SaaSHub helps you find the best software and product alternatives Learn more β
Top 23 Go Devsecops Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Netmaker
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
-
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
-
bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
DevSecOps
βΎοΈ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe π (by hahwul)
-
copacetic
𧡠CLI tool for directly patching container images using reports from vulnerability scanners
-
legitify
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
-
chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
-
ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
-
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
-
Selefra
The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).
-
stackql
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework
-
yatas
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec
install gitleaks in your machine gitleaks
Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03Trufflehog
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.
Project mention: Steampipe: Dynamically query APIs, code and more with SQL | news.ycombinator.com | 2024-04-04
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Terrascan Owner/Maintainer: Tenable (acquired in 2022) Age: First release on GitHub on November 28th, 2017 License: Apache License 2.0
Project mention: Ask HN: Tell us about your project that's not done yet but you want feedback on | news.ycombinator.com | 2023-08-16- Build your own honeypot with ContainerSSH (DevConf CZ 2021) [4]
[1]: https://containerssh.io
Project mention: Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python | news.ycombinator.com | 2023-10-26
Project mention: copacetic: 𧡠CLI tool for directly patching container images using reports from vulnerability scanners | /r/blueteamsec | 2023-11-25
Project mention: GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub GitLab assets. Version 1.0 is out, check out the new enterprise-level policies. | /r/netsec | 2023-08-04
Project mention: NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite | news.ycombinator.com | 2024-01-26
[Feature]Modules support filtering, while labels support customization of any format. by @FelixsJiang in #30
Like Steampipe's revolutionary approach, StackQL harnesses the power of SQL to query your resources seamlessly. Moreover, it empowers you to utilize SQL syntax for querying and creating resources.
Go Devsecops related posts
- A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
- Cloud Tools You Probably Haven't Heard Of
- Show HN: Vet now supports detecting malicious packages
- GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
- GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
- GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
- Threagile β Agile Threat Modeling Toolkit
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source Devsecops projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | trivy | 21,316 |
2 | gitleaks | 15,225 |
3 | trufflehog | 13,863 |
4 | Netmaker | 8,952 |
5 | tfsec | 6,544 |
6 | steampipe | 6,379 |
7 | terrascan | 4,494 |
8 | dalfox | 3,272 |
9 | SecretScanner | 2,956 |
10 | ContainerSSH | 2,565 |
11 | bearer | 1,736 |
12 | DevSecOps | 1,619 |
13 | YaraHunter | 1,229 |
14 | copacetic | 778 |
15 | legitify | 706 |
16 | chain-bench | 698 |
17 | ChopChop | 651 |
18 | nmap-formatter | 595 |
19 | threagile | 562 |
20 | Selefra | 507 |
21 | bomber | 453 |
22 | stackql | 433 |
23 | yatas | 303 |
Sponsored