infosec pentesting pentest cyber-security it-security devsecops pentest-tool docker-security container-hardening container-security

Updated Sep 19, 2018

we45 / ThreatPlaybook

Star

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

python application-security threat-model devsecops sast dast

Updated Jul 12, 2020
Python

Skyscanner / whispers

Star

Identify hardcoded secrets and dangerous behaviours

security pipeline passwords leaks devsecops secrets-detection

Updated Oct 6, 2020
Python

ShiftLeftSecurity / sast-scan

Star

Open

Support for mono-repo

prabhu commented Jul 9, 2020

It will be a fun exercise to make scan work for mono repos such as https://github.com/swapnil-linux/spring-boot-examples

In theory, this can be achieved using a bit of bash with the new scan AppImage.

Read more

documentation enhancement good first issue

Open

Test and document scan in offline/airgap mode

octarinesec / kccss

Star

Kubernetes Common Configuration Scoring System

kubernetes security security-audit cloud-native devsecops cvssv3

Updated Apr 23, 2020
TypeScript

Improve this page

Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."

You can’t perform that action at this time.