ik-security

All

116 repositories

opencti-fork
Public
Open Cyber Threat Intelligence Platform
TypeScript
•
Other
•1.2k•0•0•0•Updated Sep 25, 2025Sep 25, 2025
demo-slsa-fork
Public
Securing Alice's, Bob's and Carl's software supply chain using in-toto
Python
•42•0•0•0•Updated Sep 5, 2025Sep 5, 2025
ampel-fork
Public
🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)
Go
•8•0•0•0•Updated Sep 2, 2025Sep 2, 2025
syft-software-scanning-fork
Public
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Go
•
Apache License 2.0
•741•0•0•0•Updated Aug 10, 2025Aug 10, 2025
grype-image-scanning-fork
Public
A vulnerability scanner for container images and filesystems
Go
•
Apache License 2.0
•713•0•0•0•Updated Jul 15, 2025Jul 15, 2025
slsa-github-generator-fork
Public
Language-agnostic SLSA provenance generation for Github Actions
Go
•
Apache License 2.0
•171•0•0•0•Updated Jun 27, 2025Jun 27, 2025
vault-plugin-secrets-gitlab-fork
Public
Vault Plugin for Gitlab Access Tokens
Go
•
MIT License
•12•0•0•0•Updated Jun 7, 2025Jun 7, 2025
hello-vault-go-fork
Public
Runnable examples in Go of how to integrate an application with HashiCorp Vault.
Go
•
Mozilla Public License 2.0
•34•0•0•0•Updated Apr 17, 2025Apr 17, 2025
blueprint-securesoftwarepipeline
Public
For engineers and security teams driving fast and secure software supply chains
Apache License 2.0
•24•0•0•0•Updated Feb 16, 2025Feb 16, 2025
vsign-code-sign-fork
Public
Venafi CodeSign Protect Golang CLI and SDK
Go
•
Apache License 2.0
•2•0•0•0•Updated Feb 14, 2025Feb 14, 2025
pdfsign-fork
Public
Add/verify Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) in PDF (usign pure Go)
Go
•
BSD 2-Clause "Simplified" License
•34•0•0•0•Updated Feb 10, 2025Feb 10, 2025
sigscan-containers-fork
Public
Signature Discovery Utility
Go
•
Apache License 2.0
•3•0•0•0•Updated Feb 10, 2025Feb 10, 2025
trivy-fork
Public
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Go
•
Apache License 2.0
•2.8k•0•0•0•Updated Feb 6, 2025Feb 6, 2025
slsa-ci-sec-framework-fork
Public
Supply-chain Levels for Software Artifacts
Shell
•
Other
•272•0•0•0•Updated Feb 4, 2025Feb 4, 2025
security-profiles-operator-fork
Public
The Kubernetes Security Profiles Operator
C
•
Apache License 2.0
•125•0•0•0•Updated Jan 31, 2025Jan 31, 2025
prowler-fork
Public
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
Python
•
Apache License 2.0
•1.9k•0•0•0•Updated Jan 18, 2025Jan 18, 2025
checkov-python-fork
Public
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Python
•
Apache License 2.0
•1.3k•0•0•0•Updated Jan 5, 2025Jan 5, 2025
checkov-sec-fork
Public
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Python
•
Apache License 2.0
•1.3k•0•0•0•Updated Dec 31, 2024Dec 31, 2024
gatekeeper-library-fork
Public
📚 The OPA Gatekeeper policy library
Open Policy Agent
•
Apache License 2.0
•339•0•0•0•Updated Dec 30, 2024Dec 30, 2024
secretless-broker-fork
Public
Secure your apps by making them Secretless
Go
•
Apache License 2.0
•49•0•0•0•Updated Dec 18, 2024Dec 18, 2024
learn-vault-secrets-operator-fork
Public
Mozilla Public License 2.0
•15•0•0•0•Updated Jul 26, 2024Jul 26, 2024
spicedb
Public
Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications
Go
•
Apache License 2.0
•355•0•0•0•Updated Jul 7, 2024Jul 7, 2024
SecLists-fork
Public
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
PHP
•
MIT License
•25k•0•0•0•Updated Apr 27, 2024Apr 27, 2024
GTFOBins.github.io-fork
Public
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
HTML
•
GNU General Public License v3.0
•1.5k•0•0•0•Updated Apr 8, 2024Apr 8, 2024
PEASS-ng-fork
Public
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
C#
•
Other
•3.3k•0•0•0•Updated Apr 8, 2024Apr 8, 2024
PayloadsAllTheThings-fork
Public
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Python
•
MIT License
•16k•0•0•0•Updated Apr 6, 2024Apr 6, 2024
bane
Public
Custom & better AppArmor profile generator for Docker containers.
Go
•
MIT License
•90•1•0•0•Updated Apr 5, 2024Apr 5, 2024
juice-shop-fork
Public
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
TypeScript
•
MIT License
•16k•0•0•0•Updated Apr 5, 2024Apr 5, 2024
thc-hydra-fork
Public
hydra
C
•
GNU Affero General Public License v3.0
•2.4k•0•0•0•Updated Apr 1, 2024Apr 1, 2024
trivy
Public
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Go
•
Apache License 2.0
•2.8k•0•0•0•Updated Mar 23, 2024Mar 23, 2024