Alternatives and similar repositories for Flow

Users that are interested in Flow are comparing it to the libraries listed below

• latiotech / LAST
  Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
  ☆174Updated 2 months ago
• ReversecLabs / cloud-security-vm
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Updated 6 months ago
• shivamsaraswat / SeCoRA
  Secure Code Review AI Agent (SeCoRA) - AI SAST
  ☆48Updated 5 months ago
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆149Updated 7 months ago
• adeptex / whispers
  Identify hardcoded secrets in static structured text (version 2)
  ☆91Updated 5 months ago
• referefref / gitdoorcheck
  Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs
  ☆73Updated last year
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆53Updated last week
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆319Updated this week
• gabrielsoltz / metahub
  MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
  ☆174Updated this week
• boringtools / git-alerts
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆220Updated last month
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated 2 months ago
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆87Updated 11 months ago
• saw-your-packet / CloudShovel
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆108Updated 8 months ago
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated last year
• red-kite-solutions / stalker
  Stalker, the Extensible Attack Surface Management tool.
  ☆86Updated last month
• DataDog / undocumented-aws-api-hunter
  A tool to uncover undocumented APIs from the AWS Console.
  ☆109Updated 2 months ago
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆143Updated last year
• tenable / hidden-services-revealer
  ☆36Updated 11 months ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆187Updated 3 months ago
• Santiago-Labs / go-ocsf
  ☆69Updated last month
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆306Updated 2 weeks ago
• dark-warlord14 / CVENotifier
  Customized CVE FEED Notifier
  ☆114Updated 2 months ago
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆55Updated 5 months ago
• anirudhbiyani / findmytakeover
  find dangling domains in a multi cloud environment
  ☆142Updated 2 weeks ago
• Resourcely-Inc / cloud-guardrails
  Open-source best practices for protecting a secure, sensible cloud platform
  ☆126Updated 8 months ago
• RyanJarv / roles
  Unauthenticated enumeration of AWS IAM Roles.
  ☆25Updated 6 months ago
• ManuelBerrueta / FlowAnalyzer
  FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
  ☆179Updated last year
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 3 months ago
• spaceraccoon / ogp-ctf-2024
  A web CTF for training developers in bug hunting and secure coding!
  ☆99Updated 6 months ago
• kudelskisecurity / youshallnotpass
  YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.
  ☆36Updated last year