Checkmarx / chainalert-github-action
scans popular packages and alerts in cases there is suspicion of an account takeover
☆41Updated 3 years ago
Alternatives and similar repositories for chainalert-github-action:
Users that are interested in chainalert-github-action are comparing it to the libraries listed below
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆91Updated this week
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆58Updated 2 years ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆37Updated 3 years ago
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 8 months ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆46Updated 2 years ago
- Enrich SBOMs with data from third party services☆168Updated 3 weeks ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆154Updated 7 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆134Updated this week
- GitHub Advanced Security Policy as Code☆82Updated last week
- Scans your Github Actions for security issues☆64Updated 2 months ago
- This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided h…☆11Updated last year
- ☆100Updated 3 weeks ago
- boostsecurityio/poutine☆266Updated last week
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Runtime Security Solution for your CI/CD Pipeline☆101Updated last month
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆92Updated 2 months ago
- GitGuardian Canary Tokens☆133Updated last year
- OpenSSF Security Tooling Working Group☆308Updated 11 months ago
- Overlay is a browser extension helping developers evaluate open source packages before picking them☆224Updated last year
- GitHub action to generate a CycloneDX SBOM for Node.js☆21Updated 3 months ago
- The source files and tools needed to build the OWASP Cornucopia decks in various languages☆61Updated this week
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆24Updated last year
- Dependency Combobulator☆93Updated last year
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆114Updated last week
- Sharing software supply chain security open source projects☆49Updated 2 years ago
- WIP - A tutorial for OWASP ZAP☆12Updated 5 years ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆304Updated this week
- OpenVEX Specification☆145Updated 3 weeks ago
- Orchestrate GitHub Actions Security☆282Updated last week
- Repository for on-going work as part of the AIBOM Tiger Team effort.☆20Updated 7 months ago