JLLeitschuh / bulk-security-pr-generator
Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
☆33Updated last month
Related projects: ⓘ
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆138Updated 6 months ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 4 months ago
- Manager of third-party sources of Semgrep rules 🗂☆74Updated 2 months ago
- Public disclosure channel for security vulnerabilities☆16Updated 9 months ago
- Security scanning & static analysis tool☆92Updated last year
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆102Updated 9 months ago
- ☆173Updated 6 months ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆205Updated 4 months ago
- ☆51Updated 3 months ago
- ☆13Updated 10 months ago
- Post Processor for Facebook Static Analysis Tools.☆129Updated this week
- How GitHub Actions workflows can be hacked☆100Updated 3 weeks ago
- A set of simple servers (currently HTTP/HTTPS and DNS) which allow configurable and scriptable responses to network requests.☆59Updated 2 years ago
- Assorted tools for security-related task for git repositories☆59Updated 2 years ago
- CVE database☆22Updated 4 years ago
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 2 years ago
- Generic SAST Library☆123Updated 2 months ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆40Updated 2 years ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆49Updated 5 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆147Updated 3 weeks ago
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆41Updated 3 months ago
- Collection of community-driven CodeQL query, library and extension packs☆64Updated last month
- SARIF Microsoft Visual Studio Code extension☆110Updated this week
- ☆43Updated this week
- ShiftLeft Scan is a free and open-source commercial-grade security tool for modern DevOps teams.☆12Updated last year
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆106Updated 4 years ago
- A community collection of security reviews of open source software components.☆92Updated 6 months ago