Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Protect and discover secrets using Gitleaks 🔑

Find and verify secrets

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

Security scanner for your Terraform code

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

ContainerSSH: Launch containers on demand

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

🧵 CLI tool for directly patching container images using reports from vulnerability scanners

kube-scan: Octarine k8s cluster risk assessment tool

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.