Awesome Open Source

Programming Languages

Search results for security static analysis

static-analysis x

106 search results found

Gosec ⭐ 7,276

Go security checker

Grype ⭐ 7,107

A vulnerability scanner for container images and filesystems

Brakeman ⭐ 6,840

A static analysis security vulnerability scanner for Ruby on Rails applications

Pyre Check ⭐ 6,606

Performant type-checking for python.

Tfsec ⭐ 6,525

Security scanner for your Terraform code

Nodejsscan ⭐ 2,275

nodejsscan is a static security code scanner for Node.js applications.

Find Sec Bugs ⭐ 2,160

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Gokart ⭐ 2,141

A static analysis tool for securing Go code

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Binary Analysis Platform

Awesome Golang Security ⭐ 1,768

Awesome Golang Security resources 🕶🔐

Sobelow ⭐ 1,564

Security-focused static analysis for the Phoenix Framework

Bearer ⭐ 1,554

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Anchore Engine ⭐ 1,528

A service that analyzes docker images and scans for vulnerabilities

Panopticon ⭐ 1,356

A libre cross-platform disassembler.

Tai E ⭐ 1,143

An easy-to-learn/use static analysis framework for Java

Cfn_nag ⭐ 1,105

Linting tool for CloudFormation templates

Dagda ⭐ 1,051

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

Horusec ⭐ 1,000

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Opensca Cli ⭐ 964

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

Awesome Python Security ⭐ 867

Awesome Python Security resources 🕶🐍🔐

Enlightn ⭐ 837

Your performance & security consultant, an artisan command away.

Security Code Scan ⭐ 801

Vulnerability Patterns Detector for C# and VB.NET

Security scanner coordinator

Semgrep Rules ⭐ 698

Semgrep rules registry

Kubernetes RBAC static analysis & visualisation tool

Apkhunt ⭐ 580

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Packj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

Habomalhunter ⭐ 567

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

Vehicle Security Toolkit ⭐ 502

汽车/安卓/固件/代码安全测试工具集

Awesome Llvm Security ⭐ 500

awesome llvm security [Welcome to PR]

Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.

Fuzzable ⭐ 475

Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 2022.

Awesome Dotnet Security ⭐ 430

Awesome .NET Security Resources

Droidefense: Advance Android Malware Analysis Framework

Cfripper ⭐ 384

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

WEB SERVICE SECURITY ASSESSMENT TOOL

Lightweight static analyzer for several programming languages

Pycharm Security ⭐ 321

Finds security holes in your Python projects from PyCharm and GitHub

Njsscan ⭐ 318

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

A scanner for deprecated and end-of-life (EOL) software in container images, filesystems, and SBOMs

Awesome Java Security ⭐ 291

Awesome Java Security Resources 🕶☕🔐

Libscout ⭐ 267

LibScout: Third-party library detector for Java/Android apps

Sbt Dependency Check ⭐ 259

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Gitleaks Action ⭐ 247

Protect your secrets using Gitleaks-Action

GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)

Securify2 ⭐ 208

Checkov Action ⭐ 188

This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

Route Detect ⭐ 178

Find authentication (authn) and authorization (authz) security bugs in web application routes.

Securify ⭐ 168

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.

Swift Static Analysis Framework

Squealer ⭐ 140

Telling tales on you for leaking secrets!

Sonarqube Action ⭐ 131

Integrate SonarQube scanner to GitHub Actions

Argus Saf ⭐ 130

Argus static analysis framework

Cks Exercises Certified Kubernetes Security Specialist ⭐ 121

A set of curated exercises to help you prepare for the CKS exam

MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.

Terraform Security Scan ⭐ 107

Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec

Libsast ⭐ 106

Generic SAST Library

🪲 Primitive Erlang Security Tool

Malwareanalysis In Pdf ⭐ 83

Malicious PDF files recently considered one of the most dangerous threats to the system security. The flexible code-bearing vector of the PDF format enables to attacker to carry out malicious code on the computer system for user exploitation.

Intercept ⭐ 74

INTERCEPT / Policy as Code Auditing / SAST for Code & APIs

Bridgecrew Action ⭐ 72

This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

A suite of utilities to help with software supply chain challenges on nix targets

Panoptisch ⭐ 68

A recursive dependency scanner for Python projects

Codeclimate Rubocop ⭐ 59

Code Climate Engine for Rubocop

Go Sarif ⭐ 55

Go library for sarif - Static Analysis Results Interchange Format

Static and dynamic Android application security analysis

Custom Bytecode Analyzer ⭐ 51

Java bytecode analyzer customizable via JSON rules

Security ⭐ 42

A set of classes to handle common security-related tasks

Static_file_analysis ⭐ 41

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

Deobshell ⭐ 39

Powershell script deobfuscation using AST in Python

Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages

SCRUB is a platform for orchestration and aggregation of static code analysis tools.

Because Clair needs a friend

Eslint Security Scanner Configs ⭐ 32

eslintrc.js config files for running static analysis on JavaScript to identify security issues.

A lightweight static security analysis tool for modern Perl Apps

Codemodder Java ⭐ 23

a framework for building java codemods

Auraborealisapp ⭐ 20

Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data

Contrastscan Action ⭐ 19

Contrast Scan GitHub action

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

All in one Ruby static code analyzer

Kube Linter Action ⭐ 16

GitHub action for automating KubeLinter.

Devskim Sublime Plugin ⭐ 15

DEPRECATED -- DevSkim plugin for Sublime Text 3.

The Swiss Army Knife for Binary (In)security

Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.

Codeclimate Bundler Audit ⭐ 12

Code Climate Engine for bundler-audit

Easy_sast ⭐ 12

A docker container that integrates static analysis tools into your project

Scan Action ⭐ 11

Github Action for security scanning utilizing Salus by Coinbase

Actions Log4j ⭐ 11

A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

Simplesecurity ⭐ 10

Combine multiple popular python security tools and generate reports or output into different formats

Bridgecrew Orb ⭐ 10

This CircleCI Orb Action runs Bridgecrew analysis of Infrastructure-as-Code repository. Bridgecrerw performs static security analysis of Terraform, CloudFormation and Kubernetes Infrastructure code security

Gokart Action ⭐ 9

Integrate GoKart security static analysis to GitHub Actions

Firmwaredroid ⭐ 7

FirmwareDroid is an analysis framework for Android firmware.

Horusec Examples Vulnerabilities ⭐ 7

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Secure Devex22 ⭐ 7

Demo repository for my talk at the Heise Developer Experience 2022 conference.

Phpunisher ⭐ 6

Finds smelly php code pieces

Aws Codeguru Reviewer Cicd Cdk Sample ⭐ 6

CDK stack to enable CodeGuru Reviewer for selected GitHub repositories

4depcheck ⭐ 6

a tool to analyze and detect vulnerable dependencies/libraries from different programming languages

Related Searches

Security Vulnerabilities (12,357)

Laravel Security (11,580)

Php Security (10,611)

Python Security (3,208)

Javascript Security (3,002)

Java Security (2,469)

Html Security (2,284)

Golang Security (1,316)

Shell Security (1,213)

Security Penetration Testing (920)

1-100 of 106 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.