Alternatives and similar repositories for awesome-api-security-essentials

Users that are interested in awesome-api-security-essentials are comparing it to the libraries listed below

• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆51Updated last year
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated 2 years ago
• nccgroup / ccs
  ☆111Updated 2 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated this week
• referefref / modpot
  Modular web-application honeypot platform built using go and gin
  ☆58Updated last year
• SygniaLabs / Mirage
  ☆73Updated 3 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 10 months ago
• MFMokbel / Crawlector
  Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
  ☆126Updated last year
• csdev / ezghsa
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Updated 6 months ago
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆119Updated last year
• 0dayInc / pwn
  PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
  ☆53Updated 3 weeks ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆110Updated this week
• ManuelBerrueta / FlowAnalyzer
  FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
  ☆179Updated 11 months ago
• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆65Updated 11 months ago
• Permiso-io-tools / LogLicker
  Tool for obfuscating and deobfuscating data.
  ☆70Updated last year
• BishopFox / llm-testing-findings
  LLM Testing Findings Templates
  ☆72Updated last year
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆149Updated 7 months ago
• SecurityUniversalOrg / SecuSphere
  Efficient DevSecOps
  ☆47Updated 7 months ago
• referefref / gitdoorcheck
  Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs
  ☆73Updated last year
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 6 months ago
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆58Updated 3 years ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated 2 years ago
• RefactorSecurity / vscode-security-notes
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆133Updated 2 months ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆184Updated 2 months ago
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 2 months ago
• antitree / go-pillage-registries
  Pentester-focused Docker registry tool to enumerate and pull images
  ☆21Updated 2 months ago
• Fennerr / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆73Updated last year
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 4 months ago
• ReversecLabs / IceKube
  ☆179Updated 2 months ago
• latiotech / LAST
  Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
  ☆173Updated 2 months ago