ZupIT / horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
☆1,195Updated this week
Alternatives and similar repositories for horusec:
Users that are interested in horusec are comparing it to the libraries listed below
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆528Updated 2 years ago
- Performing security tests inside your CI☆578Updated 10 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆837Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆883Updated this week
- Checklist for container security - devsecops practices☆1,553Updated last year
- ☆406Updated 2 years ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,259Updated this week
- Security Champions Playbook v 2.1☆361Updated last year
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆909Updated last month
- It's a Horusec Action proof of concept☆14Updated last year
- A laboratory for learning secure web and mobile development in a practical manner.☆924Updated 6 months ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆559Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,080Updated last week
- Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan☆856Updated 2 weeks ago
- Automating situational awareness for cloud penetration tests.☆2,064Updated 3 weeks ago
- ☆16Updated 3 years ago
- ☆521Updated 2 weeks ago
- Threat matrix for CI/CD Pipeline☆748Updated 8 months ago
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…☆1,158Updated 2 months ago
- Agile Threat Modeling Toolkit☆653Updated last week
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆745Updated 3 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆919Updated this week
- Security Remediation Guides☆719Updated 2 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆395Updated 4 months ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆661Updated this week
- An open source threat modeling tool from OWASP☆1,059Updated this week
- NVD, Ubuntu, Alpine☆426Updated this week
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,819Updated 2 months ago
- Tool for building Kubernetes attack paths☆837Updated 2 weeks ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆845Updated this week