A TypeScript library for creating dependency snapshots.

GitHub action to generate a CycloneDX SBOM for Python

GitHub Secret Scanning Auto Remediator (GSSAR)

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io

A parser for Python dependency files

Update multiple repositories in with one command

A curated list of Awesome Threat Intelligence resources

workflows-templates

Write workflows scripting the GitHub API in JavaScript

Generates a `dependabot.yml` and PRs it against your repo if it needs updating to include a new directory or package-ecosystem, with globs/wildcards

Run your GitHub Actions locally 🚀

📱 objection - runtime mobile exploration

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by t…

A reference architecture to integrate GitHub Audit Log to AWS CloudTrail Lake

OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws

Github action to run dependency check

GitHub public roadmap

Actions for running CodeQL analysis

Examples of Custom Secret Scanning Patterns

A Pythonic framework for threat modeling

Agile Threat Modeling Toolkit

Creating threat models by writing code

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Multi-Cloud Security Auditing Tool

A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.