GitHub topics: sast
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Language: Rust - Size: 41 MB - Last synced at: 25 minutes ago - Pushed at: 8 days ago - Stars: 13,769 - Forks: 1,389
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Language: OCaml - Size: 86.5 MB - Last synced at: about 9 hours ago - Pushed at: about 9 hours ago - Stars: 11,582 - Forks: 690
snyk/snyk-ls
Language Server used by IDEs as Snyk Backend for Frontends
Language: Go - Size: 10.7 MB - Last synced at: about 19 hours ago - Pushed at: about 20 hours ago - Stars: 56 - Forks: 8
OrenGitHub/dhscanner
free as in speech file system and container scanner
Language: Python - Size: 239 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 4 - Forks: 1
par-tec/d3fend-tools
Express IaC resources as d3fend graphs.
Language: Python - Size: 12.7 MB - Last synced at: about 9 hours ago - Pushed at: about 10 hours ago - Stars: 4 - Forks: 0
thomasleplus/java-memory-safety
A study of the limits of Java's memory safety.
Language: Java - Size: 166 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
ZupIT/horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Language: Go - Size: 73.9 MB - Last synced at: about 9 hours ago - Pushed at: about 10 hours ago - Stars: 1,216 - Forks: 195
mercedes-benz/sechub
SecHub provides a central API to test software with different security tools.
Language: Java - Size: 64.2 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 303 - Forks: 74
NodeSecure/scanner
⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine!
Language: TypeScript - Size: 1.76 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 32 - Forks: 14
ericcornelissen/js-regex-security-scanner
A static analyzer to scan JavaScript code for problematic regular expressions.
Language: JavaScript - Size: 1.98 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 8 - Forks: 2
insidersec/insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Language: Go - Size: 4.39 MB - Last synced at: 1 day ago - Pushed at: about 3 years ago - Stars: 536 - Forks: 81
JoostVoskuil/azure-devops-gitleaks
This is an extension for Azure DevOps that is a wrapper arround gitleaks created by Zachary Rice for easy execution inside your pipeline. Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for finding secrets, past or present, in your code.
Language: TypeScript - Size: 605 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 36 - Forks: 21
sahildari/secure-coding-examples
This repository provides practical examples for developers and security professionals seeking to implement secure coding practices in their applications and operational workflows. It covers common security vulnerabilities such as path manipulation, file upload flaws, and input validation issues, offering robust solutions to mitigate these risks.
Language: Java - Size: 148 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
PyCQA/vscode-bandit
A Visual Studio Code extension with support for the Bandit static analysis tool.
Language: Python - Size: 1.39 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 3 - Forks: 1
zinja-coder/jadx-ai-mcp
Plugin for JADX to integrate MCP server
Language: Java - Size: 27.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 210 - Forks: 22
MobSF/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Language: Python - Size: 331 KB - Last synced at: about 18 hours ago - Pushed at: 3 months ago - Stars: 656 - Forks: 106
NodeSecure/js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
Language: JavaScript - Size: 1.18 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 242 - Forks: 25
securesauce/vscode-precaution
A Visual Studio Code extension with support for the Precaution static analysis tool.
Language: Python - Size: 875 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 1
fabasoad/pre-commit-vulncheck
pre-commit hooks to run vulncheck
Language: Shell - Size: 45.9 KB - Last synced at: 3 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0
fabasoad/setup-zizmor-action
This GitHub Action installs zizmor CLI
Language: Shell - Size: 21.5 KB - Last synced at: 3 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0
fabasoad/pre-commit-grype
pre-commit hooks to run grype
Language: Shell - Size: 71.3 KB - Last synced at: 3 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Language: Go - Size: 23.8 MB - Last synced at: 6 days ago - Pushed at: 9 days ago - Stars: 2,275 - Forks: 123
tenable/terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Language: Go - Size: 15.3 MB - Last synced at: 6 days ago - Pushed at: 15 days ago - Stars: 4,912 - Forks: 518
fabasoad/pre-commit-snyk
pre-commit hooks to run snyk
Language: Shell - Size: 101 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 11 - Forks: 5
fabasoad/reusable-workflows
Collection of reusable workflows
Size: 91.8 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 1 - Forks: 0
DeepSourceCorp/globstar
Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.
Language: Go - Size: 7.7 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 432 - Forks: 45
securesauce/precli
Precaution CLI - command line static application security testing tool
Language: Python - Size: 2.5 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 23 - Forks: 3
Cylum-Cybersecurity/insecureShip-API-Lab
This application contains intentional security vulnerabilities and should never be deployed in production environments or exposed to the internet. Use only in controlled, isolated environments for security training, demonstrations, and testing. This lab was originally created by TheCyberpunker - Luis Uribe, a security researcher from our company.
