devops-kung-fu / luchaLinks
A CLI that scans for sensitive data in source code
β14Updated 2 years ago
Alternatives and similar repositories for lucha
Users that are interested in lucha are comparing it to the libraries listed below
Sorting:
- ποΈ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.β76Updated last year
- AI featured threat modeling and security review actionβ45Updated last year
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β70Updated 2 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β68Updated 7 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β179Updated last month
- Compares and analyzes GCP IAM roles.β78Updated 11 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metricsβ215Updated this week
- A tool to check the security settings of Github Organizations.β75Updated 2 years ago
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Updated 2 years ago
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securitβ¦β37Updated last year
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity programβ46Updated last week
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β110Updated 2 years ago
- A collection of models for organizing, prioritizing, and understanding cybersecurity and information risk management concepts.β25Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packagesβ215Updated last week
- Automate vulnerability triage which prioritizes remediation over discoveryβ20Updated 3 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β139Updated 2 years ago
- β69Updated 6 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ34Updated 11 months ago
- A full insecure kubernetes application for testing security toolsβ90Updated 3 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightingsβ82Updated 3 years ago
- β114Updated 2 years ago
- Protect against subdomain takeoverβ95Updated 6 months ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.β105Updated 2 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.β155Updated last year
- The Open Security Summit is focused on the collaboration between, Developers and Application Securityβ45Updated 7 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ102Updated 3 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ59Updated 2 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ46Updated 3 years ago
- Clean accounts over permissions in GCP infra at scaleβ71Updated 2 years ago