Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
☆150Sep 4, 2020Updated 5 years ago
Alternatives and similar repositories for sast-scan
Users that are interested in sast-scan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆870Sep 1, 2023Updated 2 years ago
- Jess is short for Joern extended by Semantic Slicing. This tool allows you to import C code into a Code Property Graph, and then compute …☆17May 22, 2024Updated last year
- ☆18Updated this week
- Static code auditing system☆468Jan 8, 2021Updated 5 years ago
- KiMi 漏洞感知机器人扫描框架 @KiMi-VulnBot @KiMiThreatPerception☆23Jul 25, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,220Mar 9, 2026Updated 3 weeks ago
- GitHub Action adding a comment with information about new npm dependencies detected in a pull request☆17Mar 30, 2024Updated 2 years ago
- ☆229Dec 18, 2025Updated 3 months ago
- A simple web app to get the latest EPSS data for a CVE ID☆12Dec 14, 2025Updated 3 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆425Nov 14, 2024Updated last year
- Web Input Vector Extractor Teaser☆132Jan 6, 2022Updated 4 years ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Aug 30, 2018Updated 7 years ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆551Apr 10, 2022Updated 3 years ago
- ☆108Updated this week
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A Java library for parsing and programmatically using threat models☆82Feb 15, 2023Updated 3 years ago
- Linux/Unix config Checking tools☆13Jun 6, 2014Updated 11 years ago
- ☆19Feb 1, 2016Updated 10 years ago
- Notes for the SCS-C01: AWS Certified Security - Specialty exam.☆14Jun 2, 2024Updated last year
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆91Jan 22, 2025Updated last year
- Terraform module which provides easy to configure AWS environment for running automated security scanning solutions at scheduled interval…☆46Jan 29, 2019Updated 7 years ago
- A framework for interacting with HCL AppScan on Cloud and HCL AppScan Enterprise☆12Mar 3, 2023Updated 3 years ago
- Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by…☆22Jun 6, 2022Updated 3 years ago
- 🚰 Static taint analysis for Go programs.☆81Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Collection of enterprise application patterns☆18Apr 27, 2019Updated 6 years ago
- Snyk Node Runtime Agent☆16Apr 12, 2022Updated 3 years ago
- ICSE 2018 paper implement☆18Jan 8, 2019Updated 7 years ago
- Docker + CVE-2015-2925 = escaping from --volume☆11Jun 30, 2015Updated 10 years ago
- A Security Scanner for Go☆26Feb 11, 2019Updated 7 years ago
- ☆13Feb 17, 2016Updated 10 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆52Aug 8, 2023Updated 2 years ago
- Python API & MCP server to find torrents programmatically☆21Mar 8, 2026Updated 3 weeks ago
- A companion repo to accompany detailed guides and YouTube content to allow users to follow along☆13Aug 29, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Pin designs for security related items☆37Feb 16, 2026Updated last month
- An AWS Lambda Port Scanner and SSL expiry checker☆12Dec 4, 2016Updated 9 years ago
- A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC☆32Feb 4, 2026Updated 2 months ago
- javaweb-codereview☆30Jan 22, 2019Updated 7 years ago
- Network security exercises in a SDN made from handcrafted packets☆27Nov 11, 2016Updated 9 years ago
- Making CoreOS' Clair easily work in CI/CD pipelines☆29Sep 10, 2023Updated 2 years ago
- 三方依赖库扫描系统☆91Jun 10, 2021Updated 4 years ago