Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€
β142Nov 3, 2025Updated 3 months ago
Alternatives and similar repositories for vscode-security-notes
Users that are interested in vscode-security-notes are comparing it to the libraries listed below
Sorting:
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61May 15, 2023Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ107Jan 30, 2025Updated last year
- β14Apr 23, 2019Updated 6 years ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.β61Nov 11, 2024Updated last year
- Awesome secure by default libraries to help you eliminate bug classes!β700Dec 6, 2025Updated 2 months ago
- Compares and analyzes GCP IAM roles.β78Mar 9, 2025Updated 11 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Jan 18, 2022Updated 4 years ago
- β192Apr 16, 2025Updated 10 months ago
- micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveraginβ¦β44Updated this week
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently β¦β315Jan 25, 2026Updated last month
- An extension to use Semgrep inside Burp Suite.β88May 23, 2025Updated 9 months ago
- GitHub Actions Pipeline Enumeration and Attack Toolβ730Sep 17, 2025Updated 5 months ago
- β114Jun 8, 2023Updated 2 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)β61Apr 16, 2025Updated 10 months ago
- SharePoint Security Auditorβ21Jan 16, 2016Updated 10 years ago
- β57Feb 9, 2026Updated 2 weeks ago
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behaviorβ32Feb 16, 2026Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Oct 3, 2023Updated 2 years ago
- β32Updated this week
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalationβ109Feb 16, 2024Updated 2 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Secβ¦β322Aug 13, 2025Updated 6 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructureβ49Dec 29, 2023Updated 2 years ago
- This is a collection of threat detection rules / rules engines that I have come across.β296May 5, 2024Updated last year
- Kubernetes Pwnage for allβ57Nov 14, 2020Updated 5 years ago
- An injector that use PT_LOAD techniqueβ12Nov 27, 2022Updated 3 years ago
- β105Jan 3, 2023Updated 3 years ago
- A PoC to Simulate Ransomware Attack on AWS Environmentβ33Oct 14, 2024Updated last year
- Proof of concept code for Datadog Security Labs referenced exploits.β449Feb 13, 2026Updated 2 weeks ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β88Jan 28, 2024Updated 2 years ago
- A curated list of Awesome Security Challenges.β211Nov 6, 2024Updated last year
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.β338Feb 13, 2026Updated 2 weeks ago
- List of custom Nuclei templatesβ16Nov 4, 2023Updated 2 years ago
- β19Oct 2, 2022Updated 3 years ago
- Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets oβ¦β17Apr 6, 2023Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dllβ14Feb 4, 2022Updated 4 years ago
- python3 scripts to help with aws triage needsβ15Feb 11, 2022Updated 4 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β47Aug 16, 2024Updated last year
- Static security checker for Dockerfilesβ104Jan 29, 2026Updated last month
- Proof of Concepts for unsafe deserialization in Rubyβ17Oct 17, 2024Updated last year