♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

An experimental ModelContextProtocol server connecting LLMs to DefectDojo for AI-powered security workflows. Enables natural language interaction with vulnerability data, simplifies security analysis, and automates reporting through a lightweight middleware integration.

A collection of custom parsers for DefectDojo, the leading open-source vulnerability management platform. These parsers extend DefectDojo's scanning capabilities with enhanced support for popular security tools.

CLI wrapper for DefectDojo APIv2 (beta)

Cosca (Combo Scanner) is an Application Security automation tool that invokes third-party scanners and processes outputs in a one-liner command.

A comprehensive Prefect 3.x workflow orchestration project for security automation, asset management, and vulnerability assessment. This repository contains production-ready flows for integrating with various security tools and platforms.

A script to automatically upload Tenable Nessus scans to DefectDojo

🛡️ A Python script that exports vulnerabilities from Wazuh (Elasticsearch) and imports them into DefectDojo via the Generic Findings Import API. Supports automated rescanning and can be run as a cron job.

Dependency Track integration to Defect Dojo

ReconVerse: Automated CMS-based web application vulnerability assessment pipeline using Common Crawl, WhatWeb, and various scanners, with results visualized in DefectDojo.

dDojo is a Command-Line Interface (CLI) tool designed to simplify interactions with Defect Dojo.