GitHub Release Tracker

03/14

7

chainloop-dev/Chainloop v1.82.0

Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.

Go 536☆ 1108d old #golang #go #devsecops #compliance #cyclonedx

03/09

7

trufflesecurity/TruffleHog v3.93.8

Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.

Go 25046☆ 3363d old #golang #security #go #secret #trufflehog

03/07

7

deepfence/ThreatMapper v2.5.8

Runtime security platform that detects and prioritizes vulnerabilities, exposed secrets, and misconfigurations across cloud-native environments.

TypeScript 5235☆ 2222d old #javascript #typescript #cloud-native #devsecops #vulnerability-management

03/05

7

betterleaks/Betterleaks v1.1.0

Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning.

Go 457☆ 43d old #golang #go #cicd #devops #credentials

02/25

7

safedep/vet v1.14.0

Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.

Go 956☆ 1157d old #golang #security #go #devsecops #supply-chain-security

03/09

6

boostsecurityio/Bagel v0.3.0

Cross-platform CLI that scans developer workstations for risky tool configurations and secret metadata, producing structured JSON reports without exposing secret values.

Go 94☆ 32d old #golang #cli #go #devsecops #developer

03/13

5

Pantheon-Security/MEDUSA v2026.4.0

AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.

Python 175☆ 119d old #python #open-source #sast #devsecops #scanner

03/13

5

praetorian-inc/Titus v1.1.6

High-performance secrets scanner for source code, git history, and binary files, offering CLI, Go library, Burp and Chrome extensions, 459 detection rules, and live credential validation.

Go 415☆ 53d old #golang #chrome-extension #go #devsecops #appsec

03/11

5

safedep/Package Manager Guard (PMG) v0.4.6

Tool that blocks malicious packages during installation by wrapping existing package managers.

Go 123☆ 358d old #golang #npm #go #open-source #devsecops

03/09

5

boostsecurityio/poutine v1.0.8

Security scanner for detecting misconfigurations and vulnerabilities in repository build pipelines by parsing CI/CD workflows.

Go 378☆ 701d old #github #golang #cli #go #ci

03/14	7	chainloop-dev/Chainloop v1.82.0 Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports. Go 536☆ 1108d old #golang #go #devsecops #compliance #cyclonedx
03/09	7	trufflesecurity/TruffleHog v3.93.8 Powerful tool for discovering, classifying, validating, and analyzing leaked credentials. Go 25046☆ 3363d old #golang #security #go #secret #trufflehog
03/07	7	deepfence/ThreatMapper v2.5.8 Runtime security platform that detects and prioritizes vulnerabilities, exposed secrets, and misconfigurations across cloud-native environments. TypeScript 5235☆ 2222d old #javascript #typescript #cloud-native #devsecops #vulnerability-management
03/05	7	betterleaks/Betterleaks v1.1.0 Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning. Go 457☆ 43d old #golang #go #cicd #devops #credentials
02/25	7	safedep/vet v1.14.0 Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support. Go 956☆ 1157d old #golang #security #go #devsecops #supply-chain-security
03/09	6	boostsecurityio/Bagel v0.3.0 Cross-platform CLI that scans developer workstations for risky tool configurations and secret metadata, producing structured JSON reports without exposing secret values. Go 94☆ 32d old #golang #cli #go #devsecops #developer
03/13	5	Pantheon-Security/MEDUSA v2026.4.0 AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications. Python 175☆ 119d old #python #open-source #sast #devsecops #scanner
03/13	5	praetorian-inc/Titus v1.1.6 High-performance secrets scanner for source code, git history, and binary files, offering CLI, Go library, Burp and Chrome extensions, 459 detection rules, and live credential validation. Go 415☆ 53d old #golang #chrome-extension #go #devsecops #appsec
03/11	5	safedep/Package Manager Guard (PMG) v0.4.6 Tool that blocks malicious packages during installation by wrapping existing package managers. Go 123☆ 358d old #golang #npm #go #open-source #devsecops
03/09	5	boostsecurityio/poutine v1.0.8 Security scanner for detecting misconfigurations and vulnerabilities in repository build pipelines by parsing CI/CD workflows. Go 378☆ 701d old #github #golang #cli #go #ci