Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

gitlab.com topics: SAST

ignis-build/sarif-converter

Convert from [SARIF](https://sarifweb.azurewebsites.net/) to GitLab Code Quality and SAST report.

Last synced at: about 1 month ago - Stars: 16 - Forks: 6

gitlab-ci-utils/gitlab-semgrep-plus

GitLab's `semgrep` container image augmented with hundreds of additional Node.js/JavaScript/Typescript and Go rules from [Semgrep's rule repository](https://github.com/semgrep/semgrep-rules).

Last synced at: 3 months ago - Stars: 2 - Forks: 2

gitlab-org/security-products/analyzers/gosec

SAST Analyzer based on Go AST Scanner

Last synced at: 4 months ago - Stars: 5 - Forks: 19

gitlab-org/security-products/analyzers/semgrep

SAST Analyzer based on Semgrep

Last synced at: 5 months ago - Stars: 34 - Forks: 58

gitlab-org/security-products/analyzers/kics

GitLab Analyzer for Infrastructure as Code (IaC) projects that calls kics. This analyzer is written in Go using the command library shared by all analyzers.

Last synced at: 5 months ago - Stars: 5 - Forks: 12

gitlab-org/security-products/analyzers/report

Go package for implementing shared vulnerability structs for secure analyzers

Last synced at: 5 months ago - Stars: 2 - Forks: 5

gitlab-org/security-products/analyzers/common

Go packages to implement analyzers

Last synced at: 5 months ago - Stars: 24 - Forks: 18

gitlab-org/security-products/analyzers/ruleset

Go package for implementing customized rulesets for SAST analyzers

Last synced at: 7 months ago - Stars: 1 - Forks: 3

gitlab-org/security-products/analyzers/security-code-scan

SAST Analyzer for .NET projects

Last synced at: 7 months ago - Stars: 9 - Forks: 14

gitlab-org/security-products/analyzers/command

Go package for implementing shared vulnerability command interface for secure analyzers

Last synced at: 7 months ago - Stars: 2 - Forks: 3

components/sast

Static Application Security Testing (SAST) checks your source code for known vulnerabilities.

Last synced at: 6 months ago - Stars: 5 - Forks: 0

gitlab-org/security-products/analyzers/brakeman

SAST Analyzer based on Brakeman

Last synced at: 5 months ago - Stars: 3 - Forks: 7

gitlab-org/security-products/analyzers/phpcs-security-audit

SAST Analyzer based on phpcs-security-audit

Last synced at: 7 months ago - Stars: 8 - Forks: 9

gitlab-org/security-products/analyzers/flawfinder

SAST Analyzer based on Flawfinder

Last synced at: 7 months ago - Stars: 3 - Forks: 8

gitlab-org/security-products/analyzers/nodejs-scan

SAST Analyzer for NodeJS projects

Last synced at: about 1 year ago - Stars: 4 - Forks: 15

gitlab-org/security-products/tests/go-modules

Test project with: Language: Go - Package Manager: Go mod

Last synced at: about 1 year ago - Stars: 1 - Forks: 6

gitlab-org/security-products/analyzers/bandit

SAST Analyzer based on Bandit

Last synced at: 5 months ago - Stars: 4 - Forks: 7

gitlab-org/security-products/analyzers/find-sec-bugs-gradle 📦

Deprecated SAST Analyzer for Java Gradle projects. This analyzer is deprecated in favor of the new [Spotbugs analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)

Last synced at: 5 months ago - Stars: 0 - Forks: 2

gitlab-org/security-products/analyzers/find-sec-bugs 📦

Deprecated SAST Analyzer based on Find Sec Bugs. This analyzer is deprecated in favor of the new [Spotbugs analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)

Last synced at: 5 months ago - Stars: 1 - Forks: 4

gitlab-org/security-products/analyzers/find-sec-bugs-groovy 📦

Deprecated SAST Analyzer for Groovy projects. This analyzer is deprecated in favor of the new [Spotbugs analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)

Last synced at: 5 months ago - Stars: 0 - Forks: 0

gitlab-org/security-products/analyzers/find-sec-bugs-sbt 📦

Deprecated SAST Analyzer for Scala sbt projects. This analyzer is deprecated in favor of the new [Spotbugs analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)

