Projects with this topic
-
The private, secure, user first web browser for Android. https://ironfoxoss.org/
Updated -
Full set of AppArmor profiles (~ 1500 profiles) https://apparmor.pujol.io
Updated -
Hoppr-Cop is CLI and Hoppr Plugin that generates high quality vulnerability information from a cyclone-dx Software Bill of Materials (SBOM) by aggregating data from multiple vulnerability databases.
Updated -
This is a mirror for the SSH library https://www.libssh.org/
Updated -
Phoenix is a suite of configurations & advanced modifications for Mozilla Firefox, designed to put the user first - with a focus on privacy, security, freedom, & usability. https://phoenix.celenity.dev/
Updated -
Atlas Architect: Your AI Co-pilot for Secure Cloud Infrastructure
This project is an AI-powered DevSecOps agent that lives within GitLab. It proactively analyzes Infrastructure-as-Code (IaC) files, specifically Terraform, to automatically visualize, secure, and optimize a developer's Google Cloud architecture before it's ever deployed.
When a developer submits a Merge Request with Terraform changes, a CI/CD pipeline triggers the agent to post a detailed analysis back as a comment. This provides instant visibility and governance, helping teams build better, safer cloud infrastructure, faster.
Key Features:
AI-Powered Visualization: Generates architecture diagrams from Terraform code using Google's Vertex AI. Security & Cost Analysis: Identifies security vulnerabilities and cost inefficiencies based on best practices. Intelligent Remediation: Automatically suggests code changes to fix identified issues. Vector-Powered Knowledge Base: Uses a MongoDB Atlas Vector Search index of official Google Cloud documentation to provide highly relevant, context-aware explanations for its recommendations.Core Technologies:
Platform: GitLab CI/CD, Google Cloud Platform (GCP), MongoDB Atlas Services: Google Cloud Run, Google Cloud Build, Google Vertex AI, MongoDB Atlas Vector Search Frameworks & Languages: Python, Flask, GunicornUpdated -
AI security intelligence platform for adaptive threat detection & response.
Updated -
Rule Repository for GitLab SAST
Updated -
A Python-based CLI tool designed to scan GitLab projects for compliance against the CIS GitLab Benchmark. Check out the recommendations-as-code in this repo. Read the docs for more info.
Updated -
REDHOOD CookieHunter is a powerful tool for analyzing HTTP cookie security. It checks for critical flags, attributes, and prefixes like HttpOnly, Secure, SameSite, Expires, and __Host. With both CLI and web interfaces, it's an essential tool for developers and security professionals to identify and fix web vulnerabilities.
Updated -
RedFuzz v5.0.0 - Advanced Web Application Fuzzer with Stateful Fuzzing, OpenAPI Integration, and Plugin Support. Features comprehensive vulnerability detection, automatic verification, evidence collection, smart rate limiting, and modular plugin system. Perfect for security testing and penetration testing workflows.Updated -
RedhoodEye: An Advanced Multi-Purpose Network Scanner. A powerful, highly-configurable tool designed for comprehensive network reconnaissance, port scanning (TCP/UDP), and host discovery, featuring proxy support, intelligent service detection, and versatile reporting.
Updated -
switch-sa is a Python-based utility designed to switch between SELinux and AppArmor on Linux systems.
Updated -
A local Infrastructure-as-Code (IaC) development environment for security and compliance validation. The current iteration uses Terraform and AWS emulation via LocalStack, focusing on IAM roles, secrets management, S3 access control and regulatory policies (e.g., GDPR/HIPAA). Implemented constrained DevSecOps practices within a local development context.
Updated -
BETA: Dependency Scanning for supported projects
Updated -
Updated
-
A utility to detect duplicated credentials (login + password or password) across different services recorded into a KeePass database.
Updated -
Web utility to generate passwords for MySQL that are actually accepted by MySQL.
Updated