* [Step CLI v0.30.0](https://github.com/smallstep/cli) – Easy-to-use CLI for building, operating, and automating PKI systems and common X.509, JWT, and crypto workflows.

* [step-ca v0.30.0](https://github.com/smallstep/certificates) – Private certificate authority for secure, automated certificate management in DevOps environments.

* [gosec v2.24.0](https://github.com/securego/gosec) – Inspects Go source code for security issues by scanning the AST and SSA representations.

* [Osmedeus v5.0.1](https://github.com/j3ssie/osmedeus) – Workflow engine designed for scalable and customizable offensive security reconnaissance.

* [OWASP secureCodeBox v5.6.0](https://github.com/secureCodeBox/secureCodeBox) – Kubernetes-based modular toolchain for continuous security scanning of software projects.

* [Trivy v0.69.3](https://github.com/aquasecurity/trivy) – Comprehensive security scanner for vulnerabilities, misconfigurations, and secrets across various targets.

* [Sliver v1.7.3](https://github.com/BishopFox/sliver) – Cross-platform adversary emulation and red team framework with dynamic implants supporting multiple secure C2 protocols.

* [Caddy WAF Middleware v0.3.0](https://github.com/fabriziosalmi/caddy-waf) – Highly customizable Web Application Firewall middleware providing advanced protection for the Caddy web server.

* [Greenmask v0.2.17](https://github.com/GreenmaskIO/greenmask) – Tool for database anonymization and synthetic data generation.

* [lazytrivy v1.3.2](https://github.com/owenrumney/lazytrivy) – Terminal UI wrapper for Trivy that runs image, filesystem, and Kubernetes vulnerability scans without Docker.

* [js-x-ray @nodesecure/js-x-ray...](https://github.com/NodeSecure/js-x-ray) – JavaScript AST analysis tool for identifying potentially malicious code patterns.

* [Yaklang 1.4.6-beta1](https://github.com/yaklang/yaklang) – Cybersecurity-focused domain-specific programming language with a dedicated virtual machine and IDE support.