SaaSHub helps you find the best software and product alternatives Learn more β
Top 23 Go Devsecops Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Netmaker
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
-
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
-
bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
DevSecOps
βΎοΈ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe π (by hahwul)
-
copacetic
𧡠CLI tool for directly patching container images using reports from vulnerability scanners
-
legitify
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
-
chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
-
ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
-
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
-
Selefra
The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).
-
stackql
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework
-
chainloop
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
4. Trivy: https://github.com/aquasecurity/trivy Trivy is a versatile tool that scans for vulnerabilities in your containers, and also checks for vulnerabilities in your application dependencies.
1. Gitleaks: https://github.com/gitleaks/gitleaks Gitleaks provides a way for developers to find and prevent security breaches by scanning Git repositories for secrets like passwords and API keys.
Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03Trufflehog
https://github.com/netbirdio/netbird seems to be completely open source (BSD), https://github.com/gravitl/netmaker?tab=License-1-ov-file#re... uses Apache for the non-pro stuff, and both of those I found by simply looking at https://github.com/topics/wireguard
This is why I asked, the phrase "I decided to reinvent the wheel which has honestly been quite fun with learning about eBPF, and recently clustering and HA with etcd" makes it sound like it's doing a bunch of cool stuff (which I want to hear about!), but the readme says nothing about those.
3. tfsec: https://github.com/aquasecurity/tfsec tfsec uses a suite of security checks to scan your Terraform templates, helping to identify potential security issues before infrastructure is deployed.
Project mention: Steampipe: Dynamically query APIs, code and more with SQL | news.ycombinator.com | 2024-04-04
2. Terrascan: https://github.com/tenable/terrascan Terrascan detects security vulnerabilities and compliance violations across your IaC. Supports multiple cloud providers, ensuring that your infrastructure complies with security best practices.
Project mention: Ask HN: Tell us about your project that's not done yet but you want feedback on | news.ycombinator.com | 2023-08-16- Build your own honeypot with ContainerSSH (DevConf CZ 2021) [4]
[1]: https://containerssh.io
Project mention: Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python | news.ycombinator.com | 2023-10-26
Project mention: copacetic: 𧡠CLI tool for directly patching container images using reports from vulnerability scanners | /r/blueteamsec | 2023-11-25
Project mention: GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub GitLab assets. Version 1.0 is out, check out the new enterprise-level policies. | /r/netsec | 2023-08-04
Project mention: NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite | news.ycombinator.com | 2024-01-26
[Feature]Modules support filtering, while labels support customization of any format. by @FelixsJiang in #30
Like Steampipe's revolutionary approach, StackQL harnesses the power of SQL to query your resources seamlessly. Moreover, it empowers you to utilize SQL syntax for querying and creating resources.
Project mention: Choosing the βold stuffβ as plugin SDK for Go in 2023 | news.ycombinator.com | 2023-07-06
Go Devsecops related posts
-
Cloud Security and Resilience: DevSecOps Tools and Practices
-
A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
-
Cloud Tools You Probably Haven't Heard Of
-
Show HN: Vet now supports detecting malicious packages
-
GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
-
GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
-
GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
-
A note from our sponsor - SaaSHub
www.saashub.com | 17 May 2024
Index
What are some of the best open-source Devsecops projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | trivy | 21,525 |
2 | gitleaks | 15,361 |
3 | trufflehog | 13,996 |
4 | Netmaker | 9,005 |
5 | tfsec | 6,576 |
6 | steampipe | 6,412 |
7 | terrascan | 4,526 |
8 | dalfox | 3,324 |
9 | SecretScanner | 2,963 |
10 | ContainerSSH | 2,582 |
11 | bearer | 1,769 |
12 | DevSecOps | 1,643 |
13 | YaraHunter | 1,230 |
14 | copacetic | 799 |
15 | legitify | 710 |
16 | chain-bench | 701 |
17 | ChopChop | 653 |
18 | nmap-formatter | 602 |
19 | threagile | 566 |
20 | Selefra | 510 |
21 | bomber | 458 |
22 | stackql | 434 |
23 | chainloop | 314 |
Sponsored