aptly
aptly is a swiss army knife for Debian repository management: it allows you to mirror remote repositories, manage local package repositories, take snapshots, pull new versions of packages along with dependencies, publish as Debian repository.
linux packaging artifacts open-source
Azure DevOps
Azure DevOps provides development collaboration tools including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and continuous testing capabilities.
commercial scm git vcs
Berkshelf
A cookbook source structure manager for Chef, similar to Bundler for Ruby. Each Chef cookbook can be structured as an individual entity and can be pulled into your main Chef workflows.
linux windows osx open-source scm ruby
bitbucket
Bitbucket is a web-based hosting service that supports both Mercurial and Git version control systems. It offers commercial and free accounts. It supports collaboration with unlimited private repos, diff views, CI build integrations, large file storage, pipelines, JIRA and other 3rd party integrations.
commercial vcs git mercurial
Boxstarter
Repeatable, reboot resilient windows environment installations made easy using Chocolatey packages. When its time to repave either bare metal or virtualized instances, locally or on a remote machine, Boxstarter can automate both trivial and highly complex installations. Compatible with all Windows versions from Windows 7/2008 R2 forward.
windows open-source virt packaging provisioning powershell
Chocolatey
Chocolatey is like apt-get for Windows. It can install packages and dependencies over the command line.
windows open-source packaging provisioning powershell
CloudRepo
Public and Private Maven and Python (PyPi) repositories. Fully managed and highly available repository hosting.
linux windows osx bsd solaris commercial packaging artifacts java clojure scala groovy python pypi cloud maven sbt leiningen gradle ivy
Cloudsmith Package
Just Better Package Management. Manage your software dependencies and distribution with Enterprise-grade package management.
linux windows cloud packaging distribution debian nuget maven python rpm redhat ruby
Deploy Studio
An tools for re-imaging and provisioning OSX devices
osx provisioning orchestration config hardening
Fig
A package management tool, similar to Ivy/APT, but language agnostic, faster and works well with both executables and libraries.
linux windows osx open-source packaging ruby
FPM
Effing Package Managers (FPM) is a single tool that can generate rpm, deb, solaris, osx (pkg) and many other packages. It supports multiple inputs (directory, gem, egg, deb, etc) and can produce multiple outputs (rpm, deb, solaris, etc). It relieves the pain out of creating various kinds of packages.
linux osx open-source packaging ruby
Gauntlt
Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.
linux open-source security hardening ruby
Gerrit
A Web based code review and project management system for Git projects
linux windows osx open-source scm java
github
GitHub is a web-based Git or version control repository and Internet hosting service. It offers all of the distributed version control and source code management (SCM) functionality of Git as well as adding its own features. It provides access control and several collaboration features such as bug tracking, feature requests, task management, and wikis for every project.
open-source commercial vcs git
GitLab
GitLab is an open-source, fully featured git web frontend developed using Ruby on Rails. You can host this in your own server, create projects, repositories and teams, manage fine grained access permissions, add wikis, collaborate, raise and merge pull requests, and do much more through the web! (Note: GitLab acquired Gitorious, another open source git management system, in March 2015)
linux open-source vcs ruby
Gitolite
Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features
linux open-source scm vcs
Gogs
A self-hosted Git service written in Go. Gogs(Go Git Service) is a painless self-hosted Git Service written in Go. The goal of this project is to make the easiest, fastest and most painless way to set up a self-hosted Git service. With Go, this can be done in independent binary distribution across ALL platforms that Go supports, including Linux, Mac OS X, and Windows.
linux open-source git go scm
Harbor
Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.
linux open-source security hardening
Hardening Framework
The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.
linux open-source security hardening chef puppet ansible
Herd
A bittorrent based file distribution system based on Twitter’s Murder. It uses BitTorrent to push artifacts and code very fast across thousands of servers.
linux windows osx open-source packaging python
Librarian-Puppet
Librarian-Puppet is a source structure and dependency manager for Puppet modules, similar to bundler for Ruby. Each Puppet module can be managed as a separate source repository with individual versioning, and can then be pulled into your Puppetfile.
linux windows osx open-source scm ruby
NGINX Amplify
Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.
linux bsd free commercial logging monitoring metrics visualization security hardening errors
Opskeleton
Bootstrap a DevOps infrastructure with some opinionated defaults (vagrant, puppet, librarian-puppet, git, etc), standard development guidelines, etc. Makes it very quick to get a DevOps team up and running
linux open-source scm virt config-mgmt provisioning orchestration ruby
ossec
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows
open-source security hardening linux windows solaris osx bsd
Zed Attack Proxy (ZAP)
A penetration testing tool for finding vulnerabilities in web applications, from OWASP
linux windows osx open-source security
packagecloud
A hosted platform for managing software package repositories. Apt, yum, and rubygems repositories without the headaches.
linux packaging
Phabricator
Phabricator is an open source collection of development and code management, including code reviews and audits, browsing repositories, tracking bugs, etc
linux osx open-source scm php
Prevoty Application Monitoring & Protection (AMP)
Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.
linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci
r10k
r10k provides a general purpose toolset for deploying Puppet environments and modules. It implements the Puppetfile format and provides a native implementation of Puppet dynamic environments.
linux windows osx open-source free scm
Review Board
Review Board is a feature packed code review tool for multiple SCM systems (like git, bzr, cvs, subversion, etc).
linux open-source commercial scm python
RocketGit
Free (as in speech and as in beer) software (AGPLv3+) for hosting Git® projects, both public and private.
linux free scm vcs
Snort
Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.
open-source security hardening
SSH KeyBox
An open-source jump box solution with auditing capabilities
linux open-source cloud monitoring security java
System Integrety Management Platform
SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.
config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework
TeamPass
TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.
linux windows osx bsd solaris open-source security
testssl.sh
A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.
linux osx open-source security shell
Tinfoil Security
Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.
linux windows osx free commercial ci monitoring security
VAddy
VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.
linux windows osx free commercial ci cloud security
Vagrant Cachier
A Vagrant plugin that helps you reduce the amount of coffee you drink while waiting for boxes to be provisioned by sharing a common package cache among similiar VM instances.
linux windows osx open-source virt artifacts ruby
Vaurien
A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events
linux windows osx open-source security python
Veewee
veewee is a great tool for building Virtual Machine images (aka base boxes). It automates most of the steps and allows you to easily create readymade images for VirtualBox/Vagrant, VMWare Fusion, KVM and Parallels. No longer need to shy away from building custom VM images!
linux osx windows open-source virt packaging ruby
Verdaccio
Verdaccio is an open-source local repository for NPM packages. It provides private-access packages, caching, and overriding public packages.
linux windows osx bsd solaris open-source free packaging artifacts