Alternatives and similar repositories for tools

Users that are interested in tools are comparing it to the libraries listed below

• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆94Updated 4 months ago
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated 2 years ago
• tenchi-security / camp
  CloudSplaining on AWS Managed Policies
  ☆43Updated this week
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Updated last year
• Hacking-the-Cloud / htc-ctfs
  Holds the public Hacking the Cloud CTFs.
  ☆56Updated last year
• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated last year
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated 2 years ago
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated 2 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆172Updated 6 months ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆66Updated 11 months ago
• OWASP / www-project-kubernetes-security-testing-guide
  OWASP Kubernetes Security Testing Guide
  ☆38Updated 9 months ago
• primeharbor / breaches.cloud
  https://breaches.cloud
  ☆39Updated 7 months ago
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆71Updated 2 years ago
• SDA-SE / cluster-image-scanner
  Discover vulnerabilities and container image misconfiguration in production environments.
  ☆56Updated last week
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 9 months ago
• Cybr-Inc / CloudSec
  Public repository of all things cloud security.
  ☆41Updated 8 months ago
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆145Updated this week
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆101Updated last year
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆28Updated 10 months ago
• google / localtoast
  ☆112Updated last week
• SeisoLLC / easy_infra
  A docker container to simplify and secure the use of Infrastructure as Code (IaC)
  ☆73Updated this week
• orcasecurity-research / kte
  Test & Compare different Kubernetes security offerings on EKS, GKE and AKS
  ☆39Updated 9 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 2 years ago
• ReversecLabs / IceKube
  ☆178Updated last month
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆118Updated last year
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆19Updated 3 years ago
• marco-lancini / k8s-lab-plz
  Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.
  ☆52Updated last year
• krol3 / kubernetes-security-checklist
  Awesome resources about Security in Kubernetes
  ☆42Updated 2 years ago
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆99Updated 10 months ago