Update description for new tools.

This commit is contained in:
Meitar M 2019-01-01 16:19:06 -05:00
parent 884d6a01fd
commit 4a8480041e
No known key found for this signature in database
GPG Key ID: 07EFAA28AB94BC85

View File

@ -41,13 +41,13 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
See also [awesome-devsecops](https://github.com/devsecops/awesome-devsecops). See also [awesome-devsecops](https://github.com/devsecops/awesome-devsecops).
- [BlackBox](https://github.com/StackExchange/blackbox) - Safely store secrets in Git/Mercurial/Subversion by encrypting them "at rest" using GnuPG. - [BlackBox](https://github.com/StackExchange/blackbox) - Safely store secrets in Git/Mercurial/Subversion by encrypting them "at rest" using GnuPG.
- [Clair](https://github.com/coreos/clair) - Statically analyze vulnerabilities in application containers (currently including appc and docker). - [Clair](https://github.com/coreos/clair) - Static analysis tool to probe for vulnerabilities introduced via application container (e.g., Docker) images.
- [Gauntlt](https://github.com/gauntlt/gauntlt) - Automate basic pentesting against your applications. - [Gauntlt](http://gauntlt.org/) - Pentest applications during routine continuous integration build pipelines.
- [Git Secrets](https://github.com/awslabs/git-secrets) - Prevents you from committing passwords and other sensitive information to a git repository. - [Git Secrets](https://github.com/awslabs/git-secrets) - Prevents you from committing passwords and other sensitive information to a git repository.
- [Prowler](https://github.com/toniblyx/prowler) - Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening. - [Prowler](https://github.com/toniblyx/prowler) - Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.
- [Vault](https://www.vaultproject.io/) - Tool for securely accessing secrets such as API keys, passwords, or certificates through a unified interface. - [Vault](https://www.vaultproject.io/) - Tool for securely accessing secrets such as API keys, passwords, or certificates through a unified interface.
- [git-crypt](https://www.agwa.name/projects/git-crypt/) - Transparent file encryption in git; files which you choose to protect are encrypted when committed, and decrypted when checked out. - [git-crypt](https://www.agwa.name/projects/git-crypt/) - Transparent file encryption in git; files which you choose to protect are encrypted when committed, and decrypted when checked out.
- [SonarQube](https://github.com/SonarSource/sonarqube) - For "continuous inspection." Works like Continuous Integration, but specifically for vulnerabilities. Sniffs out bugs, security holes, and detects new issues. - [SonarQube](https://sonarqube.org) - Continuous inspection tool that provides detailed reports during automated testing and alerts on newly introduced security vulnerabilities.
## Honeypots ## Honeypots