AppThreat / atomLinks
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
β78Updated this week
Alternatives and similar repositories for atom
Users that are interested in atom are comparing it to the libraries listed below
Sorting:
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated 11 months ago
- Code Hierarchy Exploration Net (chen)β24Updated this week
- A very simple open source implementation of Google's Project Naptimeβ174Updated 8 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and versβ¦β131Updated last week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β79Updated last week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β155Updated last year
- Manager of third-party sources of Semgrep rules πβ90Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ129Updated 9 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.β264Updated this week
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β53Updated last year
- Trail of Bits Testing Handbookβ87Updated 2 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β136Updated last year
- SAST + LLM Interprocedural Context Extractorβ163Updated last month
- Low-effort reachability analysis for third-party code vulnerabilities.β21Updated 2 years ago
- Fork Threat Modeling Platform - Communityβ27Updated last month
- β48Updated this week
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β83Updated last week
- Demonstrates how a malicious dependency could negatively impact the build output.β24Updated 2 years ago
- Monthly CVE Statsβ43Updated last week
- Data about all known supply-chain attacks through historyβ62Updated 6 months ago
- Automated vulnerability discovery and annotationβ67Updated last year
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated last month
- A place to systematically store software bill of materials (SBOM) documents.β48Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β67Updated 5 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β75Updated 2 years ago
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of hβ¦β55Updated 9 months ago
- A static analyzer powered by AIβ23Updated last year
- β52Updated last year
- Tool to guess CPE name based on common software nameβ106Updated 2 months ago
- A comprehensive list of software composition analysis tools.β156Updated last month