AppThreat / atomLinks
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
β78Updated last week
Alternatives and similar repositories for atom
Users that are interested in atom are comparing it to the libraries listed below
Sorting:
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated last year
- A very simple open source implementation of Google's Project Naptimeβ176Updated 9 months ago
- Code Hierarchy Exploration Net (chen)β24Updated last week
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ138Updated 10 months ago
- Trail of Bits Testing Handbook - appsec.guideβ87Updated this week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β157Updated last year
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.β286Updated last week
- Manager of third-party sources of Semgrep rules πβ92Updated last year
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β79Updated last month
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and versβ¦β133Updated last week
- SAST + LLM Interprocedural Context Extractorβ169Updated 2 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β139Updated last year
- β52Updated last year
- CodeQL queries developed by Trail of Bitsβ137Updated last week
- Low-effort reachability analysis for third-party code vulnerabilities.β22Updated 2 years ago
- Automated vulnerability discovery and annotationβ67Updated last year
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of hβ¦β60Updated 10 months ago
- πA cutting edge context aware GraphQL API fuzzing tool!β156Updated last week
- Data about all known supply-chain attacks through historyβ63Updated 7 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β68Updated 6 months ago
- A static analyzer powered by AIβ23Updated last year
- Fork Threat Modeling Platform - Communityβ27Updated 2 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated last month
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β56Updated last year
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β75Updated 2 years ago
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β84Updated this week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ99Updated 2 months ago
- Golem automates C/C++ vulnerability discovery with SemGrep+LLVM+LLMβ95Updated 6 months ago
- Metis is an open-source, AI-driven tool for deep security code reviewβ429Updated this week
- A comprehensive list of software composition analysis tools.β159Updated 2 months ago