Alternatives and similar repositories for gram

Users that are interested in gram are comparing it to the libraries listed below

• tldrsec / awesome-secure-defaults

  View on GitHub
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆699Dec 6, 2025Updated 2 months ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 10 months ago
• threatcl / threatcl

  View on GitHub
  Documenting your Threat Models with HCL
  ☆453Feb 8, 2026Updated last week
• boringtools / git-alerts

  View on GitHub
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆228Feb 10, 2026Updated last week
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆84Jan 30, 2026Updated 2 weeks ago
• mllamazares / STRIDE-vs-ASVS

  View on GitHub
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Aug 22, 2024Updated last year
• Permiso-io-tools / LogLicker

  View on GitHub
  Tool for obfuscating and deobfuscating data.
  ☆75Mar 20, 2024Updated last year
• gojek / CureIAM

  View on GitHub
  Clean accounts over permissions in GCP infra at scale
  ☆71May 9, 2023Updated 2 years ago
• iosifache / semgrep-rules-manager

  View on GitHub
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆100Dec 24, 2025Updated last month
• boostsecurityio / poutine

  View on GitHub
  boostsecurityio/poutine
  ☆362Feb 2, 2026Updated 2 weeks ago
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆570Jan 28, 2026Updated 2 weeks ago
• Permiso-io-tools / SkyScalpel

  View on GitHub
  ☆46Nov 7, 2024Updated last year
• kpolley / PIIDetective

  View on GitHub
  PII detection platform, leveraging human-in-the-loop AI
  ☆54Nov 29, 2024Updated last year
• yanilov / control-tags

  View on GitHub
  Scalable integrity framework for ABAC on AWS
  ☆56Mar 14, 2025Updated 11 months ago
• google / localtoast

  View on GitHub
  ☆116Updated this week
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 8 months ago
• xvnpw / ai-security-analyzer

  View on GitHub
  A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects
  ☆103Oct 13, 2025Updated 4 months ago
• ncc-erik-steringer / Aerides

  View on GitHub
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Jan 18, 2022Updated 4 years ago
• bullfrogsec / bullfrog

  View on GitHub
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆117Feb 9, 2026Updated last week
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• redrays-io / SAP-Threat-Modeling

  View on GitHub
  The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP syst…
  ☆51Mar 7, 2025Updated 11 months ago
• doyensec / PoiEx

  View on GitHub
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆73Feb 2, 2024Updated 2 years ago
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• securitytemplates / sectemplates

  View on GitHub
  Open source templates you can use to bootstrap your security programs
  ☆888Dec 28, 2025Updated last month
• ovotech / cloud-key-rotator

  View on GitHub
  A Golang program to rotate AWS & GCP account keys
  ☆67May 12, 2025Updated 9 months ago
• jatrost / awesome-detection-rules

  View on GitHub
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆296May 5, 2024Updated last year
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• cado-security / cloudgrep

  View on GitHub
  cloudgrep is grep for cloud storage
  ☆326Feb 26, 2025Updated 11 months ago
• center-for-threat-informed-defense / threat-modeling-with-attack

  View on GitHub
  Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.
  ☆12May 28, 2025Updated 8 months ago
• RoseSecurity / WolfPack

  View on GitHub
  WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
  ☆150Jun 5, 2025Updated 8 months ago
• openai / openai-security-bots

  View on GitHub
  ☆381Apr 18, 2024Updated last year
• mrwadams / attackgen

  View on GitHub
  AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…
  ☆1,204Dec 29, 2025Updated last month
• therealunicornsecurity / tricard

  View on GitHub
  Tricard - Malware Sandbox Fingerprinting
  ☆23Dec 11, 2023Updated 2 years ago
• RichardoC / gitlab-secrets

  View on GitHub
  This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…
  ☆47Aug 16, 2024Updated last year
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆671Updated this week
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,289Feb 5, 2026Updated last week
• Threagile / threagile

  View on GitHub
  Agile Threat Modeling Toolkit
  ☆723Nov 20, 2025Updated 2 months ago
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆116Apr 29, 2025Updated 9 months ago