Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
☆882Sep 1, 2023Updated 2 years ago
Alternatives and similar repositories for sast-scan
Users that are interested in sast-scan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,260May 27, 2026Updated last month
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆149Sep 4, 2020Updated 5 years ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆553Apr 10, 2022Updated 4 years ago
- ☆18Jun 22, 2026Updated last week
- Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.☆1,321May 24, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,789Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,189Jun 22, 2026Updated last week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,980Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆15,648Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,461Jun 11, 2025Updated last year
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆618Feb 10, 2026Updated 4 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,657Jun 22, 2026Updated last week
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,690Updated this week
- secureCodeBox (SCB) - continuous secure delivery out of the box☆976Updated this week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,597Updated this week
- grep rough audit - source code auditing tool☆1,681Dec 19, 2025Updated 6 months ago
- Code Property Graph: specification, query language, and utilities☆589Jun 2, 2026Updated 3 weeks ago
- Multi-Cloud Security Auditing Tool☆7,721Sep 23, 2025Updated 9 months ago
- Open Source Vulnerability Management Platform☆6,598Jun 23, 2026Updated last week
- A vulnerability scanner for container images and filesystems☆12,487Updated this week
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆434Nov 14, 2024Updated last year
- ☆27Sep 15, 2022Updated 3 years ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,209Nov 20, 2025Updated 7 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,430Mar 26, 2026Updated 3 months ago
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆9,172Updated this week
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,762Aug 2, 2024Updated last year
- An enterprise friendly way of detecting and preventing secrets in code.☆4,578Apr 2, 2026Updated 2 months ago
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆14,067Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,564Oct 10, 2025Updated 8 months ago
- Open Source Cloud Native Application Protection Platform (CNAPP)☆5,291Jun 1, 2026Updated last month
- Granular, Actionable Adversary Emulation for the Cloud☆2,349Jun 16, 2026Updated 2 weeks ago
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,461May 25, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Find, verify, and analyze leaked credentials☆26,882Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆29,391Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆998Updated this week
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,248May 19, 2026Updated last month
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆3,300Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,470Apr 17, 2026Updated 2 months ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,172Dec 8, 2022Updated 3 years ago