Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
☆150Sep 4, 2020Updated 5 years ago
Alternatives and similar repositories for sast-scan
Users that are interested in sast-scan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆875Sep 1, 2023Updated 2 years ago
- Jess is short for Joern extended by Semantic Slicing. This tool allows you to import C code into a Code Property Graph, and then compute …☆17May 22, 2024Updated 2 years ago
- ☆18Mar 31, 2026Updated 2 months ago
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,244May 27, 2026Updated 2 weeks ago
- ☆243Jun 3, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A simple web app to get the latest EPSS data for a CVE ID☆13Dec 14, 2025Updated 5 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆426Nov 14, 2024Updated last year
- Web Input Vector Extractor Teaser☆130Jan 6, 2022Updated 4 years ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Aug 30, 2018Updated 7 years ago
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆33Apr 27, 2026Updated last month
- This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites☆26May 14, 2023Updated 3 years ago
- Provides an easy way to collect and send Slack access & integration logs.☆13Oct 19, 2021Updated 4 years ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆552Apr 10, 2022Updated 4 years ago
- MyOpenVDP is a free web application to install a vulnerability disclosure policy or a vulnerability disclosure program on your assets. (V…☆36Aug 8, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Linux/Unix config Checking tools☆13Jun 6, 2014Updated 12 years ago
- SARIF Microsoft Visual Studio Code extension☆135Feb 14, 2026Updated 3 months ago
- ☆19Feb 1, 2016Updated 10 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆91Jan 22, 2025Updated last year
- Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。☆342Dec 14, 2022Updated 3 years ago
- Terraform module which provides easy to configure AWS environment for running automated security scanning solutions at scheduled interval…☆47Jan 29, 2019Updated 7 years ago
- Kubernetes tools in a "distroless" container☆13Oct 30, 2023Updated 2 years ago
- A framework for interacting with HCL AppScan on Cloud and HCL AppScan Enterprise☆12Mar 3, 2023Updated 3 years ago
- Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by…☆22Jun 6, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 🚰 Static taint analysis for Go programs.☆83May 21, 2026Updated 3 weeks ago
- Collection of enterprise application patterns☆18May 18, 2026Updated 3 weeks ago
- Snyk Node Runtime Agent☆16Apr 12, 2022Updated 4 years ago
- ICSE 2018 paper implement☆18Jan 8, 2019Updated 7 years ago
- ☆13Feb 17, 2016Updated 10 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆51Aug 8, 2023Updated 2 years ago
- A companion repo to accompany detailed guides and YouTube content to allow users to follow along☆13Aug 29, 2020Updated 5 years ago
- Ready to use images of Zap and Glue, especially for CI integration.☆35Mar 12, 2019Updated 7 years ago
- Pin designs for security related items☆37Feb 16, 2026Updated 3 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Python API & MCP server to find torrents programmatically☆23Apr 30, 2026Updated last month
- An AWS Lambda Port Scanner and SSL expiry checker☆12Dec 4, 2016Updated 9 years ago
- Making CoreOS' Clair easily work in CI/CD pipelines☆29Sep 10, 2023Updated 2 years ago
- Python script to create CSV, HTML & PDF filtered for repo tags☆13Jul 26, 2024Updated last year
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆37Apr 21, 2020Updated 6 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆80Apr 4, 2019Updated 7 years ago
- Periodically scan target ranges using nmap, ndiff and emailing changes☆11Jan 13, 2017Updated 9 years ago