Statistics for topic devsecops

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

A security scanner for your LLM agentic workflows

Find, verify, and analyze leaked credentials

secureCodeBox (SCB) - continuous secure delivery out of the box

A security scanner for your LLM agentic workflows

A clear ArduPilot configuration sequence

Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and ...

🚀 Policy driven vetting of open source packages with malicious code analysis

secureCodeBox (SCB) - continuous secure delivery out of the box

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

A security scanner for your LLM agentic workflows

Find secrets with Gitleaks 🔑

Find, verify, and analyze leaked credentials

A security scanner for your LLM agentic workflows

Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams

Offline Cybersecurity Knowledge Base

Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).

sdlc_python 是一个基于python语言构建的devsecops平台，旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识(对应sdlc中对开发人员的安全培训)，并且使用了大模型进行代码安全审计（对应sdlc中代码审计阶段），帮助企业进行安全左移。除了用于 DevSecOps 实践外，sdlc_python 还可以用于学习漏洞知...

Find, verify, and analyze leaked credentials

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

A security scanner for your LLM agentic workflows

Find secrets with Gitleaks 🔑

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Offline Cybersecurity Knowledge Base

Focused malicious code detection ruleset, with a high protection-to-noise ratio

A centralized hub for platform engineering teams, providing resources, best practices, and automation tools. Includes IaC templates, blueprints, and operational guides to help build scalable, secure, ...

A deliberately vulnerable banking application designed for practicing secure code reviews and API security testing. Features common vulnerabilities found in real-world applications, making it an ideal...

SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane. It protects your secrets and helps your ops, SREs, and sysadmins manage sensitive data securely with minimal overhe...

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits...

JavaSecLab is a comprehensive Java vulnerability platform｜​ JavaSecLab是一款综合型Java漏洞平台，提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范，覆盖多种漏洞场景，友好用户交互UI……

A security scanner for your LLM agentic workflows

boostsecurityio/poutine

Comprehensive set of Terraform coding standards designed for enterprise-level projects

Find, verify, and analyze leaked credentials

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Find secrets with Gitleaks 🔑

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.

boostsecurityio/poutine

Website, courses, documentation, blog and youtube video tracker.

SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane. It protects your secrets and helps your ops, SREs, and sysadmins manage sensitive data securely with minimal overhe...

A deliberately vulnerable banking application designed for practicing secure code reviews and API security testing. Features common vulnerabilities found in real-world applications, making it an ideal...

sdlc 是一个基于 Go 语言构建的安全漏洞示范平台，旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识，除了可以用于devsecops以外，还可以用于安全行业从事者学习漏洞知识或者渗透知识，代码审计，提供了一个实践和学习的环境。本项目采用了前后端分离的设计模式，其中后端利用了轻量级框架 Gin，而前端则使用了 Vue 3。