13 packages found

prowler-cloud

Prowler is an Open Source security tool to perform AWS, GCP and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security…
  1. aws
  2. azure
  3. cis-benchmark
  4. cloud
  5. compliance
  6. cspm
  7. devsecops
  8. forensics
  9. gcp
  10. gdpr
  11. hardening
  12. iam
  13. multi-cloud
  14. python
  15. saas
  16. security
  17. security-audit
  18. security-hardening
  19. security-tools
  20. well-architected
280 Contributors
5.5.1published 1 week agoApache-2.0

truffleHog

Searches through git repositories for high entropy strings, digging deep into commit history.
  1. credentials
  2. devsecops
  3. dynamic-analysis
  4. hacktoberfest
  5. precommit
  6. scanning
  7. secret
  8. secret-management
  9. secrets
  10. security
  11. security-tools
  12. trufflehog
  13. verification
166 Contributors
2.2.1published 4 years agoGPL-3.0

mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
  1. mobsf
  2. mobile
  3. security
  4. framework
  5. tool
  6. static
  7. analysis
  8. dynamic
  9. malware
  10. android-security
  11. api-testing
  12. apk
  13. cwe
  14. devsecops
  15. dynamic-analysis
  16. ios-security
  17. malware-analysis
  18. mastg
  19. masvs
  20. mobile-security
  21. mstg
  22. owasp
  23. rest
  24. runtime-security
  25. static-analysis
  26. web-security
  27. windows-mobile-security
88 Contributors
4.3.2published 4 weeks agoGPL-3.0-only

Terrascan

Security best practice static code analysis for terraform
  1. terrascan
  2. architecture
  3. aws
  4. aws-security
  5. azure-security
  6. cloud-security
  7. cloudsecurity
  8. devops
  9. devsecops
  10. gcp-security
  11. iac
  12. infrastructure
  13. infrastructure-as-code
  14. kubernetes
  15. sast
  16. scans
  17. security
  18. security-tools
  19. security-violations
  20. terraform
81 Contributors
0.2.3published 5 years agoApache-2.0

packj

Packj flags malicious and other "risky" RubyGems packages in your software supply chain.
  1. developer-tools
  2. devops
  3. devops-tools
  4. devsecops
  5. dynamic-analysis
  6. malware
  7. malware-analysis
  8. npm
  9. pypi
  10. python
  11. rubygems
  12. sandboxing
  13. security
  14. security-audit
  15. security-tools
  16. static-analysis
  17. supply-chain
  18. supply-chain-security
  19. vulnerability
  20. vulnerability-scanners
12 Contributors
0.0.0published 2 years agoMIT

owasp-depscan

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
  1. compliance
  2. containers
  3. cve
  4. cyclonedx
  5. dependency-analysis
  6. dependency-audit
  7. devsecops
  8. reachability-analysis
  9. risk-audit
  10. sbom
  11. sca
  12. security-audit
  13. security-tools
  14. supply-chain-security
  15. vex
  16. vulnerability-scanners
16 Contributors
5.5.0published 5 months agoMIT

cve-bin-tool

CVE Binary Checker Tool
  1. security
  2. tools
  3. CVE
  4. cvss
  5. devsecops
  6. hacktoberfest
  7. python
  8. sbom
  9. sbom-tool
  10. security-automation
  11. security-tools
  12. swrepo
  13. system-tools
  14. vulnerabilities
  15. vulnerability
3.4published 7 months agoCNRI-Python-GPL-Compatible

safety

Scan dependencies for known vulnerabilities and licenses.
  1. dependencies
  2. licenses
  3. safety
  4. scan
  5. vulnerabilities
  6. cicd
  7. dependency-management
  8. devsecops
  9. open-source-security
  10. package-management
  11. python
  12. security
  13. security-vulnerability
  14. travis
  15. vulnerability-detection
  16. vulnerability-scanners
43 Contributors
3.3.1published 2 months agoMIT

faradaysec

Open Source Collaborative Penetration Test and Vulnerability Management Platform https://www.faradaysec.com
  1. security
  2. tools
  3. appsec
  4. burpsuite
  5. collaboration
  6. continuous-scanning
  7. cve
  8. cybersecurity
  9. devops
  10. devsecops
  11. infosec
  12. nessus
  13. nmap
  14. orchestration
  15. penetration-testing
  16. pentesting
  17. security-audit
  18. security-automation
  19. vulnerability
  20. vulnerability-management
  21. vulnerability-scanners
46 Contributors
5.12.0published 1 month agoGPL-3.0

owasp-pipeline

Pipeline detects security vulnerabilities in code.
  1. tool
  2. owasp
  3. ci-cd
  4. devsecops
5 Contributors
0.8.7published 9 years agoApache-2.0
Showing 1 to 10 of 13 results