GitHub Release Tracker
All JS React Ruby Go Postgres Frontend Node
24h 7d 14d 30d | Newest Best Latest version only Popular

devsecops

Past 30d, sorted by best first, all versions
97 results Markdown version
06/01 7
trufflesecurity/TruffleHog v3.95.4
Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.
Go 26609☆ 3441d old #golang #security #go #secret #trufflehog
06/01 7
trufflesecurity/TruffleHog v3.95.5
Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.
Go 26609☆ 3441d old #golang #security #go #secret #trufflehog
06/01 7
chainloop-dev/Chainloop v1.99.0
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/29 7
duriantaco/Skylos v4.22.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/29 7
duriantaco/Skylos v4.21.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/27 7
duriantaco/Skylos v4.20.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/26 7
safedep/Package Manager Guard (PMG) v0.17.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/24 7
duriantaco/Skylos v4.19.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/22 7
duriantaco/Skylos v4.18.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/21 7
duriantaco/Skylos v4.17.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/21 7
safedep/Package Manager Guard (PMG) v0.16.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/20 7
boostsecurityio/Bagel v0.7.0
Cross-platform CLI that scans developer workstations for risky tool configurations and secret metadata, producing structured JSON reports without exposing secret values.
Go 130☆ 100d old #golang #cli #go #devsecops #developer
05/20 7
safedep/Package Manager Guard (PMG) v0.15.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/20 7
betterleaks/Betterleaks v1.3.0
Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning.
Go 1015☆ 112d old #golang #go #cicd #devops #credentials
05/19 7
duriantaco/Skylos v4.16.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/18 7
chainloop-dev/Chainloop v1.98.0
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/18 7
chainloop-dev/Chainloop v1.97.0
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/18 7
safedep/Package Manager Guard (PMG) v0.14.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/16 7
duriantaco/Skylos v4.15.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/14 7
safedep/Package Manager Guard (PMG) v0.13.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/12 7
praetorian-inc/Titus v1.2.0
High-performance secrets scanner for source code, git history, and binary files, offering CLI, Go library, Burp and Chrome extensions, 459 detection rules, and live credential validation.
Go 547☆ 109d old #golang #chrome-extension #go #devsecops #appsec
05/11 7
trufflesecurity/TruffleHog v3.95.3
Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.
Go 26609☆ 3441d old #golang #security #go #secret #trufflehog
05/11 7
duriantaco/Skylos v4.14.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/11 7
chainloop-dev/Chainloop v1.96.0
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/11 7
safedep/vet v1.17.0
Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.
Go 1061☆ 1251d old #golang #security #go #devsecops #supply-chain-security
05/09 7
duriantaco/Skylos v4.13.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/08 7
betterleaks/Betterleaks v1.2.0
Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning.
Go 1015☆ 112d old #golang #go #cicd #devops #credentials
05/08 7
safedep/Package Manager Guard (PMG) v0.12.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/07 7
duriantaco/Skylos v4.12.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/06 7
safedep/Package Manager Guard (PMG) v0.11.0
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/05 7
boostsecurityio/SmokedMeat v0.2.0
CI/CD red-team framework for finding and exploiting workflow vulnerabilities, deploying implants, and post-exploitation pivoting.
Go 281☆ 46d old #golang #cli #go #ci #devops
05/05 7
duriantaco/Skylos v4.11.0
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/30 6
duriantaco/Skylos v4.22.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/30 6
safedep/vet v1.17.3
Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.
Go 1061☆ 1251d old #golang #security #go #devsecops #supply-chain-security
05/29 6
garagon/Aguara v0.22.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/29 6
garagon/Aguara v0.21.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/28 6
garagon/Aguara v0.20.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/28 6
safedep/Package Manager Guard (PMG) v0.17.2
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/27 6
safedep/Package Manager Guard (PMG) v0.17.1
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/27 6
chainloop-dev/Chainloop v1.98.7
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/26 6
chainloop-dev/Chainloop v1.98.5
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/26 6
garagon/Aguara v0.19.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/22 6
boostsecurityio/poutine v1.1.6
Security scanner for detecting misconfigurations and vulnerabilities in repository build pipelines by parsing CI/CD workflows.
Go 467☆ 778d old #github #golang #cli #go #ci
05/22 6
betterleaks/Betterleaks v1.3.1
Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning.
Go 1015☆ 112d old #golang #go #cicd #devops #credentials
05/22 6
boostsecurityio/poutine v1.1.5
Security scanner for detecting misconfigurations and vulnerabilities in repository build pipelines by parsing CI/CD workflows.
Go 467☆ 778d old #github #golang #cli #go #ci
05/22 6
chainloop-dev/Chainloop v1.98.4
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/21 6
chainloop-dev/Chainloop v1.98.3
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/20 6
chainloop-dev/Chainloop v1.98.2
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/20 6
duriantaco/Skylos v4.16.2
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/19 6
duriantaco/Skylos v4.16.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/19 6
chainloop-dev/Chainloop v1.98.1
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/18 6
garagon/Aguara v0.18.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/17 6
duriantaco/Skylos v4.15.2
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/17 6
garagon/Aguara v0.17.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/16 6
pii-shield/PII-Shield v2.0.1
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/16 6
duriantaco/Skylos v4.15.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/15 6
garagon/Aguara v0.16.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/14 6
chainloop-dev/Chainloop v1.96.3
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/14 6
safedep/vet v1.17.2
Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.
