OWASP / www-project-wrongsecrets
OWASP Foundation Web Respository
☆18Updated 3 weeks ago
Alternatives and similar repositories for www-project-wrongsecrets:
Users that are interested in www-project-wrongsecrets are comparing it to the libraries listed below
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 7 months ago
- ☆100Updated this week
- A community collection of security reviews of open source software components.☆93Updated last year
- ☆16Updated last year
- ☆41Updated last month
- A standard API specification for exchanging supply chain artifacts and intelligence☆74Updated 2 weeks ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆61Updated 9 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆170Updated 4 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆112Updated last month
- AI featured threat modeling and security review action☆43Updated 4 months ago
- OWASP Foundation Web Respository☆28Updated 7 months ago
- ☆86Updated 3 years ago
- Exploit Prediction Scoring System (EPSS)☆25Updated 2 years ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆66Updated 3 weeks ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated this week
- Software Component Verification Standard (SCVS)☆142Updated 11 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆27Updated last month
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Updated last year
- A tool to check the security settings of Github Organizations.☆71Updated last year
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- Core model including reused documentation☆95Updated last week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆73Updated 11 months ago
- Compares and analyzes GCP IAM roles.☆77Updated 3 weeks ago
- Systematic Universal Security Testing Orchestration☆37Updated 3 years ago
- A full insecure kubernetes application for testing security tools☆70Updated this week
- A CLI that scans for sensitive data in source code☆14Updated 2 years ago
- https://breaches.cloud☆38Updated 5 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated last year
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆107Updated last year