Language: JavaScript - Size: 0 Bytes - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 1 - Forks: 0
shivasurya/code-pathfinder
Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, find vulnerabilities in code.
Language: Go - Size: 10.6 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 58 - Forks: 7
righettod/toolbox-codescan
Customized toolbox to perform offline scanning of a code base.
Language: Shell - Size: 206 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 1 - Forks: 0
cycodehq/cycode-cli
Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning
Language: Python - Size: 1.65 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 88 - Forks: 46
redhat-plumbers-in-action/differential-shellcheck
🐚 GitHub Action for running ShellCheck differentially
Language: Shell - Size: 1.86 MB - Last synced at: 1 day ago - Pushed at: 6 days ago - Stars: 58 - Forks: 10
0dayInc/pwn
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
Language: Ruby - Size: 8.54 MB - Last synced at: 6 days ago - Pushed at: 12 days ago - Stars: 50 - Forks: 4
CodeThreat/codethreat-github-action
CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potential issues.
Language: JavaScript - Size: 2.38 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 4 - Forks: 0
scan-io-git/scan-io
Multitool for Enhancing Code Security
Language: Go - Size: 14.4 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 5 - Forks: 1
harekrishnarai/Damn-vulnerable-sca
Damn Vulnerable SCA Application
Language: Java - Size: 35.9 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 32 - Forks: 27
XargsUK/checkov-prismaless-vscode Fork of bridgecrewio/checkov-vscode
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework, and other infrastructure-as-code-languages with Checkov in VS Code.
Language: TypeScript - Size: 3.84 MB - Last synced at: 4 days ago - Pushed at: 21 days ago - Stars: 11 - Forks: 4
jbeduino/cosca
Cosca (Combo Scanner) is an Application Security automation tool that invokes third-party scanners and processes outputs in a one-liner command.
Language: Python - Size: 42.8 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 0 - Forks: 0
Correia-jpv/fucking-static-analysis
⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. With repository stars⭐ and forks🍴
Language: Rust - Size: 40.9 MB - Last synced at: 10 days ago - Pushed at: 23 days ago - Stars: 19 - Forks: 0
latiotech/LAST
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
Language: Python - Size: 39.1 MB - Last synced at: 6 days ago - Pushed at: 14 days ago - Stars: 166 - Forks: 16
AppThreat/joern-lib 📦
Python library for code analysis with CPG and Joern
Language: Jupyter Notebook - Size: 4.39 MB - Last synced at: 3 days ago - Pushed at: almost 2 years ago - Stars: 20 - Forks: 2
kh4sh3i/semgrep
Semgrep is a static analysis tool designed for code scanning.
Size: 196 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 1 - Forks: 1
kh4sh3i/Awesome-Code-Review
Awesome list of code review resources and tools
Language: Shell - Size: 43 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 0 - Forks: 1
tcosolutions/betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
Language: Python - Size: 12.7 MB - Last synced at: 7 days ago - Pushed at: about 2 months ago - Stars: 859 - Forks: 97
m14r41/scan4secrets
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
Language: Python - Size: 58.6 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 20 - Forks: 6
CASTLE-Benchmark/CASTLE-Benchmark
The CASTLE Benchmark is a modern micro-benchmarking solution to test Static Analyzers and LLMs in vulnerability detection
Language: C - Size: 3.46 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 4 - Forks: 0
hangga/delvelin
Delveline is a Code Vulnerability Analyzer for Java and Kotlin that supports best practices in security and risk management.
