Awesome Security

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Simple and flexible tool for managing secrets

In-depth attack surface mapping and asset discovery

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Tfsec is now part of Trivy

Open device management

Open Source Cloud Native Application Protection Platform (CNAPP)

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Adversary tradecraft detection, protection, and hunting

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Go server for two-man rule style file encryption and decryption.

A modular vulnerability scanner with automatic report generation capabilities.

Tenzir is the data pipeline engine for security teams.

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.