Go 1061☆ 1251d old #golang #security #go #devsecops #supply-chain-security
05/13 6
garagon/Aguara v0.15.0
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/12 6
chainloop-dev/Chainloop v1.96.2
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/11 6
chainloop-dev/Chainloop v1.96.1
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/11 6
pii-shield/PII-Shield pii-shield-operator-...
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/11 6
safedep/vet v1.17.1
Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.
Go 1061☆ 1251d old #golang #security #go #devsecops #supply-chain-security
05/11 6
safedep/Package Manager Guard (PMG) v0.12.1
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/10 6
duriantaco/Skylos v4.13.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/08 6
duriantaco/Skylos v4.12.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/06 6
duriantaco/Skylos v4.11.1
Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.
Python 446☆ 400d old #python #security #devsecops #code-quality #code-quality-analyzer
05/06 6
chainloop-dev/Chainloop v1.95.3
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/04 6
chainloop-dev/Chainloop v1.95.2
Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.
Go 551☆ 1184d old #golang #go #devsecops #compliance #cyclonedx
05/04 6
safedep/Package Manager Guard (PMG) v0.10.1
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
06/01 5
garagon/Aguara v0.22.1
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/30 5
safedep/Package Manager Guard (PMG) v0.17.4
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/28 5
safedep/Package Manager Guard (PMG) v0.17.3
Tool that blocks malicious packages during installation by wrapping existing package managers.
Go 387☆ 440d old #golang #npm #go #open-source #devsecops
05/27 5
whgojp/JavaSecLab V1.5
Comprehensive hands-on platform for learning, testing, and auditing Java application security using vulnerable examples, fixes, scenarios, and traffic analysis.
JavaScript 840☆ 745d old #javascript #java #security #devsecops #code-audit
05/25 5
garagon/Aguara v0.18.4
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/22 5
pii-shield/PII-Shield v2.0.5
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/21 5
pii-shield/PII-Shield v2.0.4
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/21 5
pii-shield/PII-Shield v2.0.3
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/21 5
garagon/Aguara v0.18.3
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/20 5
interlynk-io/sbomasm v2.0.6
Comprehensive SBOM lifecycle toolkit for assembling, editing, enriching, removing sensitive data, signing, and viewing SBOMs.
Go 118☆ 1114d old #golang #go #devsecops #cyclonedx #gomodule
05/19 5
garagon/Aguara v0.18.2
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/18 5
interlynk-io/sbomasm v2.0.5
Comprehensive SBOM lifecycle toolkit for assembling, editing, enriching, removing sensitive data, signing, and viewing SBOMs.
Go 118☆ 1114d old #golang #go #devsecops #cyclonedx #gomodule
05/18 5
garagon/Aguara v0.17.1
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/16 5
garagon/Aguara v0.16.2
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/16 5
garagon/Aguara v0.16.1
Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.
Go 81☆ 105d old #golang #security #go #devsecops #mcp
05/08 5
praetorian-inc/Titus v1.1.33
High-performance secrets scanner for source code, git history, and binary files, offering CLI, Go library, Burp and Chrome extensions, 459 detection rules, and live credential validation.
Go 547☆ 109d old #golang #chrome-extension #go #devsecops #appsec
05/08 5
interlynk-io/sbomasm v2.0.4
Comprehensive SBOM lifecycle toolkit for assembling, editing, enriching, removing sensitive data, signing, and viewing SBOMs.
Go 118☆ 1114d old #golang #go #devsecops #cyclonedx #gomodule
05/05 5
praetorian-inc/Titus v1.1.32
High-performance secrets scanner for source code, git history, and binary files, offering CLI, Go library, Burp and Chrome extensions, 459 detection rules, and live credential validation.
Go 547☆ 109d old #golang #chrome-extension #go #devsecops #appsec
05/28 4
Pantheon-Security/MEDUSA v2026.5.11
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/24 4
Pantheon-Security/MEDUSA v2026.5.10
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/21 4
pii-shield/PII-Shield pii-shield-operator-...
Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.
Go 124☆ 117d old #golang #go #json #devsecops #gdpr
05/20 4
Pantheon-Security/MEDUSA v2026.5.9
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/20 4
Pantheon-Security/MEDUSA v2026.5.8
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/13 4
Pantheon-Security/MEDUSA v2026.5.7
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/13 4
Pantheon-Security/MEDUSA v2026.5.6
AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.
Python 588☆ 195d old #python #open-source #sast #devsecops #scanner
05/05 3
boostsecurityio/SmokedMeat v0.2.0-rc1
CI/CD red-team framework for finding and exploiting workflow vulnerabilities, deploying implants, and post-exploitation pivoting.
Go 281☆ 46d old #golang #cli #go #ci #devops