Alternatives and similar repositories for Community-Contribs

Users that are interested in Community-Contribs are comparing it to the libraries listed below

• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated last year
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated 2 years ago
• OWASP / Application-Security-Curriculum
  ☆24Updated 3 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated 2 weeks ago
• OWASP / www-project-appsec-pipeline
  OWASP Foundation Web Respository
  ☆10Updated 2 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated last month
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆21Updated 8 months ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• lizfrenz / owasp-vuln-mngmnt
  The vulnerability management guide should help to breakdown vulnerability management process into a manageable repeatable cycles tailored…
  ☆16Updated 4 years ago
• YaleUniversity / ZAP_ASVS_Checks
  ZAP scripts to implement ASVS L1 checking
  ☆15Updated 3 years ago
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 4 months ago
• KennaSecurity / toolkit
  Kenna Security API and Scripting Toolkit
  ☆35Updated this week
• center-for-threat-informed-defense / defending-iaas-with-attack
  Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…
  ☆14Updated last month
• mitre / heimdall_tools
  DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications
  ☆35Updated 3 years ago
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated this week
• DefectDojo / godojo
  Golang installer for DefectDojo
  ☆28Updated 5 months ago
• disclose / dnssecuritytxt
  A standard allowing organizations to nominate security contact points and policies via DNS TXT records.
  ☆31Updated last month
• OWASP / www-project-integration-standards
  OWASP Foundation Web Respository
  ☆28Updated 10 months ago
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Updated this week
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆11Updated 4 years ago
• kannkyo / epss-api
  EPSS(Exploit Prediction Scoring System) API client
  ☆18Updated last week
• appsecco / owasp-threat-dragon-gitlab
  OWASP Threat Dragon with Gitlab Integration
  ☆27Updated 7 years ago
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆31Updated 2 years ago
• SDA-SE / cluster-image-scanner
  Discover vulnerabilities and container image misconfiguration in production environments.
  ☆56Updated last month
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 6 years ago
• nccgroup / Threat-Intelligence-Alerts
  Welcome to the NCC Group Threat Intelligence Alert repo, here you will find the alerts which we have raised to our customers regarding in…
  ☆25Updated 2 years ago
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆20Updated 2 weeks ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆50Updated last week
• NSC42 / CloudSec-Tools
  Cloud Security Tools
  ☆16Updated 4 years ago