Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security static analysis
security
x
static-analysis
x
106 search results found
Gosec
⭐
7,276
Go security checker
Grype
⭐
7,107
A vulnerability scanner for container images and filesystems
Brakeman
⭐
6,840
A static analysis security vulnerability scanner for Ruby on Rails applications
Pyre Check
⭐
6,606
Performant type-checking for python.
Tfsec
⭐
6,525
Security scanner for your Terraform code
Nodejsscan
⭐
2,275
nodejsscan is a static security code scanner for Node.js applications.
Find Sec Bugs
⭐
2,160
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Gokart
⭐
2,141
A static analysis tool for securing Go code
Pyt
⭐
2,005
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Bap
⭐
1,926
Binary Analysis Platform
Awesome Golang Security
⭐
1,768
Awesome Golang Security resources 🕶🔐
Sobelow
⭐
1,564
Security-focused static analysis for the Phoenix Framework
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Anchore Engine
⭐
1,528
A service that analyzes docker images and scans for vulnerabilities
Panopticon
⭐
1,356
A libre cross-platform disassembler.
Tai E
⭐
1,143
An easy-to-learn/use static analysis framework for Java
Cfn_nag
⭐
1,105
Linting tool for CloudFormation templates
Dagda
⭐
1,051
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Horusec
⭐
1,000
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Opensca Cli
⭐
964
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Awesome Python Security
⭐
867
Awesome Python Security resources 🕶🐍🔐
Enlightn
⭐
837
Your performance & security consultant, an artisan command away.
Security Code Scan
⭐
801
Vulnerability Patterns Detector for C# and VB.NET
Salus
⭐
714
Security scanner coordinator
Semgrep Rules
⭐
698
Semgrep rules registry
Krane
⭐
633
Kubernetes RBAC static analysis & visualisation tool
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Packj
⭐
573
Packj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Habomalhunter
⭐
567
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Vehicle Security Toolkit
⭐
502
汽车/安卓/固件/代码安全测试工具集
Awesome Llvm Security
⭐
500
awesome llvm security [Welcome to PR]
Sqlvet
⭐
476
Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.
Fuzzable
⭐
475
Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 2022.
Awesome Dotnet Security
⭐
430
Awesome .NET Security Resources
Engine
⭐
398
Droidefense: Advance Android Malware Analysis Framework
Cfripper
⭐
384
Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
Wssat
⭐
367
WEB SERVICE SECURITY ASSESSMENT TOOL
Shisho
⭐
358
Lightweight static analyzer for several programming languages
Pycharm Security
⭐
321
Finds security holes in your Python projects from PyCharm and GitHub
Njsscan
⭐
318
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Xeol
⭐
291
A scanner for deprecated and end-of-life (EOL) software in container images, filesystems, and SBOMs
Awesome Java Security
⭐
291
Awesome Java Security Resources 🕶☕🔐
Libscout
⭐
267
LibScout: Third-party library detector for Java/Android apps
Sbt Dependency Check
⭐
259
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Gitleaks Action
⭐
247
Protect your secrets using Gitleaks-Action
Choccy
⭐
228
GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)
Securify2
⭐
208
Securify v2.0
Checkov Action
⭐
188
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Sys
⭐
182
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Route Detect
⭐
178
Find authentication (authn) and authorization (authz) security bugs in web application routes.
Securify
⭐
168
[DEPRECATED] Security Scanner for Ethereum Smart Contracts
Dlint
⭐
141
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
Swan
⭐
141
Swift Static Analysis Framework
Squealer
⭐
140
Telling tales on you for leaking secrets!
Sonarqube Action
⭐
131
Integrate SonarQube scanner to GitHub Actions
Argus Saf
⭐
130
Argus static analysis framework
Cks Exercises Certified Kubernetes Security Specialist
⭐
121
A set of curated exercises to help you prepare for the CKS exam
Mate
⭐
120
MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.
