Skip to content
#

security-tools

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 2,674 public repositories matching this topic...

Language: All
Filter by language
All 2,674 Python 926 Go 252 Shell 212 JavaScript 162 Java 119 C 96 PHP 73 C# 70 HTML 63 C++ 62
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

aquasecurity / trivy

Star 11.4k
Open

Feature: Add podAnnotations

1
albertschwarzkopf
albertschwarzkopf commented Mar 29, 2022

Hi,

it would be nice, if pod annotations would be configurable via values file. E.g:

values.yaml:

.
.
.
podAnnotations: {}
.
.
.

statefulset.yaml:

  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- . | toYaml | nindent 8 }}
      {{- end }}
Read more
help wanted good first issue kind/feature
Find more good first issues

CISOfy / lynis

Star 9.5k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening
  • Updated Mar 17, 2022
  • Shell

zricethezav / gitleaks

Sponsor
Star 9.5k
Open

config validation

6
zricethezav
zricethezav commented Dec 3, 2021

Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.

Describe the solution you'd like
example entry in the rules tables
ex:

[[rules]]
id = "discord-client-secret"
des
Read more
enhancement help wanted good first issue
Find more good first issues

future-architect / vuls

Star 9.1k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Apr 8, 2022
  • Go

secdev / scapy

Star 7.2k
Open

Contribute to Scapy: a master list of good first issues

3
gpotter2
gpotter2 commented Dec 18, 2016

Hi & welcome to Scapy's github ! This page lists issues that you can try to fix if you want to start contributing to Scapy.

This list includes wishes and things added by the maintainers based on the issues that we get, but also issues marked with TODO or XXX that already exist in Scapy's code base (layers). If you want to contribute to the project you might just take care one of the bugs.

Read more
help wanted good first issue
RustScan

RustScan / RustScan

Star 6k
Open

Write CI that checks for specific outputs in the terminal

4
bee-san
bee-san commented Oct 18, 2020

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

  1. [!]
  2. [~]
  3. [>]
  4. | {}

If any of these characters appear in any of the tests, fail the CI. E

Read more
good first issue feature_request hacktoberfest
Find more good first issues
prowler

prowler-cloud / prowler

Star 5.1k

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail hacktoberfest gdpr security-tools devsecops cis-benchmark aws-auditing well-architected
  • Updated Apr 7, 2022
  • Shell
certificates

smallstep / certificates

Star 4.2k
Open

Add `Cache-Control: private, no-store` headers where appropriate

tashian
tashian commented Jan 10, 2022

The recommendation is to set Cache-Control: private, no-store on any endpoint with sensitive information. Because while you can protect the traffic with TLS, you also need to keep sensitive information out of a client's (unencrypted) HTTP cache. I'm not sure how relevant this is to the API context of step-ca though—I've never seen an HTTP client library that caches content. But I guess the poi

Read more
enhancement good first issue quickfix
Find more good first issues

PyCQA / bandit

Star 4k
Open

config file as described in README.rst does not work

4
davidak
davidak commented Jun 18, 2018

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

  1. create .bandit file with content:
[bandit]
tests: B101,B102,B301
  1. run bandit -c .bandit -r module/
  2. get error:
    [main] ERROR .bandit : Error parsing file.

Expected behavior
working as described in readme

Bandit version

ba
Read more
bug good first issue
Wikipedia
Wikipedia