Alternatives and similar repositories for horusec:

Users that are interested in horusec are comparing it to the libraries listed below

• insidersec / insider
  Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…
  ☆528Updated 2 years ago
• globocom / huskyCI
  Performing security tests inside your CI
  ☆578Updated 10 months ago
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆837Updated last year
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆883Updated this week
• krol3 / container-security-checklist
  Checklist for container security - devsecops practices
  ☆1,553Updated last year
• cider-security-research / top-10-cicd-security-risks
  ☆406Updated 2 years ago
• Checkmarx / kics
  Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…
  ☆2,259Updated this week
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆361Updated last year
• OWASP / DevSecOpsGuideline
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆909Updated last month
• fike / horusec-action
  It's a Horusec Action proof of concept
  ☆14Updated last year
• globocom / secDevLabs
  A laboratory for learning secure web and mobile development in a practical manner.
  ☆924Updated 6 months ago
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆559Updated this week
• owasp-dep-scan / dep-scan
  OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …
  ☆1,080Updated last week
• tcosolutions / betterscan
  Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
  ☆856Updated 2 weeks ago
• BishopFox / cloudfox
  Automating situational awareness for cloud penetration tests.
  ☆2,064Updated 3 weeks ago
• leoplana / ctf-zup-2021
  ☆16Updated 3 years ago
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆521Updated 2 weeks ago
• rung / threat-matrix-cicd
  Threat matrix for CI/CD Pipeline
  ☆748Updated 8 months ago
• cyberark / kubesploit
  Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…
  ☆1,158Updated 2 months ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆653Updated last week
• aquasecurity / chain-bench
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆745Updated 3 months ago
• projectdiscovery / cloudlist
  Cloudlist is a tool for listing Assets from multiple Cloud Providers.
  ☆919Updated this week
• aquasecurity / cloud-security-remediation-guides
  Security Remediation Guides
  ☆719Updated 2 months ago
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆395Updated 4 months ago
• CycloneDX / cdxgen
  Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
  ☆661Updated this week
• OWASP / threat-dragon
  An open source threat modeling tool from OWASP
  ☆1,059Updated this week
• aquasecurity / vuln-list
  NVD, Ubuntu, Alpine
  ☆426Updated this week
• ine-labs / AWSGoat
  AWSGoat : A Damn Vulnerable AWS Infrastructure
  ☆1,819Updated 2 months ago
• DataDog / KubeHound
  Tool for building Kubernetes attack paths
  ☆837Updated 2 weeks ago
• secureCodeBox / secureCodeBox
  secureCodeBox (SCB) - continuous secure delivery out of the box
  ☆845Updated this week