💰 Bitcoind Docker image that runs the Bitcoin node in a container for easy deployment

Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with comma…

Supply-chain Levels for Software Artifacts

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.

Open source vulnerability DB and triage service.

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

Go security checker

Minimum Viable Secure Product mvsp.dev

Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Enterprise Kubernetes management, accelerated. 🚀

A CLI SAST (Static application security testing) tool which was built with the intent of finding vulnerable Clojure code via rules that use a simple pattern language.

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.

Collection of security best practices for package managers.

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

Application Security Verification Standard

OWASP Foundation Web Respository

HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac 🎉 Open an issue here to give feedback or ask for help.

My simple Swiss Army knife for http/https troubleshooting and profiling.

A collection of awesome security hardening guides, tools and other resources

macOS Security Compliance Project

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

A simple pull request approval system

Pause your GitHub Actions workflow and request manual approval from set approvers before continuing

Web Application Security Working Group repo

Always know where you need to run Terraform plan & apply!

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.