tfsec
Code scanner
A tool for identifying potential misconfigurations in Terraform code during the software development process
Tfsec is now part of Trivy
7k stars
71 watching
544 forks
Language: Go
last commit: about 2 months ago
Linked from 5 awesome lists
awsazurecicompliancedevopsdevsecopsdigitaloceangogoogle-cloud-platformhacktoberfestinfrastructure-as-codelintermisconfigurationscannersecuritystatic-analysisterraformterraform-securityvulnerability-scanners
sbilly/awesome-security
shuaibiyy/awesome-tf
4ndersonlin/awesome-cloud-security
jakobthedev/awesome-devsecops
shospodarets/awesome-platform-engineeringRelated projects:
| Repository | Description | Stars |
|---|---|---|
 tenable/terrascan | Detects security vulnerabilities and compliance issues in infrastructure code before provisioning cloud-native infrastructure. | 4,766 |
 reviewdog/action-tfsec | Automates security testing of Terraform configurations on GitHub pull requests. | 72 |
 tcosolutions/betterscan | A toolchain that scans source code and infrastructure IaC for security risks and provides a unified report. | 817 |
 hxsecurity/terraformgoat | A multi-cloud deployment tool designed to test and demonstrate the vulnerability of cloud infrastructure configurations | 536 |
 zupit/horusec | Identifies security flaws in software projects through static code analysis | 1,149 |
 security-code-scan/security-code-scan | Detects vulnerabilities in C# and VB.NET code | 944 |
 controlplaneio/kubesec | Analyzes Kubernetes resources for security vulnerabilities | 1,238 |
 cloudposse-archives/tfmask | Utility to filter sensitive output from terraform plan and apply executions | 202 |
| aquasecurity/cloudsploit | A tool designed to detect security risks in cloud infrastructure accounts | 3,355 |
 0xdones/tfgen | Terraform code generator for consistent and maintainable configuration files | 81 |
 securityftw/cs-suite | An automated tool suite to assess and improve cloud security across multiple platforms | 1,144 |
 trimstray/otseca | Tool to scan and gather information about a system's configuration and components. | 486 |
 checkmarx/kics | A tool for detecting security vulnerabilities and compliance issues in infrastructure-as-code projects | 2,093 |
 stelligent/cfn_nag | A tool to automatically scan and enforce security best practices in CloudFormation templates. | 1,260 |
 gosecure/dtd-finder | Identifies and generates XXE payloads from local DTDs found in file systems. | 610 |