JLLeitschuh / bulk-security-pr-generator

Related projects: ⓘ

• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆138Updated 6 months ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆23Updated 2 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 4 months ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆74Updated 2 months ago
• JLLeitschuh / security-research
  Public disclosure channel for security vulnerabilities
  ☆16Updated 9 months ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆92Updated last year
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆102Updated 9 months ago
• elttam / semgrep-rules
  ☆173Updated 6 months ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆205Updated 4 months ago
• ettic-team / EndpointFinder
  ☆51Updated 3 months ago
• ossf / omega-triage-portal
  ☆13Updated 10 months ago
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆129Updated this week
• nikitastupin / pwnhub
  How GitHub Actions workflows can be hacked
  ☆100Updated 3 weeks ago
• ajxchapman / ReServ
  A set of simple servers (currently HTTP/HTTPS and DNS) which allow configurable and scriptable responses to network requests.
  ☆59Updated 2 years ago
• pownjs / git
  Assorted tools for security-related task for git repositories
  ☆59Updated 2 years ago
• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• gagliardetto / lgtm-cli
  *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.
  ☆13Updated 2 years ago
• ajinabraham / libsast
  Generic SAST Library
  ☆123Updated 2 months ago
• regilero / HTTPWookiee
  HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…
  ☆49Updated 6 years ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆40Updated 2 years ago
• parsiya / eslinter
  Manual JavaScript Linting is a Bug
  ☆49Updated 3 years ago
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆49Updated 5 months ago
• TinderSec / gh-workflow-auditor
  Script to audit GitHub Action Workflow files for potential vulnerabilities.
  ☆147Updated 3 weeks ago
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆41Updated 3 months ago
• GitHubSecurityLab / CodeQL-Community-Packs
  Collection of community-driven CodeQL query, library and extension packs
  ☆64Updated last month
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆110Updated this week
• salesforce / DazedAndConfused
  ☆43Updated this week
• ShiftLeftSecurity / shiftleft-scan-vscode
  ShiftLeft Scan is a free and open-source commercial-grade security tool for modern DevOps teams.
  ☆12Updated last year
• appsecco / defcon-26-workshop-attacking-and-auditing-docker-containers
  DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
  ☆106Updated 4 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 6 months ago