The Wayback Machine - http://web.archive.org/web/20210814102519/https://github.com/topics/devsecops
Skip to content
#

devsecops

Star

Here are 306 public repositories matching this topic...

Language: All
Filter by language
All 306 Python 59 Java 34 Go 27 Shell 25 JavaScript 22 HTML 16 Dockerfile 15 HCL 10 TypeScript 10 Ruby 8
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated
Mobile-Security-Framework-MobSF

MobSF / Mobile-Security-Framework-MobSF

Star

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

python rest static-analysis apk owasp dynamic-analysis web-security malware-analysis mobsf android-security mobile-security windows-mobile-security ios-security mobile-security-framework api-testing cwe devsecops runtime-security mstg masvs
  • Updated Aug 13, 2021
  • Python

aquasecurity / trivy

Star
Open

feat(ruby): support gemspec

3
knqyf263
knqyf263 commented Oct 19, 2020

Currently, Trivy traverses all paths and looks for all Gemfile.lock in a container image. However, the image sometimes has only Gemfile.lock and doesn't install gems listed in the Gemfile.lock. I think a gem should have *.gemspec file if it is installed. e.g. rake.gemspec has the information about rake.

To avoid false positives from Gemfile.lock, we are probably able to take advantage of `*

Read more
help wanted good first issue kind/feature lifecycle/frozen

toniblyx / prowler

Star

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail gdpr security-tools devsecops cis-benchmark aws-auditing prowler well-architected
  • Updated Aug 13, 2021
  • Shell

bridgecrewio / checkov

Star
Open

AKS ARM template, AKSLoggingEnabled.py, TypeError: string indices must be integers

aholler2
aholler2 commented Aug 10, 2021

Describe the bug
Python is evaluating the following input as true and therefore breaking on the next line. If I change the name of variable "omsagentAddonFinal" to say "dfasdfasdf", the test will run fine.

if "omsagent" in conf["properties"]["addonProfiles"]:
"addonProfiles": "[union(variables('omsagentAddonFinal'), variables('azurepolicyAddon'),variables('appgwIngr
Read more
good first issue help wanted fast-lane
Find more good first issues

DefectDojo / django-DefectDojo

Star
Find more good first issues
dependency-track

DependencyTrack / dependency-track

Star
Open

Migrate Swagger to OpenAPI 3

1
stevespringett
stevespringett commented Nov 18, 2020

The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number

Read more
enhancement help wanted p2 good first issue

security-prince / Application-Security-Engineer-Interview-Questions

Star

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc websecurity devsecops security-engineering websec websecurity-reference security-team security-engineer-interview
  • Updated Aug 7, 2020

ShiftLeftSecurity / sast-scan

Star
Open

rush.js build errors

prabhu
prabhu commented Apr 20, 2021

Seeing the below error while installing rush.js. Probably might need a package in the base image. Any help would be appreciated.

#21 516.9 > keytar@7.6.0 install /usr/local/lib/node_modules/@microsoft/rush/node_modules/keytar
#21 516.9 > prebuild-install || npm run build
#21 516.9 
#21 521.6 prebuild-install WARN install No prebuilt binaries found (target=14.16.0 runtime=node arch=arm64
Read more
bug good first issue help wanted

Improve this page

Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."

Learn more