ShiftLeftSecurity / shiftleft-scan-vscode

Related projects: ⓘ

• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆49Updated 5 months ago
• cxai / Checkmarx-PowerTools
  A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
  ☆14Updated 6 years ago
• synopsys-sig / tslint-angular-security
  TSLint rules for Angular
  ☆18Updated 5 years ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆23Updated 2 years ago
• brompwnie / cve-2020-5260
  A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku
  ☆37Updated 4 years ago
• advanced-security / custom-codeql-bundle
  An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…
  ☆25Updated 2 years ago
• GitHubSecurityLab / gh-qldb
  CodeQL database manager
  ☆44Updated 7 months ago
• xfhg / intercept
  INTERCEPT / Policy as Code Auditing & Compliance
  ☆82Updated this week
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 4 months ago
• knqyf263 / remic
  Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies
  ☆23Updated 5 years ago
• ropnop / pentest_charts
  Some helpful Helm Charts for pentesters
  ☆38Updated 5 years ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆23Updated last year
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆102Updated 9 months ago
• Contrast-Security-OSS / vulnerable-spring-boot-application
  ☆13Updated 5 months ago
• Semmle / demos
  This repo has been migrated to https://github.com/github/security-lab/tree/master/CodeQL_Queries
  ☆25Updated 4 years ago
• LewisArdern / eslint-plugin-prototype-pollution-security-rules
  ☆16Updated 5 years ago
• appsecco / owasp-webgoat-dot-net-docker
  Docker container for running OWASP WebGoat.NET application
  ☆11Updated 6 years ago
• bgeesaman / subpath-exploit
  Writeup of CVE-2017-1002101 with sample "exploit"/escape
  ☆35Updated 6 years ago
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆42Updated 9 months ago
• OWASP / www-project-dependency-check
  OWASP Foundation Web Respository
  ☆13Updated 2 months ago
• gagliardetto / codemill
  CodeQL model generation for Go.
  ☆17Updated 3 years ago
• Semmle / SecurityQueries
  Deprecated: Please visit https://github.com/github/codeql instead.
  ☆81Updated 2 years ago
• spaceraccoon / npm-scan
  An extensible, heuristic-based vulnerability scanning tool for installed npm packages
  ☆49Updated 3 years ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆84Updated 5 years ago
• cldrn / codeql-queries
  My CodeQL queries collection
  ☆93Updated last year
• assetnote / kitebuilder
  ☆22Updated 7 months ago
• find-sec-bugs / find-sec-bugs-demos
  Repository to showcase various configuration recipes with various technologies
  ☆35Updated last year
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• advanced-security / codeql-bundle-action
  Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
  ☆19Updated 4 months ago
• olivo / redos-detector
  A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.
  ☆33Updated 8 years ago