OWASP / sonarqube

Related projects ⓘ

Alternatives and complementary repositories for sonarqube

• jenkinsci / zap-plugin
  The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.
  ☆58Updated last month
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆69Updated last year
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆115Updated last year
• ing-bank / bdd-mobile-security-automation-framework
  Mobile Security testing Framework
  ☆40Updated 6 years ago
• augustd / owasp-security-logging
  OWASP Security Logging library for Java
  ☆115Updated 11 months ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆187Updated 6 years ago
• oshp / headers
  An application to catch, search and analyze HTTP secure headers.
  ☆63Updated 3 years ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆129Updated last week
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 8 years ago
• OWASP / Container-Security-Verification-Standard
  Container Security Verification Standard
  ☆57Updated 5 years ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆200Updated this week
• Skyscanner / sonar-secrets
  SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
  ☆100Updated 11 months ago
• stevespringett / threatmodel-sdk
  A Java library for parsing and programmatically using threat models
  ☆79Updated last year
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆44Updated this week
• denimgroup / threadfix
  ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…
  ☆340Updated last year
• jenkinsci / checkmarx-plugin
  This plugin adds an ability to perform automatic code scan by Checkmarx server and shows results summary and trend in Jenkins interface.
  ☆42Updated 3 weeks ago
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 6 years ago
• Contrast-Security-OSS / sheepdog
  ☆17Updated last month
• OpenSecuritySummit / oss2019
  Open Security Summit 2019
  ☆25Updated 3 years ago
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 7 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆128Updated 3 years ago
• microsoft / threat-modeling-templates
  Microsoft Threat Modeling Template files
  ☆180Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆134Updated 6 months ago
• DinisCruz / Book_SecDevOps_Risk_Workflow
  Content for 'JIRA Risk Project' book published at LeanPub
  ☆56Updated 6 years ago
• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆177Updated 5 years ago
• SecurityRAT / SecurityRAT
  OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
  ☆173Updated 3 months ago
• RIGS-IT / sonar-xanitizer
  Integrates Xanitizer results into SonarQube
  ☆21Updated 3 years ago
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆206Updated 2 years ago
• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆278Updated last year
• GDSSecurity / GDS-PMD-Security-Rules
  Custom security ruleset for the popular Java static analysis tool PMD.
  ☆61Updated 8 years ago