checkov
Vulnerability scanner
An automated tool for identifying security and compliance vulnerabilities in cloud infrastructure and software packages.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
7k stars
59 watching
1k forks
Language: Python
last commit: 7 days ago
Linked from 7 awesome lists
awsaws-securityazurecloudformationcompliancedevopsgcphacktoberfestinfrastructure-as-codekubernetesscansstatic-analysisterraform
veggiemonk/awesome-docker
donnemartin/awesome-aws
sbilly/awesome-security
shuaibiyy/awesome-tf
4ndersonlin/awesome-cloud-security
rootsongjc/awesome-cloud-native
jakobthedev/awesome-devsecopsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 checkmarx/kics | A tool for detecting security vulnerabilities and compliance issues in infrastructure-as-code projects | 2,093 |
| bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,154 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 1n3/blackwidow | A Python-based web application scanner that gathers OSINT and fuzz data to identify OWASP vulnerabilities on target websites. | 1,526 |
 tenable/terrascan | Detects security vulnerabilities and compliance issues in infrastructure code before provisioning cloud-native infrastructure. | 4,766 |
 pyupio/safety | Detects known security vulnerabilities in Python dependencies and provides recommendations for remediation. | 1,731 |
| bridgecrewio/cfngoat | A training project demonstrating how common configuration errors can lead to production cloud environment issues | 92 |
 caringcaribou/caringcaribou | An automotive security exploration tool that collects and analyzes information on CAN bus services and vulnerabilities. | 749 |
 sleventyeleven/linuxprivchecker | A tool for identifying potential vulnerability points in Linux systems | 1,569 |
 bitthebyte/eagle | A tool for detecting vulnerabilities in web applications | 110 |
 moduscreateorg/beep | An account security scanner that detects vulnerabilities in online accounts by hashing credentials and checking against data breaches. | 157 |
 someengineering/fixinventory | Tools to identify and remove critical risks in cloud infrastructure accounts by analyzing metadata from APIs of various cloud services | 1,608 |
 r0075h3ll/oralyzer | A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. | 753 |
 david-a-wheeler/flawfinder | Analyzes C/C++ source code for security vulnerabilities and reports potential flaws. | 489 |
| bridgecrewio/cdkgoat | Demonstrates how common configuration errors can lead to production cloud misconfigurations | 44 |