Last synced at: 5 months ago - Stars: 0 - Forks: 2

caer/cargo-lift

Last synced at: about 2 months ago - Stars: 0 - Forks: 0

gitlab-org/security-products/analyzers/mobsf

SAST Analyzer for mobile applications

Last synced at: almost 2 years ago - Stars: 7 - Forks: 9

gitlab-org/security-products/analyzers/kubesec

SAST Analyzer for Kubernetes manifests based on kubesec

Last synced at: almost 2 years ago - Stars: 4 - Forks: 6

gitlab-org/security-products/analyzers/pmd-apex

SAST Analyzer for Salesforce Apex projects based on pmd

Last synced at: almost 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/analyzers/secrets

SAST Analyzer for detecting leaked secrets

Last synced at: almost 2 years ago - Stars: 12 - Forks: 28

gitlab-org/security-products/sast-rules

Rule Repository for GitLab SAST

Last synced at: almost 2 years ago - Stars: 6 - Forks: 4

gitlab-org/security-products/post-analyzers/tracking-calculator

A post-processor for computing the scope+offset fingerprint.

Last synced at: almost 2 years ago - Stars: 4 - Forks: 0

gitlab-org/ci-cd/codequality

Codequality jobs in pipelines https://docs.gitlab.com/ee/user/project/merge_requests/code_quality.html

Last synced at: almost 2 years ago - Stars: 42 - Forks: 35

gitlab-org/security-products/analyzers/eslint

SAST Analyzer based on ESLint and its security plugin.

Last synced at: about 2 years ago - Stars: 2 - Forks: 8

gitlab-org/security-products/tests/scala-sbt

Test project with: Language: Scala - Package Manager: Sbt

Last synced at: about 2 years ago - Stars: 0 - Forks: 5

gitlab-org/security-products/tests/python-pip

Test project with: Language: Python - Package Manager: Pip

Last synced at: about 2 years ago - Stars: 0 - Forks: 5

gitlab-org/security-products/analyzers/spotbugs

SAST Analyzer based on SpotBugs and Find Sec Bugs.

Last synced at: about 2 years ago - Stars: 6 - Forks: 30

gitlab-components/sast

Static Application Security Testing (SAST) checks your source code for known vulnerabilities.

Last synced at: about 2 years ago - Stars: 0 - Forks: 0

gitlab-org/security-products/tests/java-maven

Test project with: Language: Java - Package Manager: Maven

Last synced at: about 2 years ago - Stars: 0 - Forks: 14

gitlab-org/security-products/tests/python-pipenv

Test project with: Language: Python - Package Manager: Pipenv

Last synced at: about 2 years ago - Stars: 1 - Forks: 4

gitlab-org/security-products/analyzers/sobelow

SAST Analyzer for Phoenix Elixir projects based on sobelow

Last synced at: about 2 years ago - Stars: 2 - Forks: 7

gitlab-org/security-products/tests/dotnet5

.NET 6 Project - forked from .NET 5 project

Last synced at: about 2 years ago - Stars: 0 - Forks: 6

gitlab-org/security-products/tests/java-maven-multimodules

Test project with: Language: Java - Package Manager: Maven - Type: MultiModule

Last synced at: about 2 years ago - Stars: 1 - Forks: 3

gitlab-org/security-products/tests/ruby-bundler-rails

Test project with: Language: Ruby - Package Manager: Bundler - Framework : Rails

Last synced at: about 2 years ago - Stars: 0 - Forks: 2

gitlab-org/security-products/tests/php-composer

Test project with: Language: Php - Package Manager: Composer

Last synced at: about 2 years ago - Stars: 0 - Forks: 4

gitlab-test-ci-catalog/catalog/security

Security scans as pipeline jobs. SAST, Secret Detection, etc.

Last synced at: about 2 years ago - Stars: 0 - Forks: 0

gitlab-org/security-products/tests/secrets

A project containing leaked secrets and tokens.

