Search Results for "cd-tag"
Sort By:
Showing 95 open source projects for "cd-tag"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
1
Seed Tag
Hide your SEED phrase in a fake SEED phrase
...Эта программа попытка сделать что-то вроде brainwallet, можно используя три ключа (число, пароль и адрес почты) превратить свою сид-фразу в бессмысленную сид-фразу, которую уже можно записать на железный кошелёк/армейский жетон(dog tag). Настоящего шифрования здесь нет, но от честных людей может помочь. Pack your seed phrase into fake phrase using three keys (some number, password and email) Warning! this is not tested for security. I made this for myself, when i wanted to make the cheapiest iron crypto wallet from a dog tag. This program is a simple way to protect my seed phrase if others see my dog tag howto: 0 unplug internet connection!!! ... -
2
Antivirus Live CD
4MLinux fork including ClamAV scanner
Antivirus Live CD is an official 4MLinux fork including the ClamAV scanner. It's designed for users who need a lightweight live CD, which will help them to protect their computers against viruses. Ethernet, WiFi, PPP and PPPoE are supported by Antivirus Live CD to enable automatic updates of its virus signature databases. All partitions are mounted during the boot process so that they can be scanned by ClamAV. -
3
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language. ... -
4
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security... -
6
ScubaGear
Automation to assess the state of your M365 tenant against CISA
ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations. -
7
Notesnook
A fully open source & end-to-end encrypted note taking alternative
...Free or Pro, you get the same level of privacy. Making privacy a paid feature means only the privileged few deserve it but privacy is your right. And rights don't have a price tag, or do they? To verify that your notes are actually encrypted (and we aren't just lying), you can use our open source tool, Vericrypt. -
8
RBAC Manager
A Kubernetes operator that simplifies the management of Role Bindings
RBAC Manager is designed to simplify authorization in Kubernetes. This is an operator that supports declarative configuration for RBAC with new custom resources. Instead of managing role bindings or service accounts directly, you can specify a desired state and RBAC Manager will make the necessary changes to achieve that state. -
9
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
Laravel CSP
Set content security policy headers in a Laravel app
By default, all scripts on a webpage are allowed to send and fetch data to any site they want. This can be a security problem. Imagine one of your JavaScript dependencies sends all keystrokes, including passwords, to a third party website. It's very easy for someone to hide this malicious behaviour, making it nearly impossible for you to detect it (unless you manually read all the JavaScript code on your site). For a better idea of why you really need to set content security policy headers,... -
11
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
12
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
...The recipes scale from simple “deny all traffic by default” policies to more advanced micro-segmentation patterns for multi-tier apps (frontend/backends) and platform-level isolation for CI/CD systems or service meshes. -
13
Tailsnitch
A security auditor for Tailscale configurations
...It outputs structured reports on findings with severity levels and remediation guidance, and it can generate results in formats like JSON for downstream analysis and integration with CI/CD pipelines. Tailsnitch supports authentication via the Tailscale API (including OAuth or API keys) and provides options to filter findings, run only high-severity checks, and produce compliance artifacts like SOC 2 evidence exports. -
14
gopass
The slightly more awesome standard unix password manager for teams
...By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can largely avoid the command line - if you want. gopass can operate without any dependencies but most users will use it with gpg and git. An external editor is required to use gopass edit. The same user experience on Linux, MacOS, *BSD or Windows. ... -
15
Proton Pass for iPhone
iOS client for Proton Pass
...Designed with native Swift interfaces, the iOS app fits naturally into Apple’s ecosystem, supporting iCloud keychain-style convenience features like autofill, Face ID/Touch ID security, and system integrations while maintaining strict separation between user plaintext and any remote services. Users can organize items into folders, tag and search records, and fill credentials into apps and websites using the iOS autofill framework, turning strong security into a friction-free experience. The app synchronizes encrypted vault data across devices via Proton’s encrypted sync service, making it easy to keep passwords and secrets consistent between iPhone, iPad, and other Proton Pass clients. -
16
Step Certificates
A private certificate authority (X.509 & SSH) & ACME server
...Get a public key infrastructure and certificate authority running in minutes. Automate enrollment using ACME, OIDC, one-time tokens, cloud APIs and more. Use systemD timers, daemon mode, cron jobs, CI/CD, and more to automate certificate management. Build and operate systems using secure open standards (e.g. X.509, mTLS, JWT, OAuth, OIDC). step-ca is an online certificate authority for secure, automated certificate management. For people, in exchange for single sign-on ID tokens. For hosts, in exchange for cloud instance identity documents. ... -
17
Checkov
Prevent cloud misconfigurations during build-time for Terraform
...Analyze relationships between cloud resources using Checkov’s graph-based YAML policies. Execute, test, and modify runner parameters in the context of a subject repository CI/CD and version control integrations. -
18
SecretScanner
Find secrets and passwords in container images and file systems
...Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. Also, sometimes users store passwords in plain text. -
19
<<Hack|Track GNU/Linux
Distro Penetrasing Live System Burn to USB Flash Disk & Run.
<<Hack|Track GNU/Linux is an open source operating system developed by the HTGL Project from Indonesia which provides penetration testing. -
20
PQS
Petoron Quantum Standard (PQS)
...PBKDF2-HMAC-SHA256 (200k iterations, adjustable) for password hardening. Key separation via BLAKE2s - independent keys for encryption and MAC. BLAKE2s-MAC authentication - 16-byte tag, any modification = instant rejection. Streaming keystream generator - secure, large-scale XOR without key reuse. Fake padding (HEAD/TAIL) - obfuscates binary boundaries and payload structure. Precise size encoding - restores original payload exactly. Supports files up to 128 MB per encrypted block. No dependencies, fully offline, cross-platform Python implementation. ... -
21
Electronic Shelf Label Firebase Edition
An electronic shelf label is a type of price tag
An Electronic Shelf Label is a device that's typically attached to the front edge of retail shelving. ESL Firebase Edition V2.0 utilizes the AES-256 in CBC mode and Google Firebase. It doesn't require an expensive gateway to function, once configured, all it needs is a power supply and a Wi-Fi access point. ESL Firebase Edition V2.0 allows you to operate as many of them as you wish, provided that each has its own unique ID, and there's enough power and bandwidth for all of them. For... -
22
AIAST
AIAST –An advanced interactive application security tool
...Seamlessly integrate into CI/CD and can be applied in both application development phase and application deployment phase. By using instrumentation technique, Interactive Application Security Testing (IAST) combines the virtues of DAST – low false positive rate – and SAST – code level visibility, representing one of the most promising and fast-growing technologies in application security space, according to Gartner. -
23
Horusec
Open source tool that improves identification of vulnerabilities
...The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. Horusec can be used by the developer through the CLI and by the DevSecOps team on CI /CD mats. -
24
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
25
pyWhat
Identify emails, IP addresses, and more
pyWhat is a Python-based identification tool designed to figure out “what” a piece of text or file content represents, especially in security and OSINT workflows. Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing...
