rezmoss/awesome-security-pipeline

🔐 A curated list of open-source security tools organized by CI/CD pipeline stage. Covers secrets detection, SBOM, SAST, SCA, IaC security, container scanning, Kubernetes security & more. Actively maintained with weekly status updates

GitHub repository with 12 stars and 3 forks.

Topics: appsec, awesome, awesome-list, checkov, cicd, container-security, devops, devsecops, gitleaks, kubernetes-security

Open provider repository

Latest metric snapshot

2026-06-05: 12 stars and 3 forks.

Similar repositories

  1. 1. trynullsec/nullsec-s1

    Security-native LLM system for AI-generated application security.

    GitHub repository with 188 stars and 52 forks.

    Trending score: 1.39; stars gained: +27; forks gained: +12.

    Language: Python

    Topics: ai-security, appsec, code-security, llm, mcp, qlora

  2. 2. praetorian-inc/titus

    High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.

    GitHub repository with 589 stars and 62 forks.

    Trending score: 0.98; stars gained: +7; forks gained: +0.

    Language: Go

    Topics: appsec, burp-suite-extension, capability, chrome-extension, credential-scanner, devsecops

  3. 3. DefectDojo/django-DefectDojo

    Open-Source Unified Vulnerability Management, DevSecOps & ASPM

    GitHub repository with 4,743 stars and 1,871 forks.

    Trending score: 0.88; stars gained: +7; forks gained: +1.

    Language: HTML

    Topics: analytics, appsec, automation, devsecops, django, hacktoberfest

  4. 4. CyberStrikeus/CyberStrike

    AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.

    GitHub repository with 302 stars and 57 forks.

    Trending score: 0.51; stars gained: +2; forks gained: +0.

    Language: TypeScript

    Topics: ai, ai-agent, appsec, atomic-red-team, bug-bounty, cis-benchmarks

  5. 5. bluerock-io/bluerock

    Runtime visibility for Python MCP servers. Captures tool calls, session lifecycle, module imports (SHA-256), and subprocess execution as structured NDJSON. No code changes.

    GitHub repository with 32 stars and 5 forks.

    Trending score: 0.32; stars gained: +1; forks gained: +0.

    Language: Python

    Topics: agent-security, agents, ai-agents, ai-security, appsec, code-execution

  6. 6. infoslack/awesome-web-hacking

    A list of web application security

    GitHub repository with 6,846 stars and 1,285 forks.

    Trending score: 0.31; stars gained: +1; forks gained: +0.

    Topics: appsec, hacking, hacking-tools, metasploit, owasp, penetration-testing

Trending topic: appsec

  1. 1. trynullsec/nullsec-s1

    Security-native LLM system for AI-generated application security.

    GitHub repository with 188 stars and 52 forks.

    Trending score: 1.39; stars gained: +27; forks gained: +12.

    Language: Python

    Topics: ai-security, appsec, code-security, llm, mcp, qlora

  2. 2. praetorian-inc/titus

    High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.

    GitHub repository with 589 stars and 62 forks.

    Trending score: 0.98; stars gained: +7; forks gained: +0.

    Language: Go

    Topics: appsec, burp-suite-extension, capability, chrome-extension, credential-scanner, devsecops

  3. 3. DefectDojo/django-DefectDojo

    Open-Source Unified Vulnerability Management, DevSecOps & ASPM

    GitHub repository with 4,743 stars and 1,871 forks.

    Trending score: 0.88; stars gained: +7; forks gained: +1.

    Language: HTML

    Topics: analytics, appsec, automation, devsecops, django, hacktoberfest

  4. 4. CyberStrikeus/CyberStrike

    AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.

    GitHub repository with 302 stars and 57 forks.

    Trending score: 0.51; stars gained: +2; forks gained: +0.

    Language: TypeScript

    Topics: ai, ai-agent, appsec, atomic-red-team, bug-bounty, cis-benchmarks

  5. 5. bluerock-io/bluerock

    Runtime visibility for Python MCP servers. Captures tool calls, session lifecycle, module imports (SHA-256), and subprocess execution as structured NDJSON. No code changes.

    GitHub repository with 32 stars and 5 forks.

    Trending score: 0.32; stars gained: +1; forks gained: +0.

    Language: Python

    Topics: agent-security, agents, ai-agents, ai-security, appsec, code-execution

  6. 6. infoslack/awesome-web-hacking

    A list of web application security

    GitHub repository with 6,846 stars and 1,285 forks.

    Trending score: 0.31; stars gained: +1; forks gained: +0.

    Topics: appsec, hacking, hacking-tools, metasploit, owasp, penetration-testing