Alternatives and similar repositories for libsast

Users that are interested in libsast are comparing it to the libraries listed below

• SAP-archive / node-rasp
  An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …
  ☆31Updated 4 years ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆142Updated last year
• JacksonGL / NPM-Vuln-PoC
  Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
  ☆42Updated 10 months ago
• Semmle / SecurityQueries
  Deprecated: Please visit https://github.com/github/codeql instead.
  ☆81Updated 3 years ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 3 years ago
• mandatoryprogrammer / tarnish
  A Chrome extension static analysis tool to help aide in security reviews.
  ☆154Updated last year
• githubsatelliteworkshops / codeql
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆210Updated 7 months ago
• olivo / redos-detector
  A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.
  ☆34Updated 8 years ago
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆140Updated last week
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆58Updated 3 weeks ago
• Teebytes / TnT-Fuzzer
  OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
  ☆111Updated 2 years ago
• google / security-crawl-maze
  Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …
  ☆161Updated last year
• nightwatchcybersecurity / truegaze
  Static analysis tool for Android/iOS apps focusing on security issues outside the source code
  ☆132Updated last year
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆220Updated last year
• MobSF / CapFuzz
  CapFuzz - capture, fuzz & intercept web traffic.
  ☆64Updated 5 years ago
• olbat / nvdcve
  NVD/CVE as JSON files
  ☆116Updated this week
• xiaofen9 / Lynx
  A Node.js vulnerability finding tool.
  ☆96Updated 4 years ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆114Updated last week
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆43Updated 3 months ago
• Ingenuity-Fainting-Goats / piof
  PIOF - PHP Instrumentation Open Framework - A dynamic and modular instrumentation framework for PHP language.
  ☆9Updated 6 years ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆24Updated 3 years ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆118Updated last year
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆58Updated 6 years ago
• alterakey / trueseeing
  Non-decompiling iOS/Android app vulnerability scanner (DC25 demo lab, CB17)
  ☆63Updated 2 months ago
• GitHubSecurityLab / gh-qldb
  CodeQL database manager
  ☆48Updated 3 weeks ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 2 weeks ago
• ReversecLabs / Jandroid
  ☆336Updated 8 months ago
• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆49Updated last year
• andresriancho / jwt-fuzzer
  JWT fuzzer
  ☆106Updated 6 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆226Updated 11 months ago