devops-kung-fu / luchaLinks
A CLI that scans for sensitive data in source code
β14Updated 2 years ago
Alternatives and similar repositories for lucha
Users that are interested in lucha are comparing it to the libraries listed below
Sorting:
- ποΈ STRIDE vs. ASVS equivalence tableβ77Updated last year
- Compares and analyzes GCP IAM roles.β77Updated 7 months ago
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Updated 2 years ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and securβ¦β166Updated last month
- GCP CSPM using Google Sheetsβ37Updated 6 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β67Updated 3 months ago
- A collection of models for organizing, prioritizing, and understanding cybersecurity and information risk management concepts.β24Updated last year
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β57Updated last week
- Protect against subdomain takeoverβ94Updated 2 months ago
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity programβ43Updated this week
- Convert cloudtrail data to MITRE ATT&CK Sightingsβ80Updated 3 years ago
- Slack bot which promotes Defense in Depth/Zero Trust security practicesβ24Updated 2 years ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metricsβ211Updated last week
- Cloud Commotion intends to cause chaos to simulate security incidentsβ146Updated last year
- β113Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β177Updated 10 months ago
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events iβ¦β49Updated 5 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation oβ¦β102Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packagesβ165Updated this week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.β32Updated 11 months ago
- Automate vulnerability triage which prioritizes remediation over discoveryβ18Updated 3 months ago
- Clean accounts over permissions in GCP infra at scaleβ71Updated 2 years ago
- https://breaches.cloudβ42Updated 11 months ago
- β31Updated 11 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.β116Updated 3 weeks ago
- AI featured threat modeling and security review actionβ44Updated 10 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β110Updated last year
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard aβ¦β31Updated 11 months ago
- A tool to check the security settings of Github Organizations.β72Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ34Updated 7 months ago