Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
☆72Sep 17, 2021Updated 4 years ago
Alternatives and similar repositories for AWS-DevSecOps-Factory
Users that are interested in AWS-DevSecOps-Factory are comparing it to the libraries listed below
Sorting:
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆20Jan 24, 2021Updated 5 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆82Jul 8, 2021Updated 4 years ago
- Guidance for Organization on AWS☆12Nov 26, 2025Updated 3 months ago
- Addon for Local by Flywheel to configure a local WP-CLI tunnel to a site.☆13Dec 7, 2022Updated 3 years ago
- Welcome to the Very Vulnerable Lambda Application repository! This repository contains an intentionally vulnerable serverless applicatio…☆11Jul 22, 2024Updated last year
- This project is a framework for delivering governed DevSecOps CloudFormation Stacks across AWS Accounts in an AWS Organisations/AWS Contr…☆11Sep 17, 2024Updated last year
- Examples of Docker image build pipelines, including vulnerability scanning with Anchore Engine☆10Mar 6, 2019Updated 6 years ago
- ☆12Sep 6, 2024Updated last year
- ☆43Aug 27, 2025Updated 6 months ago
- A continuous security pipeline demo for the AWS DevSecOps Workshop.☆45Jan 7, 2020Updated 6 years ago
- React Suspended is an educational frontend application riddled with security vulnerabilities☆10Jan 29, 2024Updated 2 years ago
- Yet Another SCA tool☆13Nov 10, 2022Updated 3 years ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,035Feb 9, 2026Updated 3 weeks ago
- Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volum…☆14Sep 18, 2020Updated 5 years ago
- ☆15Apr 13, 2021Updated 4 years ago
- This repo is just a guide where you can find all labs of burp suite resolved, you can see the workflow and all type of web attacks☆14Mar 29, 2022Updated 3 years ago
- OSCAL SSP content for technologies shipped by Red Hat☆16Mar 2, 2023Updated 3 years ago
- ☆16Mar 2, 2023Updated 3 years ago
- Tool for signing and verifying the integrity of CloudFormation templates☆15Feb 16, 2023Updated 3 years ago
- 提供更严格的开发流程,以及不可修改历史记录。更严肃的工程实践。☆18Jun 7, 2023Updated 2 years ago
- Terraform module which provisions addons on Amazon EKS clusters☆22Feb 22, 2026Updated last week
- A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…☆40Jun 3, 2021Updated 4 years ago
- DevSecOps full integration chain : Jenkins & GitLab pipelines, Docker, k8s, Ansible, Clair, Nessus, Nmap NSE, OWASP Dependency-Check, OWA…☆20Sep 19, 2021Updated 4 years ago
- ⚙ Provisioning Amazon EKS clusters with Terraform for DEV/QA/PROD environments☆20Jun 27, 2023Updated 2 years ago
- Automated Security Response on AWS is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a…☆464Updated this week
- A collection of reusable GitHub Actions for the Ministry of Justice, designed to streamline and enhance workflows across our projects. • …☆17Jan 5, 2026Updated last month
- Custom Build and Test Components developed for AWS EC2 Image Builder (https://docs.aws.amazon.com/imagebuilder/latest/userguide/what-is-i…☆22May 1, 2023Updated 2 years ago
- ☆21Feb 22, 2023Updated 3 years ago
- A MAL language that demonstrates the Maven project structure☆23Feb 24, 2026Updated last week
- A collection of DoD and Federal Government Cloud Computing Resources☆49Mar 29, 2021Updated 4 years ago
- The Seiso standard python cookiecutter template☆14Updated this week
- Projects for AWS ThreatHunting☆21Aug 20, 2021Updated 4 years ago
- ☆93Jul 12, 2025Updated 7 months ago
- Sample code for integrating AWS CloudFormation templates security tests (using CFN-Nag and CFN-Guard) with both AWS Security Hub and AWS …☆24Mar 23, 2024Updated last year
- Darkbit Cloud Security Tools☆25Nov 12, 2020Updated 5 years ago
- Burp Extension to identify PII data☆21Jan 29, 2021Updated 5 years ago
- A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE☆75Feb 13, 2026Updated 2 weeks ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆63May 31, 2025Updated 9 months ago
- Simple AWS Lambda powered Slack bot that reports your AWS Costs for the current month to a channel☆27Jul 25, 2020Updated 5 years ago