Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
☆150Sep 4, 2020Updated 5 years ago
Alternatives and similar repositories for sast-scan
Users that are interested in sast-scan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆874Sep 1, 2023Updated 2 years ago
- Jess is short for Joern extended by Semantic Slicing. This tool allows you to import C code into a Code Property Graph, and then compute …☆17May 22, 2024Updated 2 years ago
- ☆18Mar 31, 2026Updated last month
- Static code auditing system☆468Jan 8, 2021Updated 5 years ago
- ☆15Jul 11, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Scripting Assembly Language☆12Sep 2, 2015Updated 10 years ago
- GitHub Action adding a comment with information about new npm dependencies detected in a pull request☆17Mar 30, 2024Updated 2 years ago
- ☆232Apr 24, 2026Updated 3 weeks ago
- Generic server for collaborative code analysis☆13Dec 19, 2016Updated 9 years ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆426Nov 14, 2024Updated last year
- Web Input Vector Extractor Teaser☆129Jan 6, 2022Updated 4 years ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Aug 30, 2018Updated 7 years ago
- This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites☆26May 14, 2023Updated 3 years ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆552Apr 10, 2022Updated 4 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆107Apr 2, 2026Updated last month
- A Java library for parsing and programmatically using threat models☆82Feb 15, 2023Updated 3 years ago
- Linux/Unix config Checking tools☆13Jun 6, 2014Updated 11 years ago
- ☆19Feb 1, 2016Updated 10 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆91Jan 22, 2025Updated last year
- Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。☆345Dec 14, 2022Updated 3 years ago
- Kubernetes tools in a "distroless" container☆13Oct 30, 2023Updated 2 years ago
- ☆187Feb 20, 2025Updated last year
- Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by…☆21Jun 6, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 🚰 Static taint analysis for Go programs.☆81Apr 17, 2026Updated last month
- Collection of enterprise application patterns☆18Updated this week
- Snyk Node Runtime Agent☆16Apr 12, 2022Updated 4 years ago
- A Security Scanner for Go☆26Feb 11, 2019Updated 7 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆51Aug 8, 2023Updated 2 years ago
- os fingerprint probe through smb☆10Jun 24, 2021Updated 4 years ago
- A companion repo to accompany detailed guides and YouTube content to allow users to follow along☆13Aug 29, 2020Updated 5 years ago
- Ready to use images of Zap and Glue, especially for CI integration.☆35Mar 12, 2019Updated 7 years ago
- Pin designs for security related items☆37Feb 16, 2026Updated 3 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An AWS Lambda Port Scanner and SSL expiry checker☆12Dec 4, 2016Updated 9 years ago
- A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC☆32Apr 30, 2026Updated 3 weeks ago
- nodejsscan is a static security code scanner for Node.js applications.☆2,559Oct 10, 2025Updated 7 months ago
- Making CoreOS' Clair easily work in CI/CD pipelines☆29Sep 10, 2023Updated 2 years ago
- ArmourBird CSF - Container Security Framework☆44Apr 22, 2022Updated 4 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆80Apr 4, 2019Updated 7 years ago
- Periodically scan target ranges using nmap, ndiff and emailing changes☆11Jan 13, 2017Updated 9 years ago