ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data

🤖 Simplify code reviews with XCodeReviewer, your smart partner for efficient and effective code audits in any development project.

The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

🤖 Elevate your AI skills with hands-on challenges focused on enterprise AI modernization and full-stack development using Python and Azure.

⚙️ 🔔 A centralized dashboard to monitor and manage the health and status of GitHub repositories, personal projects, and infrastructure.

Learn DevSecOps and Cloud Security Engineering fundamentals.

Building FlashFathom AI SAAS project that generate Flascards - Deployment Using DevSecOps Best Practices

A clean, minimal template for building games with React, TypeScript, Three.js, and Vite - built with security-first principles.

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

End-to-End DevSecOps Pipeline deploying a Reddit Clone to Kubernetes (K3s) on Azure. Features Jenkins, Terraform, Docker, Trivy, SonarQube, and Dynamic Ingress.

开源的代码审计平台 - 支持项目级/文件级/片段级审计，支持 10+ LLM、自定义规则集（内置OWASP Top 10 规则集）、自定义提示词模板、可解释分析、PDF 报告导出。支持ollama私有部署模型，代码可不出内网。

🚀 Secure CI/CD pipeline integrating SAST, SCA, secrets scanning, and DAST for OWASP Juice Shop using Jenkins, Docker, and DefectDojo.

CLI security scanner for detecting secrets and vulnerabilities in codebases

Realtime secret and configuration management tool

Anomalyze is an advanced AI-powered web security scanner that detects vulnerabilities, misconfigurations, and anomalies in web applications. It integrates ML-based analysis, CVE intelligence, and automated audits to deliver comprehensive, real-time security insights through an intuitive, analytics-driven dashboard for developers and security teams.

Take control of you SCM security posture enforcing policy as code

Kexa's simple rules (Open Source) make it easy to monitoring and manage alerting of your entire cloud. With various monitoring and alerting options, instant and detailed alerts, easy-to-deploy and low in infrastructure costs, in turns complexity into simplicity.

Repogate.io VS Code Extention

A FREE pragmatic DevOps learning to kickstart your DevOps career and knowledge in the Cloud Native era following the Agile MVP style! ⭐ (2025 plans for DevOps, Cloud, Platform, SRE, SWE)