Search Results for "ddc/ci"
Sort By:
Showing 30 open source projects for "ddc/ci"
View related business solutions-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
1
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. -
2
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security... -
3
ScubaGear
Automation to assess the state of your M365 tenant against CISA
ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations. -
4
YARA
The pattern matching swiss knife for malware researchers
...YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
5
RBAC Manager
A Kubernetes operator that simplifies the management of Role Bindings
RBAC Manager is designed to simplify authorization in Kubernetes. This is an operator that supports declarative configuration for RBAC with new custom resources. Instead of managing role bindings or service accounts directly, you can specify a desired state and RBAC Manager will make the necessary changes to achieve that state. -
6
Checkov
Prevent cloud misconfigurations during build-time for Terraform
...Analyze relationships between cloud resources using Checkov’s graph-based YAML policies. Execute, test, and modify runner parameters in the context of a subject repository CI/CD and version control integrations. -
7
grype
A vulnerability scanner for container images and filesystems
...The destination directory doesn't need to be /usr/local/bin, it just needs to be a location found in the user's PATH and writable by the user that's installing Grype. If you're using GitHub Actions, you can simply use our Grype-based action to run vulnerability scans on your code or container images during your CI workflows. -
8
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages... -
9
subfinder
Fast passive subdomain enumeration tool
...Its modular architecture allows users to enable dozens of data providers through API keys, expanding coverage as needed. Subfinder integrates easily into automation pipelines and CI workflows thanks to its clean command-line design and structured output formats. The tool is intentionally specialized, doing one job extremely well rather than attempting to be an all-in-one scanner. In practice, Subfinder serves as a foundational building block for modern reconnaissance stacks. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
Step Certificates
A private certificate authority (X.509 & SSH) & ACME server
...Get a public key infrastructure and certificate authority running in minutes. Automate enrollment using ACME, OIDC, one-time tokens, cloud APIs and more. Use systemD timers, daemon mode, cron jobs, CI/CD, and more to automate certificate management. Build and operate systems using secure open standards (e.g. X.509, mTLS, JWT, OAuth, OIDC). step-ca is an online certificate authority for secure, automated certificate management. For people, in exchange for single sign-on ID tokens. For hosts, in exchange for cloud instance identity documents. ... -
11
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
12
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
13
Tailsnitch
A security auditor for Tailscale configurations
...It outputs structured reports on findings with severity levels and remediation guidance, and it can generate results in formats like JSON for downstream analysis and integration with CI/CD pipelines. Tailsnitch supports authentication via the Tailscale API (including OAuth or API keys) and provides options to filter findings, run only high-severity checks, and produce compliance artifacts like SOC 2 evidence exports. -
14
gopass
The slightly more awesome standard unix password manager for teams
...By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can largely avoid the command line - if you want. gopass can operate without any dependencies but most users will use it with gpg and git. An external editor is required to use gopass edit. The same user experience on Linux, MacOS, *BSD or Windows. ... -
15
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ... -
16
SecretScanner
Find secrets and passwords in container images and file systems
...Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. Also, sometimes users store passwords in plain text. -
17
Kubernetes Network Policy Recipes
Example recipes for Kubernetes Network Policies that you can just copy
...The recipes scale from simple “deny all traffic by default” policies to more advanced micro-segmentation patterns for multi-tier apps (frontend/backends) and platform-level isolation for CI/CD systems or service meshes. -
18
StatiCrypt
Password protect a static HTML page
StatiCrypt uses AES-256 and WebCrypto to encrypt your HTML file with your long password and return a static page including a password prompt and the javascript decryption logic that you can safely upload anywhere (see what the page looks like). This means you can password protect the content of your public static HTML file, without any back-end - serving it over Netlify, GitHub pages, etc. You can encrypt a file online in your browser (client side). StatiCrypt uses WebCrypto to generate a... -
19
Cherrybomb
Cherrybomb is a CLI tool that helps you avoid undefined user behaviour
Cherrybomb is an CLI tool written in Rust that helps prevent incorrect code implementation early in development. It works by validating and testing your API using an OpenAPI file. Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities.... -
20
Ultimate AppLocker Bypass List
The most common techniques to bypass AppLocker
UltimateAppLockerByPassList is a community-curated repository that collects known techniques, patterns, and candidate binaries that have been observed or proposed to bypass Microsoft AppLocker and similar executable control policies. The project functions as a living catalog: entries list binaries, script hosts, and patterns that researchers have tested or reported in the wild, along with notes about context, platform constraints, and mitigation ideas. It is aimed primarily at defenders,... -
21
AIAST
AIAST –An advanced interactive application security tool
...Seamlessly integrate into CI/CD and can be applied in both application development phase and application deployment phase. By using instrumentation technique, Interactive Application Security Testing (IAST) combines the virtues of DAST – low false positive rate – and SAST – code level visibility, representing one of the most promising and fast-growing technologies in application security space, according to Gartner. -
22
Enigma critta file
Software per crittare qualsiasi tipo di file con una chiave privata
...Una volta crittato un file con una chiave pubblica non sarà più possibile decrittarlo, solo chi ha generato la chiave pubblica sarà in grado di farlo. Pertanto se si desidera che una qualunche persona ci mandi un messaggio cifrato, basta distribuire la propria chiave pubblica. Sistemi operativi supportati : Windows™ x86 / 64bit -
23
sRDI
Shellcode implementation of Reflective DLL Injection
sRDI is a compact project that implements a shellcode form of Reflective DLL Injection, enabling DLLs to be converted into position-independent shellcode and loaded in memory by a small in-process PE loader. The codebase groups a C implementation of a reflective PE loader with multiple loader/wrapper components (native C loader, a .NET loader, Python and PowerShell conversion helpers) so authors can produce and embed sRDI blobs in different environments. The loader aims to behave like a... -
24
Horusec
Open source tool that improves identification of vulnerabilities
...The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. Horusec can be used by the developer through the CLI and by the DevSecOps team on CI /CD mats. -
25
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps...
