Alternatives and similar repositories for surface

Users that are interested in surface are comparing it to the libraries listed below

• Toreon / threat-model-playbook
  ☆88Updated 4 years ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆79Updated last year
• kempy007 / VulManAgg
  Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
  ☆31Updated 2 years ago
• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆25Updated 2 years ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆63Updated 5 years ago
• pulsedive / certrss
  ☆119Updated 2 years ago
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆20Updated 3 years ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆77Updated last year
• packetchaos / navi
  A Command-line tool which leverages the Tenable Vulnerability Management API to reduce the time it takes to get information that is commo…
  ☆82Updated 3 weeks ago
• Patrowl / PatrowlEngines
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆248Updated 3 weeks ago
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆31Updated last week
• iknowjason / AriaCloud
  A Docker container for remote penetration testing.
  ☆141Updated 4 years ago
• openraven / magpie
  A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …
  ☆191Updated last year
• martinsohn / CIS-Controls
  ☆19Updated 2 years ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆126Updated last week
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆29Updated last year
• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆245Updated 4 years ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆105Updated last year
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 6 months ago
• rapid7 / vm-console-client-python
  the UNOFFICIAL (but useful) Python library for the Rapid7 InsightVM/Nexpose RESTful API
  ☆78Updated last year
• prisma-cloud / IAMFinder
  IAMFinder enumerates and finds users and IAM roles in a target AWS account.
  ☆111Updated 4 years ago
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated 8 months ago
• OWASP / OpenCRE
  ☆123Updated this week
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆211Updated last week
• kpolley / slackurity
  Slack bot which promotes Defense in Depth/Zero Trust security practices
  ☆24Updated 2 years ago
• elastic / dorothy
  ☆187Updated 3 weeks ago
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆279Updated 2 weeks ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆138Updated 4 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆52Updated 4 months ago