Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€
β141May 3, 2026Updated last month
Alternatives and similar repositories for vscode-security-notes
Users that are interested in vscode-security-notes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β59Jun 11, 2026Updated 2 weeks ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61May 15, 2023Updated 3 years ago
- β14Apr 23, 2019Updated 7 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ111Jan 30, 2025Updated last year
- Awesome secure by default libraries to help you eliminate bug classes!β708Dec 6, 2025Updated 6 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Compares and analyzes GCP IAM roles.β78Mar 9, 2025Updated last year
- β192Apr 16, 2025Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Jan 18, 2022Updated 4 years ago
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behaviorβ62Feb 16, 2026Updated 4 months ago
- An extension to use Semgrep inside Burp Suite.β90May 23, 2025Updated last year
- A curated list of Awesome Security Challenges.β211Nov 6, 2024Updated last year
- β106Jan 3, 2023Updated 3 years ago
- HashiCorp-relevant rules for the Semgrep code analysis toolβ42Oct 3, 2023Updated 2 years ago
- SecureEye is an AI tool for secure code review. It assesses code for vulnerabilities, and common attack vectorsβ14May 21, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- An injector that use PT_LOAD techniqueβ12Nov 27, 2022Updated 3 years ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently β¦β363Apr 21, 2026Updated 2 months ago
- β17May 16, 2022Updated 4 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightingsβ82Jul 25, 2022Updated 3 years ago
- β114Jun 8, 2023Updated 3 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Secβ¦β332Jun 10, 2026Updated 2 weeks ago
- micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveraginβ¦β49Jun 22, 2026Updated last week
- List of custom Nuclei templatesβ16Nov 4, 2023Updated 2 years ago
- β44Jun 22, 2026Updated last week
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.β62Nov 11, 2024Updated last year
- Proof of Concepts for unsafe deserialization in Rubyβ17Oct 17, 2024Updated last year
- Secrets scanner that understands codeβ192Nov 2, 2023Updated 2 years ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructureβ47Dec 29, 2023Updated 2 years ago
- Proof of concept code for Datadog Security Labs referenced exploits.β448Jun 16, 2026Updated 2 weeks ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β280Sep 11, 2025Updated 9 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.β343Jun 19, 2026Updated last week
- Kubernetes Pwnage for allβ59Nov 14, 2020Updated 5 years ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β90Jan 28, 2024Updated 2 years ago
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- AttachΓ© provides an emulation layer for Cloud Provider IMDS APIsβ59Jun 21, 2026Updated last week
- ποΈ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.β76Aug 22, 2024Updated last year
- A meta-database collecting resources that compile lists of breachesβ22Oct 30, 2025Updated 8 months ago
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports fβ¦β143Jan 24, 2023Updated 3 years ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.β268Mar 30, 2026Updated 3 months ago
- A PoC to Simulate Ransomware Attack on AWS Environmentβ33Oct 14, 2024Updated last year
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β47Aug 16, 2024Updated last year