CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Collection of roadmaps, tools, best practice, resources about DevSecOps

Jenkins Pipeline for security scanning with owasp zap

qualysapi is a simple API Qualys client written in shell script 🐧.

My Bachelor Project - DAST Integration in CICD with OWASP ZAP

Awesome list of code review resources and tools

A reusable GitLab CI/CD template for automated security scanning, including secrets detection (Gitleaks, Trufflehog), dependency vulnerabilities (Trivy), SAST (Semgrep, SonarQube), DAST (OWASP ZAP), and a consolidated security dashboard. Include this in your gitlab-ci.yml for DevSecOps.

blackduckcopilot

Enterprise-grade reusable CI/CD framework supporting Jenkins, GitLab CI, Docker, Kubernetes, SonarQube, Terraform, Ansible, microservices, security, and more.

A lightweight utility designed to detect and remediate systems affected by CVE-2024-3094, a critical vulnerability impacting [insert affected software/library here if known]. This tool provides automated scanning, reporting, and optional mitigation steps to help administrators and security teams secure their environments quickly.

Automated security testing framework that combines Playwright for API testing with OWASP ZAP for comprehensive security scanning.