Pinned Repositories
advisory-database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
cdxgen
Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
codellama
Inference code for CodeLlama models
dep-scan
Fully open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
GitGoat
GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repositories without a risk to your production environment.
gitleaks
Protect and discover secrets using Gitleaks 🔑
OSSGadget
Collection of tools for analyzing open source packages.
prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
nir-valtman's Repositories
nir-valtman/advisory-database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
nir-valtman/cdxgen
Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
nir-valtman/codellama
Inference code for CodeLlama models
nir-valtman/dep-scan
Fully open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!
nir-valtman/GitGoat
GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repositories without a risk to your production environment.
nir-valtman/gitleaks
Protect and discover secrets using Gitleaks 🔑
nir-valtman/OSSGadget
Collection of tools for analyzing open source packages.
nir-valtman/prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
nir-valtman/semgrep-rules-android-security
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
nir-valtman/tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
nir-valtman/www-community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.