ShiftLeftSecurity / shiftleft-scan-vscode
ShiftLeft Scan is a free and open-source commercial-grade security tool for modern DevOps teams.
☆13Updated 2 years ago
Alternatives and similar repositories for shiftleft-scan-vscode:
Users that are interested in shiftleft-scan-vscode are comparing it to the libraries listed below
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆58Updated last week
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 3 years ago
- TSLint rules for Angular☆18Updated 6 years ago
- Intentionally vulnerable Go web app.☆43Updated 2 months ago
- Writeup of CVE-2017-1002101 with sample "exploit"/escape☆35Updated 7 years ago
- A Security Scanner for Go☆26Updated 6 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆24Updated 3 years ago
- INTERCEPT / Policy as Code Auditing & Compliance☆84Updated 3 months ago
- Generic SAST Library☆131Updated 5 months ago
- Externalize Java application access to protected resources as log messages.☆41Updated this week
- Docker container for running OWASP WebGoat.NET application☆11Updated 6 years ago
- ☆14Updated last year
- My custom semgrep rules☆21Updated 4 years ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Updated 6 years ago
- ☆60Updated 2 years ago
- SARIF Microsoft Visual Studio Code extension☆114Updated last week
- Some helpful Helm Charts for pentesters☆39Updated 6 years ago
- A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.☆42Updated 7 years ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆118Updated last year
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 3 years ago
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 3 years ago
- JWT fuzzer☆106Updated 6 years ago
- A collection of my Semgrep rules☆49Updated last year
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆56Updated 7 months ago
- CodeQL database manager☆48Updated last week
- An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…☆25Updated 2 years ago
- ☆20Updated 6 years ago
- Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…☆24Updated 2 years ago
- Tools for conducting analysis of CVE data in Elasticsearch☆74Updated 2 weeks ago
- Proof of Concept exploit for Kubernetes CVE-2020-8559☆20Updated 4 years ago