Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
Fast and accurate OSS secret scanner with live validation and blast radius mapping. 800+ rules. Scans code, Git, CI, cloud, and SaaS.
Lightweight static analyzer for several programming languages
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
🛡️ Blazing fast Supply Chain Security tool written in Rust. Features ephemeral sandboxing, hybrid analysis (CVE + Heuristics), and entropy-based malware detection.
Polyglot execution engine and CLI for vulnerability detection using real code
Rust-based ScanCode-compatible scanner for licenses, package metadata, SBOMs, and provenance data.
🔐 Secrets, configs, and platform outputs as code — typed, versioned, encrypted.
Qryon — Find security vulnerabilities in seconds. 647+ rules, 28 languages, 10x faster than Semgrep. Free & open source CLI.
UZYNTRA API Firewall is a high-performance API security engine that inspects, detects, and mitigates threats in real time through a programmable reverse proxy architecture.
Secrets scanner with pattern matching, entropy analysis, and live validation
Paranoid security scanner + sandboxed step runner for GitHub Actions. Verifies pins, audits workflows, runs steps in a kernel sandbox where secrets are capabilities.
Secure your dependencies before they land in production. secure-packages audits package source, reviews new-version diffs, and blocks risky updates in CI/CD, starting with PyPI.
An Azure Security Assessment Tool Written with 200+ Rules
Share secrets like they're secrets.
High-performance network reconnaissance and port scanning framework written in Rust. Fast TCP SYN scanner with service detection, OS fingerprinting and Masscan-like speed.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."