Skip to content

theodo-group/awesome-security-automation

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 

Repository files navigation

Awesome Security Automation

Great links to automate your cybersecurity checks.

Awesome Code Analysis

  • Semgrep: Easy tool to run on your code to detect usual security vulnerabilities.
  • Bearer: A developer-first code security & privacy scanner that seamlessly integrates into your entire development (Local, CI/CD, PR/MR).

Awesome Access Control Check

  • ACCENT: It is a Symfony command to check that all your API Platform routes have an access control.
  • django-access-inspector: It is a comprehensive access control app for Django that helps you enforce fine-grained access control on your views.
  • spring-access-inspector: This tool creates a table report to verify access control on Spring Boot routes. It uses the Preauthorize annotation from spring-security-config.

Awesome XSS prevention tools

  • RisXSS: It detects XSS flaws of your React or Vue application using a single ESLint rule.

Awesome secret leak tools

  • git-secret-scanner: This tool aims to find secrets and credentials in git repositories owned by Organizations or Groups using the best parts of TruffleHog & Gitleaks libraries.
  • gitlab-secrets: Even after a force-push to delete secrets unwanted in the code, those commits still exist even if they aren't referenced. This tool aims to find those secrets
  • youtube-video-scanner: This tool detects secrets shown during videos by analizing the frames.

Awesome CVEs tools

  • Renovate: This tool creates Pull Requests to update your vulnerable dependencies and gives you a percentage of confidence about breaking changes.
  • Dependat-bot: Just like Renovate, this tool creates Pull Requests to update your vulnerable dependencies. It works better with Github than with other platforms.

Awesome AWS security tools

  • sls-mentor: It is a tool that analyzes the configuration of your AWS resources against best practice rules. It also helps with other metrics than security, such as Performance or Cost.
  • Yatas: It helps you create a secure AWS environment without too much hassle.
  • cognito scanner: Check that your cognito configuration is not vulnerable to standard attacks