bcdunbar's Stars
goldbergyoni/nodebestpractices
:white_check_mark: The Node.js best practices list (July 2024)
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
score-spec/spec
The Score Specification provides a developer-centric and platform-agnostic Workload specification to improve developer productivity and experience. It eliminates configuration inconsistencies between environments.
WebGoat/WebGoat
WebGoat is a deliberately insecure application
aws/aws-sam-cli
CLI tool to build, test, debug, and deploy Serverless applications using AWS SAM
google/osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
cloudevents/spec
CloudEvents Specification
ddd-crew/ddd-starter-modelling-process
If you're new to DDD and not sure where to start, this process will guide you step-by-step
asyncapi/spec
The AsyncAPI specification allows you to create machine-readable definitions of your asynchronous APIs.
aws/copilot-cli
The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner or Amazon ECS on AWS Fargate.
CodingChallengesFYI/SharedSolutions
Publicly shared solutions to Coding Challenges
skills/secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
evolutionary-architecture/evolutionary-architecture-by-example
Navigate the complex landscape of .NET software architecture with our step-by-step, story-like guide. Unpack the interplay between modular monoliths, microservices, domain-driven design, and various architectural patterns. Go beyond the one-size-fits-all solutions and understand how to blend these approaches based on your unique needs.
event-catalog/eventcatalog
An open source documentation tool to bring discoverability to your event-driven architectures
slsa-framework/slsa
Supply-chain Levels for Software Artifacts
bridgecrewio/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
boyney123/awesome-eventbridge
List of resources for learning about events, patterns, and using Amazon EventBridge
actions/dependency-review-action
A GitHub Action for detecting vulnerable dependencies and invalid licenses in your PRs
MahdiMashrur/Awesome-Application-Security-Checklist
Checklist of the most important security countermeasures when designing, creating, testing your web/mobile application
github/vscode-codeql-starter
Starter workspace to use with the CodeQL extension for Visual Studio Code.
adeyosemanputra/pygoat
intentionally vuln web Application Security in django
event-driven-io/emmett
Emmett - a Node.js library taking your event-driven applications back to the future!
ChristopheBougere/asl-validator
A simple Amazon States Language validator based on JSON schemas.
ghas-bootcamp/ghas-bootcamp
This bootcamp is designed to familiarize you with GitHub Advanced Security (GHAS) so that you can better understand how to use it in your own repositories.
xregistry/spec
xRegistry related specifications
fourTheorem/cross-account-eventbridge
Sample application for cross-domain, cross-account events with EventBridge
GeekMasher/ghastoolkit
GitHub Advanced Security Python Toolkit
WaleedAshraf/asyncapi-github-action
GitHub action to validate if AsyncAPI schema file is valid or not.
aml-org/amf
AMF (AML Modeling Framework) is an open-source library capable of parsing and validating AML metadata documents.