Last synced at: about 2 years ago - Stars: 2 - Forks: 6

rdnxk/shiftleft-sl-docker

Shiftleft CLI auto builder for Docker Hub

Last synced at: over 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/tests/go

Test project with: Language: Go

Last synced at: over 2 years ago - Stars: 0 - Forks: 6

gitlab-org/security-products/tests/c

Test project with: Language: C

Last synced at: over 2 years ago - Stars: 0 - Forks: 4

gitlab-org/security-products/tests/kubernetes

Test project with: Language - kubernetes

Last synced at: over 2 years ago - Stars: 0 - Forks: 2

gitlab-org/security-products/tests/python-pip-flask

Last synced at: over 2 years ago - Stars: 0 - Forks: 1

gitlab-org/security-products/post-analyzers/scripts

Collection of shell scripts packaged with SAST analyzers to enable post-analyzer integrations.

Last synced at: over 2 years ago - Stars: 0 - Forks: 0

gitlab-org/security-products/tests/java-gradle

Test project for Java Gradle

Last synced at: over 2 years ago - Stars: 1 - Forks: 7

gitlab-org/security-products/tests/java-groovy

Test project for Java Groovy

Last synced at: over 2 years ago - Stars: 0 - Forks: 1

gitlab-org/security-products/tests/typescript-yarn

Test project with: Language: Typescript - Package Manager: Yarn

Last synced at: over 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/tests/js

A project containing clientside javascript (*.js & *.html)

Last synced at: over 2 years ago - Stars: 1 - Forks: 7

gitlab-org/security-products/tests/monorepo-spotbugs

Last synced at: over 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/tests/cplusplus

Test project with: Language: C++

Last synced at: over 2 years ago - Stars: 0 - Forks: 1

gitlab-org/security-products/tests/cloudformation

Last synced at: over 2 years ago - Stars: 0 - Forks: 1

gitlab-org/security-products/tests/java-android

Test project with: Language: Java - Platform: Android

Last synced at: over 2 years ago - Stars: 1 - Forks: 4

ingka/templates

Gitlab CI / CD templates for easy jobs and pipelines

Last synced at: over 2 years ago - Stars: 2 - Forks: 1

christopher.pickering/sast-demo

This project is for free tier self hosted GitLab users who are running the SAST and Password Detection scrips and looking for a way to add them visibly to the merge request.

Last synced at: almost 3 years ago - Stars: 2 - Forks: 0

gitlab-org/security-products/tests/ruby-generic

Test project with: Language: Ruby

Last synced at: over 2 years ago - Stars: 0 - Forks: 1

gitlab-com/support/test-projects/ci-examples/sast

A project containing "vulnerable" code for testing GitLab SAST functionality.

Last synced at: over 2 years ago - Stars: 5 - Forks: 9

gitlab-org/security-products/tests/java-gradle-kotlin-dsl

Test project for Java Gradle with Kotlin build script

Last synced at: over 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/tests/elixir-phoenix

Test project with: Language: Elixir - Package Manager: Mix - Framework: Phoenix

Last synced at: over 2 years ago - Stars: 0 - Forks: 3

gitlab-org/security-products/tests/apex-salesforce

Test project with: Language: Apex - Package Manager: SFDX

Last synced at: over 2 years ago - Stars: 0 - Forks: 4

dennismedeiros/verademo-ci-cd-sample

An example project staged to demonstrate the usage of Veracode's SAST scanning tools within CI/CD pipeline.

Last synced at: over 2 years ago - Stars: 0 - Forks: 0

jackieklaura/scrap-scanner-eval

This repository is part of a master thesis featured on https://scrap.tantemalkah.at and highlights the evaluation of currently maintained F/LOSS static analysis tools for PHP.

Last synced at: over 2 years ago - Stars: 0 - Forks: 0

Related Keywords
SAST 66 hacktoberfest 43 GL-Secure 26 GL-Secure-QA 25 GL-Secure Analyzer 21 Dependency Scanning 11 security 5 License management 5 deprecated 4 static analysis 3 jobs 3 docker 2 report 2 crane 1 ci 1 build 1 browser-testing 1 sl 1 shiftleft.io 1 dast 1 deploy 1 kaniko 1 performance 1 merge request 1 example 1 veracode 1 php 1 software security 1 shiftleft 1 devsecops 1 devops 1 secret-dectection 1 pipeline 1 GL-Secure-Analyzer 1 rust 1 repository 1 Gl Secure Qa 1 dataset 1 Container Scanning 1 container 1 go 1 gitlab 1 SARIF 1