AppThreat / atomLinks
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
β73Updated last week
Alternatives and similar repositories for atom
Users that are interested in atom are comparing it to the libraries listed below
Sorting:
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated 11 months ago
- Code Hierarchy Exploration Net (chen)β21Updated last week
- A very simple open source implementation of Google's Project Naptimeβ173Updated 7 months ago
- Metis is an open-source, AI-driven tool for deep security code reviewβ83Updated this week
- Trail of Bits Testing Handbookβ82Updated last week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β153Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ127Updated 8 months ago
- SAST + LLM Interprocedural Context Extractorβ139Updated 2 weeks ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β129Updated 3 months ago
- β100Updated 9 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.β253Updated last week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β79Updated last week
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β81Updated this week
- Manager of third-party sources of Semgrep rules πβ90Updated last year
- Low-effort reachability analysis for third-party code vulnerabilities.β21Updated 2 years ago
- Data about all known supply-chain attacks through historyβ61Updated 5 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β74Updated 2 years ago
- CodeQL queries developed by Trail of Bitsβ135Updated 3 weeks ago
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β65Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β138Updated last year
- A static analyzer powered by AIβ22Updated last year
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β52Updated last year
- A dataset of software supply chain compromises. Please help us maintain it!β130Updated 3 years ago
- Monthly CVE Statsβ43Updated 2 weeks ago
- πA cutting edge context aware GraphQL API fuzzing tool!β154Updated 2 months ago
- Automated vulnerability discovery and annotationβ67Updated last year
- A comprehensive list of software composition analysis tools.β157Updated 3 weeks ago
- β51Updated last year
- Tool to guess CPE name based on common software nameβ106Updated 2 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated 2 weeks ago