MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Updated Jul 23, 2020
Python

infobyte / faraday

Star

Collaborative Penetration Test and Vulnerability Management Platform

security devops chatops security-audit collaboration orchestration nmap penetration-testing vulnerability infosec pentesting collaborative cve nessus vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Jul 24, 2020
JavaScript

devsecops / awesome-devsecops

Star

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

devops podcast devsecops threat-intelligence

Updated Jul 23, 2020

baidu / openrasp

Star

🔥Open source RASP solution

security waf devsecops openrasp

Updated Jul 23, 2020
C++

archerysec / archerysec

Star

Centralize Vulnerability Assessment and Management for DevSecOps Team

devops opensource pentesting vulnerabilities devops-tools scanning vulnerability-management vulnerability-assessment secdevops pentesters devsecops

Updated Jul 24, 2020
HTML

ajinabraham / nodejsscan

Star

nodejsscan is a static security code scanner for Node.js applications.

nodejs javascript security node static-analysis code-analysis code-review security-scanner devsecops sast node-security

Updated Jul 17, 2020
CSS

DefectDojo / django-DefectDojo

Star

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

python kubernetes security automation django analytics owasp helm-charts vulnerability-databases vulnerability-management security-orchestration security-automation devsecops vulnerability-correlation

Updated Jul 24, 2020
HTML

ajinabraham / CMSScan

Star

CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues

wordpress security automation drupal joomla vbulletin devsecops security-dashboard

Updated Aug 30, 2019
CSS

GitGuardian / gg-shield

Star

GitGuardian Shield - Protect your secrets with GitGuardian. GitGuardian is an automated secrets detection & remediation service. Detect secret in source code, scan your repo for leaks.

python cli ci secret leak security-tools devsecops shift-left secrets-detection gitguardian

Updated Jul 16, 2020
Python

guardrailsio / awesome-php-security

Star

Awesome PHP Security Resources 🕶

🐘

🔐

php security awesome application-security awesome-list security-tools devsecops

Updated Mar 9, 2019

DependencyTrack / dependency-track

Star

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.

Updated Jul 22, 2020
Java

octarinesec / kube-scan

Star

kube-scan: Octarine k8s cluster risk assessment tool

kubernetes security devops security-audit k8s cloud-native security-scanner security-tools devsecops security-scanners

Updated Jul 19, 2020
Go

accurics / terrascan

Star

Collection of security and best practice test for static code analysis of terraform

aws security devops terraform infrastructure-as-code security-tools cloudsecurity devsecops cloud-security

Updated Jul 24, 2020
Python

OWASP / glue

Star

Application Security Automation

tool owasp ci-cd devsecops

Updated Apr 6, 2020
Ruby

dowjones / hammer

Star

Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

aws aws-security cloudsecurity devsecops

Updated Jun 1, 2020
Python

jturgasen / my-links

Star

Knowledge seeks no man

linux docker kubernetes aws devops cloud containers site-reliability-engineering gcp gke infrastructure-as-code sre information-security devsecops

Updated Jul 21, 2020

deepfence / ThreatMapper

Star

Identify vulnerabilities in running containers, images, hosts and repositories

github docker kubernetes jenkins devops circleci gitlab serverless secops cloud-native security-vulnerability vulnerability-management threat-analysis security-tools devsecops vulnerability-scanning compliance-automation registry-scanning

Updated Jun 27, 2020
HCL

GitGuardian / gg-shield-action

Star

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

devops ci security-tools devsecops github-actions secrets-detection gitguardian

Updated Jul 10, 2020
Dockerfile

ztosec / hunter

Star

Hunter作为中通DevSecOps闭环方案中的一环，扮演着很重要的角色，开源之后希望能帮助到更多企业。

security devsecops

Updated Jan 14, 2020
Python

baidu-security / openrasp-iast

Star

IAST 灰盒扫描工具

security-tools iast devsecops rasp

Updated Apr 20, 2020
Python

security-prince / Application-Security-Engineer-Interview-Questions

Star

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc devsecops security-engineer-interview

Updated May 4, 2020

ellerbrock / docker-security-images

Star

🔐 Docker Container for Penetration Testing & Security

docker devops container secops cybersecurity penetration-testing infosec pentesting pentest cyber-security it-security devsecops pentest-tool docker-security container-hardening container-security

Updated Sep 19, 2018

michelin / ChopChop

Star

ChopChop is a CLI for scanning endpoints and identifying exposition of services/files/folders through the webroot.

security scanning devsecops

Updated Jul 20, 2020
Go

hysnsec / awesome-threat-modelling

Star

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

awesome awesome-list threat-modeling appsec devsecops security-review practical-devsecops devsecops-university