Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for static analysis devsecops
devsecops
x
static-analysis
x
28 search results found
Mobile Security Framework Mobsf
⭐
16,123
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Scanners Box
⭐
7,972
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Tfsec
⭐
6,548
Security scanner for your Terraform code
Nodejsscan
⭐
2,275
nodejsscan is a static security code scanner for Node.js applications.
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Opensca Cli
⭐
964
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Sast Scan
⭐
697
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Betterscan Ce
⭐
673
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Packj
⭐
573
Packj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Privado
⭐
454
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Shisho
⭐
358
Lightweight static analyzer for several programming languages
Pycharm Security
⭐
321
Finds security holes in your Python projects from PyCharm and GitHub
Njsscan
⭐
318
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Sbt Dependency Check
⭐
259
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Qodana Action
⭐
232
⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle
Checkov Action
⭐
188
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Awesome Software Supply Chain Security
⭐
165
A compilation of resources in the software supply chain security domain, with emphasis on open source
Squealer
⭐
140
Telling tales on you for leaking secrets!
Sonarqube Action
⭐
131
Integrate SonarQube scanner to GitHub Actions
Intercept
⭐
74
INTERCEPT / Policy as Code Auditing / SAST for Code & APIs
Bridgecrew Action
⭐
72
This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Cpplumber
⭐
68
Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
Njsscan Action
⭐
20
nodejsscan Github Action
Docktor
⭐
12
Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.
Actions Log4j
⭐
11
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
Secure Devex22
⭐
7
Demo repository for my talk at the Heise Developer Experience 2022 conference.
Patronus
⭐
7
Swiss Army Knife SAST Toolkit
Prisma Cloud Pipeline
⭐
5
Export Prisma Cloud container findings to a CI pipeline, and identify un-triaged findings.
Container Security Testing
⭐
5
A list of security testing tools for containerized applications
1-28 of 28 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.