Alternatives and similar repositories for Vulnerability-management-maturity

Users that are interested in Vulnerability-management-maturity are comparing it to the libraries listed below

• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated last year
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆51Updated 2 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆66Updated 2 months ago
• bin3xish477 / ghast
  GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…
  ☆21Updated 2 years ago
• semgrep-old / rules-owasp-asvs
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Updated 4 years ago
• nccgroup / ccs
  ☆113Updated 2 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆67Updated 3 months ago
• xvnpw / ai-threat-modeling
  AI featured threat modeling and security review project
  ☆16Updated 9 months ago
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated last year
• P3tra-WP / Jupyter-Threat
  ☆14Updated 2 years ago
• RhinoSecurityLabs / CloudScraper
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆32Updated 3 years ago
• nccgroup / SFPolDevChk
  Salesforce Policy Deviation Checker
  ☆30Updated 4 years ago
• faloker / purify
  All-in-one tool for managing vulnerability reports from AppSec pipelines
  ☆108Updated 2 years ago
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆89Updated 2 years ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆40Updated 7 years ago
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆42Updated last year
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆78Updated 3 years ago
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 4 years ago
• cytix-software / AppSec-Detection-Framework
  A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…
  ☆32Updated this week
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• YaleUniversity / ZAP_ASVS_Checks
  ZAP scripts to implement ASVS L1 checking
  ☆16Updated 3 years ago
• xvnpw / sec-docs
  An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
  ☆34Updated 6 months ago
• vectra-ai-research / log4j-aws-sandbox
  A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform
  ☆12Updated 3 years ago
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆76Updated 4 years ago
• offensive-terraform / terraform-aws-ec2-kali-linux
  Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, Sco…
  ☆18Updated 4 years ago
• mihir-shah99 / vxdf
  ☆61Updated 3 months ago
• KennaSecurity / toolkit
  Kenna Security API and Scripting Toolkit
  ☆34Updated last month
• nccgroup / cowcloud
  ☆60Updated 2 years ago
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆29Updated last year