pxlpnk's Stars
n8n-io/n8n
Free and source-available fair-code licensed workflow automation tool. Easily automate tasks across different services.
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
securego/gosec
Go security checker
stefanprodan/dockprom
Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager
decalage2/awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
promptfoo/promptfoo
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.
trimstray/htrace.sh
My simple Swiss Army knife for http/https troubleshooting and profiling.
httptoolkit/httptoolkit
HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac :tada: Open an issue here to give feedback or ask for help.
OWASP/ASVS
Application Security Verification Standard
projectdiscovery/dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
usnistgov/macos_security
macOS Security Compliance Project
slsa-framework/slsa
Supply-chain Levels for Software Artifacts
google/osv.dev
Open source vulnerability DB and triage service.
pluralsh/plural
Enterprise Kubernetes management, accelerated. 🚀
ShiftLeftSecurity/sast-scan
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
ossf/wg-best-practices-os-developers
The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
kylemanna/docker-bitcoind
💰 Bitcoind Docker image that runs the Bitcoin node in a container for easy deployment
w3c/webappsec
Web Application Security Working Group repo
OWASP/www-project-kubernetes-top-ten
OWASP Foundation Web Respository
devsecopsmaturitymodel/DevSecOps-MaturityModel
trstringer/manual-approval
Pause your GitHub Actions workflow and request manual approval from set approvers before continuing
zerostaticthemes/hugo-hero-theme
A multi-page Hugo theme with fullscreen hero images and fullwidth sections.
brexhq/substation
Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
jassics/security-interview-questions
Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on
vendorsec/mvsp
Minimum Viable Secure Product mvsp.dev
ossf/package-manager-best-practices
Collection of security best practices for package managers.
clj-holmes/clj-holmes
A CLI SAST (Static application security testing) tool which was built with the intent of finding vulnerable Clojure code via rules that use a simple pattern language.
go-gitea/lgtm
A simple pull request approval system
contentful-labs/terraform-diff
Always know where you need to run Terraform plan & apply!