Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Go security checker

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

An IIS short filename enumeration tool

Tool for building Kubernetes attack paths

Performing security tests inside your CI

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…

a tool to analyze filesystem images for security

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.

Simple endpoint for the ImagePolicyWebhook and the GenericAdmissionWebhook Kubernetes admission controllers

INTERCEPT / Policy as Code Auditing & Compliance

Tools to download or provide CSAF (Common Security Advisory Framework) documents.

EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.

Modron - Cloud security compliance

The Snyk Exporter has been archived as it is no longer actively maintained.

urlyzer is a URL parsing analysis tool.

A blazing fast, highly customizable, modern-day defence tool using (in memory) SQL & REST/gRPC protocols.

Config and Secret management across multiple implementations in a uniform way. Inc. AWS SecretsManager/ParameterStore, GCP Secrets, AzureKeyVault, Azure AppConfig, Hashicorp Vault