ajinabraham / libsast
Generic SAST Library
☆125Updated last week
Related projects ⓘ
Alternatives and complementary repositories for libsast
- Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]☆42Updated 5 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 8 months ago
- A Chrome extension static analysis tool to help aide in security reviews.☆146Updated last year
- Deprecated: Please visit https://github.com/github/codeql instead.☆81Updated 2 years ago
- Static analysis tool for Android/iOS apps focusing on security issues outside the source code☆129Updated last year
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- CapFuzz - capture, fuzz & intercept web traffic.☆63Updated 5 years ago
- Mobile Security testing Framework☆40Updated 6 years ago
- Intentionally vulnerable Go web app.☆42Updated 11 months ago
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆208Updated last month
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …☆31Updated 3 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆213Updated 6 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆147Updated 4 years ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Updated last year
- Externalize Java application access to protected resources as log messages.☆41Updated 6 months ago
- JWT fuzzer☆104Updated 6 years ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆109Updated 11 months ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆49Updated 7 months ago
- Collection of community-driven CodeQL query, library and extension packs☆75Updated this week
- ☆17Updated 5 years ago
- PIOF - PHP Instrumentation Open Framework - A dynamic and modular instrumentation framework for PHP language.☆9Updated 5 years ago
- Post Processor for Facebook Static Analysis Tools.☆134Updated this week
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆88Updated 6 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆98Updated last week
- HTML5 WebSocket message fuzzer☆144Updated 6 years ago
- ☆107Updated 2 years ago
- OSS-Fuzz vulnerabilities for OSV.☆133Updated this week
- [Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instea…☆81Updated 6 months ago