Github

Scans repositories for exposed secrets, API keys, and credentials for bug bounty

A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.

Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.

A visual guide that maps attack vectors and exploitation techniques for identifying vulnerabilities in GitHub Actions configurations and CI/CD pipelines.

StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.

Monitor GitHub for sensitive data

An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.

A reconnaissance tool for GitHub organizations

Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.

A tool for identifying sensitive secrets in public GitHub repositories

ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.

A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

A tool for enumerating and attacking GitHub Actions pipelines

A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.

A powerful tool for searching and scraping data from GitHub

Standardized contribution guidelines for maintaining quality cybersecurity tool repositories and community-curated lists.

CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.

A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.

Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.

A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.

A standard README template file that provides basic structure for documenting Ruby applications and software projects.