Language: Java - Size: 2.66 MB - Last synced at: 2 days ago - Pushed at: 15 days ago - Stars: 86 - Forks: 2
meta-fun/awesome-software-supply-chain-security
Sharing software supply chain security open source projects
Size: 23.4 KB - Last synced at: 5 days ago - Pushed at: over 2 years ago - Stars: 49 - Forks: 3
xJonah/repelsec
SAST & SCA Security Tool
Language: Python - Size: 2.89 MB - Last synced at: 19 days ago - Pushed at: 20 days ago - Stars: 5 - Forks: 0
HCL-TECH-SOFTWARE/appscan-sast-action
Integrate static security testing with HCL AppScan on Cloud using GitHub Actions
Language: JavaScript - Size: 3.06 MB - Last synced at: 6 days ago - Pushed at: 22 days ago - Stars: 6 - Forks: 5
RHEcosystemAppEng/sast-ai-orchestrator
Controller for SAST-AI-Workflows. This project schedules, monitors, and serves workflow info to REST clients 🧠📡
Language: Java - Size: 24.4 KB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 0 - Forks: 0
Checkmarx/sast-to-ast-export
CLI tool to export data from CxSAST and import into AST CxOne
Language: Go - Size: 63.7 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 3 - Forks: 5
ionutbalosin/java-application-security-practices
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
Language: Java - Size: 3.92 MB - Last synced at: 15 days ago - Pushed at: 24 days ago - Stars: 37 - Forks: 9
h4sh5/pypi-auto-scanner 📦
Automatically scan new pypi packages for potentially malicious code
Language: Python - Size: 578 MB - Last synced at: about 23 hours ago - Pushed at: about 1 year ago - Stars: 30 - Forks: 8
ajinabraham/njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Language: JavaScript - Size: 387 KB - Last synced at: 24 days ago - Pushed at: 6 months ago - Stars: 397 - Forks: 79
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
Language: CSS - Size: 5.28 MB - Last synced at: 26 days ago - Pushed at: 2 months ago - Stars: 2,457 - Forks: 337
OsmanKandemir/docf-sec-check
DocF-Sec-Check helps to make your Dockerfile commands more secure.
Language: Python - Size: 3.32 MB - Last synced at: 3 days ago - Pushed at: 28 days ago - Stars: 5 - Forks: 2
advanced-security/monorepo-code-scanning-action
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
Language: JavaScript - Size: 207 KB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 6 - Forks: 1
OrenGitHub/dhscanner-action
SAST engine with a cross file, inter-procedural dataflow and other deep analyses
Size: 20.5 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
securesauce/precli-action
GitHub Action to run Precaution SAST
Size: 5.86 KB - Last synced at: 28 days ago - Pushed at: 6 months ago - Stars: 2 - Forks: 1
we45/ThreatPlaybook
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Language: Python - Size: 2.93 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 279 - Forks: 57
alipay/ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Language: Java - Size: 10.6 MB - Last synced at: 29 days ago - Pushed at: about 1 month ago - Stars: 381 - Forks: 49
VulnPlanet/l3x
AI-driven Static Analyzer. Supports Rust and Smart contracts: Solana based on Rust, Ethereum based on Solidity.
Language: Rust - Size: 6.86 MB - Last synced at: about 1 month ago - Pushed at: 7 months ago - Stars: 79 - Forks: 14
ASTTeam/CodeQL
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
Size: 17.1 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 1,592 - Forks: 174
momosecurity/momo-code-sec-inspector-java
IDEA静态代码安全审计及漏洞一键修复插件
Language: Java - Size: 11.6 MB - Last synced at: 24 days ago - Pushed at: about 3 years ago - Stars: 1,022 - Forks: 150
ShiftLeftSecurity/sast-scan
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Language: Python - Size: 5.25 MB - Last synced at: 30 days ago - Pushed at: over 1 year ago - Stars: 837 - Forks: 120
pcfens/sast-parser
Parse GitLab SAST reports into more human readable projects
Language: Python - Size: 53.7 KB - Last synced at: 30 days ago - Pushed at: 3 months ago - Stars: 64 - Forks: 22
par-tec/neo4j-semantic-docker
A collection of security tools, including neo4j dockerfile with semantic plugin.
Language: Python - Size: 1.55 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 1
owasp-noir/noir-passive-rules
Passive Scan Rules for OWASP Noir
Size: 46.9 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 0
analysis-tools-dev/website-next
Next version of the analysis tools website
Language: TypeScript - Size: 28.3 MB - Last synced at: about 4 hours ago - Pushed at: about 2 months ago - Stars: 4 - Forks: 2
shivamsaraswat/SeCoRA
Secure Code Review AI Agent (SeCoRA) - AI SAST
Language: Python - Size: 60.5 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 48 - Forks: 3
CASTLE-Benchmark/CASTLE-Source
The source code for the CASTLE Benchmark Tests, Wrappers, Evaluator, Diagrams and more
Language: C - Size: 196 KB - Last synced at: 3 days ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
j3ssie/codeql-docker
Ready to use docker image for CodeQL
Language: Python - Size: 20.5 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 89 - Forks: 11
rosehgal/DockerENT
The only open-source tool to analyze vulnerabilities and configuration issues with running docker container(s) and docker networks.
Language: Python - Size: 2.12 MB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 128 - Forks: 17
paulveillard/cybersecurity-static-analysis
An ongoing & curated collection of awesome vulnerability scanning software, libraries and frameworks, best guidelines, technical resources and most important static application security testing (SAST)
Language: Makefile - Size: 1000 KB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 13 - Forks: 1
georgealton/iam-sarif-report
Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.
