GitGuardian / ggshield
Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
☆1,639Updated this week
Related projects: ⓘ
- Python API client library for the GitGuardian API☆75Updated 3 weeks ago
- Extract git related information (file shas, commit shas) from your hosted source version control system☆20Updated 7 months ago
- GitGuardian Canary Tokens☆129Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆759Updated last week
- Identify hardcoded secrets in static structured text☆480Updated 11 months ago
- A set of GitHub actions for checking your projects for vulnerabilities☆505Updated 2 weeks ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆521Updated this week
- Open Source Package Analysis☆721Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆790Updated last year
- GitHub App to set and enforce security policies☆1,240Updated this week
- SecHub provides a central API to test software with different security tools.☆259Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆550Updated this week
- Open source vulnerability DB and triage service.☆1,488Updated this week
- ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party package…☆2,072Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆982Updated last week
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆774Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆359Updated 2 weeks ago
- TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how…☆1,135Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆494Updated this week
- A Pythonic framework for threat modeling☆892Updated last month
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆166Updated last month
- A GitHub Action for running the ZAP Full scan☆268Updated 2 months ago
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆958Updated 6 months ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆675Updated last month
- Network egress filtering and runtime security for GitHub-hosted and self-hosted runners☆597Updated last week
- An enterprise friendly way of detecting and preventing secrets in code.☆3,737Updated this week
- Vulnerable app with examples showing how to not use secrets☆1,203Updated last week
- Anchore container analysis and scan provided as a GitHub Action☆203Updated this week
- A GitHub Action for running the ZAP Baseline scan☆309Updated last month
- ☆478Updated this week