advanced-security / codeql-workshops-staging

Related projects: ⓘ

• advanced-security / codeql-queries
  [Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instea…
  ☆80Updated 4 months ago
• advanced-security / codeql-bundle-action
  Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
  ☆19Updated 4 months ago
• advanced-security / gh-codeql-scan
  GH CLI CodeQL Scan Extension
  ☆17Updated this week
• advanced-security / custom-codeql-bundle
  An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…
  ☆25Updated 2 years ago
• advanced-security / advanced-security-material
  ☆65Updated 3 weeks ago
• advanced-security / secret-scanning-review-action
  Action to detect if a secret is initially detected in a PR commit
  ☆11Updated 2 weeks ago
• GeekMasher / ghastoolkit
  GitHub Advanced Security Python Toolkit
  ☆12Updated this week
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆74Updated last month
• GitHubSecurityLab / CodeQL-Community-Packs
  Collection of community-driven CodeQL query, library and extension packs
  ☆64Updated last month
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆102Updated 9 months ago
• elttam / semgrep-rules
  ☆173Updated 6 months ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆138Updated 6 months ago
• david-wiggs / codeql-anywhere
  Put the power of CodeQL in your pocket, take it with you to any CI 🚀
  ☆11Updated 10 months ago
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆49Updated 5 months ago
• advanced-security / awesome-codeql
  A curated list of awesome CodeQL resources.
  ☆15Updated 5 months ago
• advanced-security / secret-scanning-custom-patterns
  Examples of Custom Secret Scanning Patterns
  ☆132Updated 2 months ago
• githubuniverseworkshops / codeql
  CodeQL workshops for GitHub Universe
  ☆91Updated last year
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆86Updated last year
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆19Updated last month
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆95Updated 7 months ago
• tuannq2299 / semgrep-rules
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆12Updated 2 years ago
• advanced-security / codeql-extractor-iac
  CodeQL Extractor, Library, and Queries for Infrastructure as Code
  ☆38Updated this week
• rvermeulen / codeql-workshop-cve-2021-21380
  A CodeQL workshop covering CVE-2021-21380
  ☆12Updated 4 months ago
• TinderSec / gh-workflow-auditor
  Script to audit GitHub Action Workflow files for potential vulnerabilities.
  ☆147Updated 3 weeks ago
• Kirill89 / prototype-pollution-exploits
  Prototype Pollution exploits collection
  ☆28Updated 3 years ago
• nikitastupin / pwnhub
  How GitHub Actions workflows can be hacked
  ☆100Updated 3 weeks ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆80Updated last month
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆38Updated 10 months ago
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆37Updated 3 weeks ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆79Updated 5 months ago