Language: Python - Size: 916 KB - Last synced at: 18 days ago - Pushed at: 23 days ago - Stars: 6 - Forks: 1
gmatuz/sast-efficacy
Real world test cases to evaluate static analyser efficacy
Language: Python - Size: 17.3 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0
dargentieri-devops/vuln_app
Applicazione progettata specificamente per testare e analizzare la sicurezza del codice sorgente.
Language: Java - Size: 7.64 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
Vulnetix/vulnetix
Automate vulnerability triage which prioritizes remediation over discovery
Language: TypeScript - Size: 22.8 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 16 - Forks: 0
arainho/secure-git-workshop
(in)secure git workshop 🔓+🔑 = 🔐
Language: Python - Size: 22.4 MB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 8 - Forks: 86
johnbillion/awesome-github-actions-security
A curated list of awesome things related to securing your GitHub Actions workflows.
Size: 43 KB - Last synced at: 7 days ago - Pushed at: about 2 months ago - Stars: 21 - Forks: 0
DariuszPorowski/github-action-gitleaks
This GitHub Action allows you to run Gitleaks in your GitHub workflow.
Language: Shell - Size: 101 KB - Last synced at: 20 days ago - Pushed at: about 2 months ago - Stars: 21 - Forks: 10
htrgouvea/zarn
A lightweight static security analysis tool for modern Perl Apps
Language: Perl - Size: 179 KB - Last synced at: 27 days ago - Pushed at: about 2 months ago - Stars: 49 - Forks: 12
NordCoderd/infrastructure-security
Infrastructure as Code Security Linter for JetBrains IDEs (e.g., IntelliJ IDEA, PyCharm)
Language: Kotlin - Size: 335 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 11 - Forks: 0
NJUPT-SAST/approval-system
🖥️ 南京邮电大学审批系统前端
Language: TypeScript - Size: 3.2 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 3 - Forks: 1
OtavioVB/Ntickets
Uma plataforma de compra de ingressos de alta disponibilidade e resiliência.
Language: C# - Size: 299 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0
m3ssap0/massive-appscan-prepare 📦
This is a Python 2.7 script that can be used to launch massive 'appscan prepare' commands.
Language: Python - Size: 1.95 KB - Last synced at: 2 months ago - Pushed at: over 6 years ago - Stars: 0 - Forks: 0
xlab-steampunk/spotter-action
GitHub Action for Steampunk Spotter
Language: Shell - Size: 50.8 KB - Last synced at: 14 days ago - Pushed at: 5 months ago - Stars: 4 - Forks: 2
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
Language: Kotlin - Size: 38 MB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 239 - Forks: 20
arall/vulnerabilities
Examples of different vulnerabilities, in a variety of languages, shapes and sizes.
Language: HTML - Size: 5.13 MB - Last synced at: 6 days ago - Pushed at: about 1 year ago - Stars: 28 - Forks: 16
ASTTeam/SAST
《深入理解SAST静态应用安全测试》Static Application Security Testing.
Size: 242 MB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 334 - Forks: 30
Orange-Cyberdefense/grepmarx
A source code static analysis platform for AppSec enthusiasts.
Language: Python - Size: 201 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 232 - Forks: 28
FabrizioCafolla/py-secscan
PySecScan automates security checks, linting, and SBOM generation, ensuring a proactive approach to code security with minimal setup.
Language: Python - Size: 38.1 KB - Last synced at: 23 days ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
R3DRUN3/stream 📦
Reference implementation of CI pipeline steps via Dagger modules 🏗️
Language: Go - Size: 54.7 KB - Last synced at: 16 days ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
hounddogai/hounddog
Blazingly fast source code scanner for data security and privacy.
Language: Shell - Size: 9.77 KB - Last synced at: 26 days ago - Pushed at: 2 months ago - Stars: 25 - Forks: 27
ZupIT/horusec-engine
Horusec analysis engine
Language: Go - Size: 1.79 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 22 - Forks: 16
Contrast-Security-OSS/contrastscan-action
Contrast Scan GitHub action
Size: 125 KB - Last synced at: 6 days ago - Pushed at: 9 months ago - Stars: 20 - Forks: 4
rahmansec/Semgrep-Ruls
Semgrep Ruls
Size: 10.7 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
chebuya/sastsweep
tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size
Language: Go - Size: 9 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 208 - Forks: 20
kadraman/InsecureWebApp
An insecure Python/Flask Web application
Language: CSS - Size: 5.57 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 1
