AppThreat / atomLinks
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
β81Updated last week
Alternatives and similar repositories for atom
Users that are interested in atom are comparing it to the libraries listed below
Sorting:
- Code Hierarchy Exploration Net (chen)β24Updated last week
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β42Updated last year
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules πβ97Updated 3 weeks ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β159Updated last year
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and versβ¦β134Updated last month
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.β292Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β79Updated last week
- Data about all known supply-chain attacks through historyβ63Updated 7 months ago
- Trail of Bits Testing Handbook - appsec.guideβ89Updated last week
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ139Updated 10 months ago
- Low-effort reachability analysis for third-party code vulnerabilities.β22Updated 2 years ago
- A very simple open source implementation of Google's Project Naptimeβ181Updated 9 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β75Updated 2 years ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β139Updated last year
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated 2 months ago
- Browser based Privacy Aware SBoM Explorationβ27Updated 2 weeks ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β55Updated last year
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMsβ37Updated this week
- β52Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β68Updated 6 months ago
- SAST + LLM Interprocedural Context Extractorβ174Updated 2 months ago
- Demonstrates how a malicious dependency could negatively impact the build output.β25Updated 2 years ago
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of hβ¦β65Updated 10 months ago
- A community collection of security reviews of open source software components.β96Updated last year
- Monthly CVE Statsβ43Updated 2 weeks ago
- π π½ analyzes your github actionsβ97Updated last week
- Fork Threat Modeling Platform - Communityβ27Updated 3 months ago
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β90Updated last week
- A place to systematically store software bill of materials (SBOM) documents.β50Updated 2 years ago
- A dataset of software supply chain compromises. Please help us maintain it!β129Updated 3 years ago