Runs Dependabot Updates via GitHub Actions.

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…

A TypeScript library for creating dependency snapshots.

GitHub action to generate a CycloneDX SBOM for Python

GitHub Secret Scanning Auto Remediator (GSSAR)

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io

A parser for Python dependency files

Update multiple repositories in with one command

A curated list of Awesome Threat Intelligence resources

workflows-templates

Write workflows scripting the GitHub API in JavaScript

Generates a `dependabot.yml` and PRs it against your repo if it needs updating to include a new directory or package-ecosystem, with globs/wildcards

Run your GitHub Actions locally 🚀

📱 objection - runtime mobile exploration

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by t…

A reference architecture to integrate GitHub Audit Log to AWS CloudTrail Lake

OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws

Github action to run dependency check

GitHub public roadmap

Actions for running CodeQL analysis

Examples of Custom Secret Scanning Patterns for use with GitHub Secret Protection/Advanced Security

A Pythonic framework for threat modeling

Agile Threat Modeling Toolkit

Creating threat models by writing code

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.