- https://github.com/Yelp/detect-secrets
- https://github.com/zricethezav/gitleaks
- https://github.com/Skyscanner/whispers
- https://github.com/michenriksen/gitrob
- https://github.com/aquasecurity/trivy
- https://github.com/lyft/cartography
- https://github.com/RhinoSecurityLabs/ccat
- https://github.com/projectdiscovery/cloudlist
- https://github.com/OpenCSPM/opencspm
- https://github.com/fsecurelabs/awspx
- https://github.com/anaynayak/aws-security-viz
- https://github.com/rams3sh/Aaia
- https://github.com/Voulnet/barq
- https://github.com/elitest/Redboto
- https://github.com/Skyscanner/LambdaGuard
- https://github.com/Netflix-Skunkworks/policyuniverse
- https://github.com/nccgroup/s3_objects_check
- https://github.com/cpollard0/aws-orgs-visualizer
- https://github.com/ScaleSec/gcp_sa_lister
- https://github.com/ScaleSec/gcp_api_key_inventory
- https://github.com/google/gke-auditor
- https://github.com/stealthcopter/deepce
- https://github.com/quay/clair
- https://github.com/LanikSJ/dfimage
- https://github.com/heroku/terrier / https://blog.heroku.com/terrier-open-source-identifying-analyzing-containers
- https://github.com/GoogleContainerTools/container-diff
- https://github.com/goodwithtech/dockle
- https://github.com/genuinetools/amicontained
- https://github.com/vmware-tanzu/octant
- https://github.com/zegl/kube-score
- https://github.com/stackrox/kube-linter
- https://github.com/Shopify/kubeaudit
- https://github.com/runoncloud/kubectl-np-viewer
- https://github.com/liggitt/audit2rbac
- https://github.com/jetstack/preflight
- https://github.com/inovex/illuminatio
- https://github.com/FairwindsOps/rbac-lookup
- https://github.com/darkbitio/mkit
- https://github.com/darkbitio/k8s-mirror
- https://github.com/cyberark/KubiScan
- https://github.com/cyberark/kubesploit
- https://github.com/corneliusweig/rakkess
- https://github.com/chenjiandongx/kubectl-images
- https://github.com/aquasecurity/starboard
- https://github.com/aporeto-inc/kubepox
- https://github.com/alcideio/skan
- https://github.com/terraform-linters/tflint
- https://github.com/rdkls/tf-parliament
- https://github.com/tfsec/tfsec
- https://github.com/fugue/regula
- https://github.com/terraform-compliance/cli
- https://github.com/meirwah/awesome-incident-response
- https://github.com/google/cloud-forensics-utils
- https://github.com/google/turbinia
- https://github.com/flosell/trailscraper
- https://github.com/fireeye/Mandiant-Azure-AD-Investigator
- https://github.com/disruptops/IncidentResponseGenerator
- https://github.com/cyberark/SkyWrapper
- https://github.com/CrowdStrike/CRT
- https://github.com/cisagov/Sparrow
- https://github.com/aws-samples/aws-incident-response-runbooks
- https://github.com/MarkSimos/MicrosoftSecurity
- https://github.com/kristofferandreasen/awesome-azure
- https://github.com/kmcquade/awesome-azure-security
- https://github.com/MicrosoftLearning/AZ500-AzureSecurityTechnologies
- https://github.com/heroku/bheu19-attacking-cloud-builds
- https://github.com/gg-sec/kubernetes_security_slides
- https://github.com/freach/kubernetes-security-best-practice
- https://github.com/dxa4481/AttackingAndDefendingTheGCPMetadataAPI
- https://github.com/azurecitadel/azure-security-lab
- https://github.com/Azure/Azure-Security-Center
- https://github.com/aws-samples/aws-serverless-security-workshop
- https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
- https://github.com/appsecco/attacking-cloudgoat2
- https://github.com/appsecco/defcon-26-workshop-attacking-and-auditing-docker-containers
- https://github.com/amrandazz/attack-guardduty-navigator
- https://github.com/adidas/adidas-devops-maturity-framework
- https://github.com/accurics/KaiMonkey