OCRmyPDF adds an OCR text layer to scanned PDF files, allowing them to be searched

The Grammar Checker for Developers

Command and Conquer: Red Alert

ConditionalAccessIQ streamlines this process by providing automatic version control, change tracking, and visual comparisons of your Conditional Access Policies.

Language-agnostic SLSA provenance generation for Github Actions

Cosign Github Action

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

A utility to generate SPDX-compliant Bill of Materials manifests

Support CI generation of SBOMs via golang tooling.

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

A web application to streamline the development of STIGs from SRGs

Automatically assess and score software repositories for supply chain risk.

Primary source of truth for the Docker "Official Images" program

A collection of scripts for assessing Microsoft Azure security

ScriptSentry finds misconfigured and dangerous logon scripts.

A collection of Azure AD/Entra tools for offensive and defensive security purposes

The Azure Naming Tool is a .NET 8 Blazor application, with a RESTful API. The UI consists of several pages to allow the configuration and generation of Azure Resource names. The API provides a prog…

Release Management utility tasks

Microsoft Azure PowerShell

WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Frontend UI for Dependency-Track

Public website for dependencytrack.org

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

NIST Certified SCAP 1.2 toolkit

For pentesters who don't wanna leave their terminals.

Just a place where to place some tutorials