AppThreat / atomLinks
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
β67Updated last week
Alternatives and similar repositories for atom
Users that are interested in atom are comparing it to the libraries listed below
Sorting:
- Code Hierarchy Exploration Net (chen)β21Updated last week
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β39Updated 6 months ago
- Manager of third-party sources of Semgrep rules πβ87Updated 11 months ago
- Trail of Bits Testing Handbookβ76Updated 2 weeks ago
- β71Updated 4 months ago
- XBOW Validation Benchmarksβ104Updated last week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β145Updated last year
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β75Updated last month
- πA cutting edge context aware GraphQL API fuzzing tool!β141Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β120Updated last week
- A static analyzer powered by AIβ21Updated 10 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β135Updated last year
- A very simple open source implementation of Google's Project Naptimeβ155Updated 2 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β65Updated 11 months ago
- CodeQL queries developed by Trail of Bitsβ99Updated 2 weeks ago
- Analysis of the Enterprise SAST/DAST product landscapeβ37Updated last year
- Low-effort reachability analysis for third-party code vulnerabilities.β20Updated last year
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 2 months ago
- β45Updated 11 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.β23Updated 3 years ago
- Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, fβ¦β61Updated 3 weeks ago
- The Cloud Property Graph is based on a Code Property Graph and tries to connect static code analysis and Cloud runtime assessment.β25Updated 5 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio�β120Updated 4 months ago
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of hβ¦β36Updated 3 months ago
- β196Updated 7 months ago
- A collection of permissively licensed Semgrep rules.β12Updated 11 months ago
- A project to visualize the software supply chainβ51Updated last year
- β111Updated 2 years ago
- Sharing software supply chain security open source projectsβ50Updated 2 years ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ89Updated last month