JLLeitschuh / bulk-security-pr-generator
Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
β34Updated 2 months ago
Alternatives and similar repositories for bulk-security-pr-generator:
Users that are interested in bulk-security-pr-generator are comparing it to the libraries listed below
- Externalize Java application access to protected resources as log messages.β41Updated this week
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.β24Updated 3 years ago
- Manager of third-party sources of Semgrep rules πβ81Updated 9 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β142Updated last year
- How GitHub Actions workflows can be hackedβ150Updated 8 months ago
- *Unofficial* lgtm.com CLI β Use at your own risk. Also don't add more than 3K projects to "My projects" list.β13Updated 3 years ago
- A community collection of security reviews of open source software components.β93Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.β37Updated 3 years ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.β56Updated 7 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.β118Updated last year
- β70Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β76Updated 3 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.β155Updated 8 months ago
- β189Updated 5 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β39Updated 4 months ago
- Assorted tools for security-related task for git repositoriesβ59Updated 3 years ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 3 weeks ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)β23Updated 10 months ago
- Trail of Bits Testing Handbookβ72Updated 2 weeks ago
- A Node.js vulnerability finding tool.β96Updated 4 years ago
- β126Updated 9 months ago
- A curated list of awesome browser security learning material.β141Updated 2 years ago
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning β¦β41Updated 10 months ago
- ZAP Management Scriptsβ23Updated this week
- A collection of my Semgrep rulesβ49Updated last year
- SARIF Microsoft Visual Studio Code extensionβ114Updated last week
- Security scanning & static analysis toolβ94Updated 6 months ago
- CVE databaseβ22Updated 4 years ago
- Dependency Combobulatorβ93Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ104Updated 2 months ago