Alternatives and similar repositories for awesome-sca

Users that are interested in awesome-sca are comparing it to the libraries listed below

• hysnsec / awesome-policy-as-code

  View on GitHub
  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
  ☆204Dec 6, 2023Updated 2 years ago
• VerSprite / fork-community

  View on GitHub
  Fork Threat Modeling Platform - Community
  ☆27Oct 10, 2025Updated 4 months ago
• cr0hn / rsm

  View on GitHub
  Redis Security Map - Anti-hacking for Redis
  ☆31Mar 11, 2022Updated 3 years ago
• nomis / ip6walk

  View on GitHub
  IPv6 network walking utilities (ip6dnswalk, ip6dnshide)
  ☆22May 27, 2014Updated 11 years ago
• ZFPSystems / zaproxy-automation

  View on GitHub
  This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites
  ☆26May 14, 2023Updated 2 years ago
• X-C3LL / wfp-reader

  View on GitHub
  Proof of concept - Covert Channel using Windows Filtering Platform (C#)
  ☆21Aug 29, 2021Updated 4 years ago
• fguisso / dockercon-2021

  View on GitHub
  Palestra sobre desenvolvimento seguro de imagens e containers para a DockerCon 2021 sala Brasil
  ☆10May 27, 2021Updated 4 years ago
• pentestingforfunandprofit / webbank

  View on GitHub
  ☆10Jan 22, 2016Updated 10 years ago
• PurduePL / purduepl.github.io

  View on GitHub
  A blog of Programming Languages Group @Purdue
  ☆11Updated this week
• xebia / falco-eks-audit-bridge

  View on GitHub
  Enable Falco to read audit logs from EKS
  ☆11Dec 13, 2020Updated 5 years ago
• hysnsec / awesome-threat-modelling

  View on GitHub
  A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …
  ☆1,707Aug 2, 2024Updated last year
• simonsdave / clair-cicd

  View on GitHub
  Making CoreOS' Clair easily work in CI/CD pipelines
  ☆29Sep 10, 2023Updated 2 years ago
• llnl / Surfactant

  View on GitHub
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆39Updated this week
• scalr-eap / policy-templates

  View on GitHub
  ☆12Feb 18, 2021Updated 4 years ago
• bayufedra / ipti

  View on GitHub
  A comprehensive tool for doing threat intelligence againts IP addresses to determine if it's are malicious
  ☆27Dec 16, 2025Updated last month
• zsolt-halo / aws-config-advanced-query

  View on GitHub
  A collection of useful queries that can be used to verify compliance/security across your AWS assets
  ☆30Jun 18, 2019Updated 6 years ago
• secure-software-engineering / Boomerang

  View on GitHub
  Demand-Driven Pointer Analysis
  ☆14Feb 2, 2026Updated last week
• developer-guy / awesome-falco

  View on GitHub
  A curated list of Falco related tools, frameworks, blogs, podcasts, and articles
  ☆202Jul 28, 2021Updated 4 years ago
• AErmie / DevSecOps

  View on GitHub
  A repo for testing and demonstration purposes.
  ☆31Dec 16, 2025Updated last month
• silentsignal / wpc

  View on GitHub
  Windows Privesc Check
  ☆20May 20, 2014Updated 11 years ago
• cloudposse-archives / terraform-tfe-cloud-infrastructure-automation

  View on GitHub
  Terraform Enterprise/Cloud Infrastructure Automation
  ☆16Jun 30, 2023Updated 2 years ago
• nozaq / terraform-aws-secure-vpc

  View on GitHub
  A terraform module to create a VPC with secure default configurations.
  ☆17Jan 18, 2022Updated 4 years ago
• philips-software / spdx-action

  View on GitHub
  GitHub Action to get a license overview in SPDX format
  ☆14Dec 24, 2021Updated 4 years ago
• ComplianceAsCode / auditree-arboretum

  View on GitHub
  The Auditree common fetchers, checks and harvest reports library.
  ☆20Nov 9, 2023Updated 2 years ago
• sakkis91 / SandboxPPL

  View on GitHub
  Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
  ☆12May 28, 2025Updated 8 months ago
• developer-guy / policy-as-code-war

  View on GitHub
  OPA Gatekeeper vs Kyverno
  ☆66Oct 27, 2021Updated 4 years ago
• sk4la / plast

  View on GitHub
  Modular command-line threat hunting tool & framework.
  ☆17Jul 20, 2020Updated 5 years ago
• cedowens / Helpful_aws-scripts

  View on GitHub
  python3 scripts to help with aws triage needs
  ☆15Feb 11, 2022Updated 4 years ago
• projectmonke / PrimatePack

  View on GitHub
  The Primate Pack is a suite of extensions for Caido.
  ☆13Sep 29, 2024Updated last year
• 4ARMED / dopwn

  View on GitHub
  Tool to automate takeover of DigitalOcean Kubernetes cluster. Check out the blog post for more info.
  ☆17Dec 20, 2018Updated 7 years ago
• mvisonneau / tfcw

  View on GitHub
  Terraform Cloud Wrapper
  ☆17Mar 6, 2023Updated 2 years ago
• DevSlop / pixi-crs

  View on GitHub
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Jun 9, 2021Updated 4 years ago
• postmodern / npm_scan

  View on GitHub
  Scans npmjs.org for npm packages that can be taken over
  ☆19Jun 6, 2022Updated 3 years ago
• thejoshpit / electionBuster

  View on GitHub
  Scans the typos of candidate election pages for typosquatters
  ☆18Oct 25, 2018Updated 7 years ago
• myugan / awesome-docker-security

  View on GitHub
  📚 A curated list of awesome Docker security resources
  ☆707Nov 20, 2025Updated 2 months ago
• boozallen / sdp-pipeline-framework

  View on GitHub
  The Solutions Delivery Platform runtime pipeline framework
  ☆40Mar 1, 2019Updated 6 years ago
• OWASP / DevSecOpsGuideline

  View on GitHub
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆1,020Jan 5, 2026Updated last month
• mrnfrancesco / GreedyForSQLi

  View on GitHub
  Ricerca che mostra come scrivere regole per SemGrep per cercare SQL Injection nei plugin di Wordpress che usano action AJAX
  ☆19Jul 22, 2023Updated 2 years ago
• edu-secmachine / reactvulna

  View on GitHub
  A deliberately vulnerable js app made with reactjs. For educational purposes.
  ☆17Mar 20, 2019Updated 6 years ago