Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Protect and discover secrets using Gitleaks 🔑

Find and verify credentials

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Security scanner for your Terraform code

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

WireGuard®-based zero trust access platform that supports OIDC authentication, user/group sync, and requires zero firewall configuration.

Ultimate DevSecOps library

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Open Source Vulnerability Management Platform

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

🛡️ Make your web services secure by default !

DevSecOps, ASPM, Vulnerability Management. All on one platform.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