secureCodeBox
Open-Source-Security-Guide
| secureCodeBox | Open-Source-Security-Guide | |
|---|---|---|
| 1 | 23 | |
| 720 | 852 | |
| 1.4% | - | |
| 9.9 | 6.4 | |
| about 12 hours ago | 4 months ago | |
| JavaScript | Go | |
| GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
secureCodeBox
Open-Source-Security-Guide
-
Degree vs Certifications
Cyber Security is one of the biggest needs in the industry right now as well. This Github has a lot of information for all the different areas.
-
Open Source Security Development
Useful Tools and Resources for those getting into IT Security development such as Security Standards, Frameworks, Threat Models, Encryption, and Benchmarks.
-
Open Source Security Guide
Useful Tools and Resources for Open Source Security development.
I found this useful Open Source Security Guide. I thought I'd share for anyone that's interested .
-
New to Forensics, Drop some Forensics tools/training content
Open sourse OS that comes preintalled with lots of tools we use includijg a software write blocker. Best for investigating an image of an infected device. https://tsurugi-linux.org/ IR plan https://github.com/guardsight/gsvsoc_cybersecurity-incident-response-plan Very detailed IR battle cards https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards IR focused guide that lists lots of helpful tools and resources, like things to use for reverse engineering. https://github.com/mikeroyal/Open-Source-Security-Guide
-
Useful Security Guide
Found a useful set of Tools, Programs, and Learning Resources for Security. It covers Security Standards, Frameworks, Benchmarks , and Networking.
- Found a useful Open Source Security Guide
- Found a useful Security Guide
What are some alternatives?
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
mutillidae - OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
ZAP - The ZAP core project
gsvsoc_cirt-playbook-battle-cards - Cyber Incident Response Team Playbook Battle Cards
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
bulk_extractor - This is the development tree. Production downloads are at:
github-actions-goat - GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
gotestwaf - An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
cosign-keyless-admission-webhook - Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
slsa-github-generator - Language-agnostic SLSA provenance generation for Github Actions