Alternatives and similar repositories for libsast

Users that are interested in libsast are comparing it to the libraries listed below

• nightwatchcybersecurity / truegaze
  Static analysis tool for Android/iOS apps focusing on security issues outside the source code
  ☆133Updated last year
• mandatoryprogrammer / tarnish
  A Chrome extension static analysis tool to help aide in security reviews.
  ☆157Updated last year
• Teebytes / TnT-Fuzzer
  OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
  ☆111Updated 2 years ago
• SAP-archive / node-rasp
  An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …
  ☆31Updated 4 years ago
• MobSF / CapFuzz
  CapFuzz - capture, fuzz & intercept web traffic.
  ☆64Updated 5 years ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆148Updated last year
• AvalZ / RevOK
  An HTTP Response fuzzer to find Vulnerabilities in Security Scanners
  ☆25Updated last year
• Semmle / SecurityQueries
  Deprecated: Please visit https://github.com/github/codeql instead.
  ☆81Updated 3 years ago
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆59Updated 3 months ago
• Soluto / mobsf-ci
  All that is required to run MobSF in the ci
  ☆42Updated last year
• alterakey / trueseeing
  Non-decompiling iOS/Android app vulnerability scanner (DC25 demo lab, CB17)
  ☆64Updated 4 months ago
• modzero / modjoda
  Java Object Deserialization on Android
  ☆86Updated 6 years ago
• JacksonGL / NPM-Vuln-PoC
  Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
  ☆42Updated last year
• asmyczek / popcorn
  Popcorn - the JSON fuzzer
  ☆22Updated 11 years ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆223Updated last year
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆142Updated 2 weeks ago
• xiaofen9 / Lynx
  A Node.js vulnerability finding tool.
  ☆95Updated 4 years ago
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆43Updated 2 months ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆24Updated 3 years ago
• andresriancho / jwt-fuzzer
  JWT fuzzer
  ☆107Updated 7 years ago
• appsecco / defcon-26-workshop-attacking-and-auditing-docker-containers
  DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
  ☆108Updated 5 years ago
• find-sec-bugs / find-sec-bugs-demos
  Repository to showcase various configuration recipes with various technologies
  ☆36Updated 2 years ago
• gagliardetto / codebox
  Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
  ☆20Updated 2 years ago
• andresriancho / websocket-fuzzer
  HTML5 WebSocket message fuzzer
  ☆146Updated 6 years ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆119Updated last year
• exploitprotocol / app-sec-wiki
  Files for appsecwiki.com
  ☆119Updated 5 years ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆107Updated 9 years ago
• Fraunhofer-AISEC / codyze
  Codyze is a static analyzer for Java, C, C++ based on code property graphs
  ☆88Updated 6 months ago
• githubsatelliteworkshops / codeql
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆210Updated 10 months ago
• asrulhadi / wap
  OWASP WAP - Web Application Protection Project
  ☆11Updated 6 years ago