#shell #applicationsecuritymonitoring #appsec_tutorials #devsecops #dongtai #dongtai_iast #iast #security

https://github.com/HXSecurity/DongTai

#other #automation #awesome #awesome_list #aws #azure #ci_cd #cloud #containers #cybersecurity #devops #devsecops #docker #gcp #k8s #kubernetes #security #serverless #ssdlc #tool

https://github.com/sottlmarek/DevSecOps

#typescript #compliance #data_anonymization #devsecops #gdpr #hardening #immutable_database #pci_dss #privacy_by_design #security #soc2 #tokenization #web_security #zero_trust

https://github.com/lunasec-io/lunasec

#go #devsecops #golang #mesh #mesh_networks #netmaker #network #networking #virtual_network #vpn #wireguard #zero_configuration #zero_trust #zero_trust_network

https://github.com/gravitl/netmaker

#other #devsecops #owasp #shift_left

https://github.com/OWASP/DevSecOpsGuideline

#other #containers #devsecops #security

https://github.com/krol3/container-security-checklist

#go #cis #devsecops #golang #misconfiguration #open_policy_agent #security #security_tools #software_supply_chain #software_supply_chain_security #vulnera

https://github.com/aquasecurity/chain-bench

#go #containers #devsecops #docker #kubernetes #security #security_tools #ssh

https://github.com/ContainerSSH/ContainerSSH

#go #aws #azure #cis #cloud #cnapp #cspm #cwpp #devops #devsecops #fdw #gcp #golang #hacktoberfest #kubernetes #postgresql #postgresql_fdw #security #sql #steampipe #terraform

https://github.com/turbot/steampipe

#html #analytics #appsec #automation #devsecops #django #hacktoberfest #kubernetes #owasp #python #security #security_automation #security_orchestration #vulnerability_correlation #vulnerability_databases #vulnerability_management

https://github.com/DefectDojo/django-DefectDojo

#other #devsecops #playbook #security

https://github.com/6mile/DevSecOps-Playbook

#go #awesome_list #collections #devops #devsecops #roadmap #security #tools

https://github.com/hahwul/DevSecOps

#python #appsec #cicd #ctf #devops #devsecops #infosec #jenkins #security

https://github.com/cider-security-research/cicd-goat

#open_policy_agent #appsec #cloudnative #devsecops #golang #hacktoberfest #iac #infrastructure_as_code #open_policy_agent #security #security_tools #vulnerability_detection #vulnerability_scanners

https://github.com/Checkmarx/kics

#java #aws #azure #ctf #devsecops #docker #gcp #hashicorp_vault #keepass #kubernetes #secrets #secrets_management #security #terraform_aws #terraform_azure #terraform_gcp #vault #vulnerable_web_app

https://github.com/OWASP/wrongsecrets

#go #bounty #csv #devsecops #golang #graphviz #html #json #markdown #nmap #pentesting #port_scanner #port_scanning #scan #scanner #security #security_tools #sqlite #xml #xml_parsing

https://github.com/vdjagilev/nmap-formatter

#html #blueteam #cloud_native #cloud_security #cloudsecurity #container #container_security #devsecops #docker #hacking #infrastructure #k8s #kubernetes #kubernetes_goat #kubernetes_security #owasp #pentesting #redteam #security #vulnerable_app

https://github.com/madhuakula/kubernetes-goat

#go #containers #devsecops #docker #go #golang #hacktoberfest #iac #infrastructure_as_code #kubernetes #misconfiguration #security #security_tools #vulnerability #vulnerability_detection #vulnerability_scanners

Trivy is a powerful tool that helps you find security issues in various places like container images, filesystems, Git repositories, and more. It checks for vulnerabilities, misconfigurations, sensitive information, and software licenses. Trivy supports many programming languages and platforms, making it very versatile. You can easily install it using methods like `brew install trivy` or `docker run aquasec/trivy`. It also integrates with popular tools like GitHub Actions and Kubernetes. Using Trivy helps you secure your projects by identifying potential security problems early, which is very beneficial for keeping your software safe and reliable.

https://github.com/aquasecurity/trivy

#go #devsecops #git #gitleaks #go #golang #hacktoberfest #secret #security #security_tools

Gitleaks is a tool that helps you find and prevent hardcoded secrets like passwords, API keys, and tokens in your git repositories. It's easy to use and can be installed via Homebrew, Docker, or Go. You can run Gitleaks as a pre-commit hook or as a GitHub action to automatically check your code for secrets before committing.

Using Gitleaks benefits you by ensuring your sensitive information is not accidentally exposed in your code, making your projects more secure. It scans your repository for any hidden secrets and alerts you, so you can remove them before they become public. This protects your project from potential security breaches and maintains the confidentiality of your credentials.

https://github.com/gitleaks/gitleaks

#go #credentials #devsecops #dynamic_analysis #hacktoberfest #precommit #scanning #secret #secret_management #secrets #security #security_tools #trufflehog #verification

TruffleHog is a powerful tool that helps you find and verify leaked credentials in various places like Git repositories, chats, wikis, logs, and more. Here’s how it benefits you TruffleHog can search for secrets in many different sources such as Git, chats, wikis, logs, and file systems.
- **Classification** For each found secret, TruffleHog checks if it is live and active.
- **Analysis**: It provides detailed information about the secret, such as who created it and what resources it can access.

Using TruffleHog helps you protect your credentials by detecting and verifying them before they cause any harm. You can install it via various methods like Docker, binary releases, or compiling from source, making it easy to integrate into your security workflow.

https://github.com/trufflesecurity/trufflehog