Terraform Security Scan
⭐
107
Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
Libsast
⭐
106
Generic SAST Library
Pest
⭐
99
🪲 Primitive Erlang Security Tool
Malwareanalysis In Pdf
⭐
83
Malicious PDF files recently considered one of the most dangerous threats to the system security. The flexible code-bearing vector of the PDF format enables to attacker to carry out malicious code on the computer system for user exploitation.
Intercept
⭐
74
INTERCEPT / Policy as Code Auditing / SAST for Code & APIs
Bridgecrew Action
⭐
72
This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Sbomnix
⭐
71
A suite of utilities to help with software supply chain challenges on nix targets
Panoptisch
⭐
68
A recursive dependency scanner for Python projects
Codeclimate Rubocop
⭐
59
Code Climate Engine for Rubocop
Go Sarif
⭐
55
Go library for sarif - Static Analysis Results Interchange Format
Aparoid
⭐
55
Static and dynamic Android application security analysis
Custom Bytecode Analyzer
⭐
51
Java bytecode analyzer customizable via JSON rules
Security
⭐
42
A set of classes to handle common security-related tasks
Static_file_analysis
⭐
41
Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Deobshell
⭐
39
Powershell script deobfuscation using AST in Python
Maloss
⭐
37
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Scrub
⭐
35
SCRUB is a platform for orchestration and aggregation of static code analysis tools.
Kate
⭐
32
Because Clair needs a friend
Eslint Security Scanner Configs
⭐
32
eslintrc.js config files for running static analysis on JavaScript to identify security issues.
Zarn
⭐
28
A lightweight static security analysis tool for modern Perl Apps
Codemodder Java
⭐
23
a framework for building java codemods
Auraborealisapp
⭐
20
Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
Contrastscan Action
⭐
19
Contrast Scan GitHub action
Stadyna
⭐
19
StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications
Umarell
⭐
17
All in one Ruby static code analyzer
Kube Linter Action
⭐
16
GitHub action for automating KubeLinter.
Devskim Sublime Plugin
⭐
15
DEPRECATED -- DevSkim plugin for Sublime Text 3.
Binsec
⭐
15
The Swiss Army Knife for Binary (In)security
Docktor
⭐
12
Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.
Codeclimate Bundler Audit
⭐
12
Code Climate Engine for bundler-audit
Easy_sast
⭐
12
A docker container that integrates static analysis tools into your project
Scan Action
⭐
11
Github Action for security scanning utilizing Salus by Coinbase
Actions Log4j
⭐
11
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
Simplesecurity
⭐
10
Combine multiple popular python security tools and generate reports or output into different formats
Bridgecrew Orb
⭐
10
This CircleCI Orb Action runs Bridgecrew analysis of Infrastructure-as-Code repository. Bridgecrerw performs static security analysis of Terraform, CloudFormation and Kubernetes Infrastructure code security
Gokart Action
⭐
9
Integrate GoKart security static analysis to GitHub Actions
Firmwaredroid
⭐
7
FirmwareDroid is an analysis framework for Android firmware.
Horusec Examples Vulnerabilities
⭐
7
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Secure Devex22
⭐
7
Demo repository for my talk at the Heise Developer Experience 2022 conference.
Phpunisher
⭐
6
Finds smelly php code pieces
Aws Codeguru Reviewer Cicd Cdk Sample
⭐
6
CDK stack to enable CodeGuru Reviewer for selected GitHub repositories
4depcheck
⭐
6
a tool to analyze and detect vulnerable dependencies/libraries from different programming languages
Related Searches
Security Vulnerabilities (12,357)
Laravel Security (11,580)
Php Security (10,611)
Python Security (3,208)
Javascript Security (3,002)
Java Security (2,469)
Html Security (2,284)
Golang Security (1,316)
Shell Security (1,213)
Security Penetration Testing (920)
1-100 of 106 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.