Awesome Security

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Simple and flexible tool for managing secrets

In-depth attack surface mapping and asset discovery

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

🛡️ Open-source and cloud-native Web Application Firewall (WAF)

A vault for securely storing and accessing AWS credentials in development environments

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Tfsec is now part of Trivy

Safely store secrets in Git/Mercurial/Subversion

Open device management

Open Source Cloud Native Application Protection Platform (CNAPP)

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

🔥Open source RASP solution

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

CLI for managing secrets

Adversary tradecraft detection, protection, and hunting

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

:star: :star: Distributed tcpdump for cloud native environments :star: :star:

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Go server for two-man rule style file encryption and decryption.

A modular vulnerability scanner with automatic report generation capabilities.

Tenzir is the data pipeline engine for security teams.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

Fast HTTP enumerator

A Vault CLI

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.

Discover internet-wide misconfigurations while drinking coffee

Incident Response - Fast suspicious file finder

preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.