ShiftLeftSecurity / shiftleft-scan-vscode
ShiftLeft Scan is a free and open-source commercial-grade security tool for modern DevOps teams.
☆13Updated 2 years ago
Alternatives and similar repositories for shiftleft-scan-vscode:
Users that are interested in shiftleft-scan-vscode are comparing it to the libraries listed below
- TSLint rules for Angular☆18Updated 6 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆59Updated 2 weeks ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Updated 6 years ago
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 3 years ago
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- Generic SAST Library☆130Updated 4 months ago
- An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…☆25Updated 2 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- Joern Workshops☆25Updated 2 months ago
- A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku☆37Updated 4 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆142Updated last year
- Externalize Java application access to protected resources as log messages.☆41Updated 10 months ago
- A Security Scanner for Go☆26Updated 6 years ago
- CodeQL database manager☆48Updated 2 weeks ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆115Updated last year
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆44Updated 9 months ago
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 3 years ago
- Writeup of CVE-2017-1002101 with sample "exploit"/escape☆35Updated 7 years ago
- A collection of my Semgrep rules☆48Updated last year
- JWT fuzzer☆105Updated 6 years ago
- SARIF Microsoft Visual Studio Code extension☆113Updated last week
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆56Updated 6 months ago
- Kubernetes Pwnage for all☆56Updated 4 years ago
- Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…☆12Updated 4 years ago
- ☆14Updated 11 months ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- Scan pypi for typosquatting☆38Updated 2 years ago
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Updated last year
- INTERCEPT / Policy as Code Auditing & Compliance☆84Updated 2 months ago
- Salesforce Policy Deviation Checker☆30Updated 4 years ago