Alternatives and similar repositories for malicious-code-ruleset

Users that are interested in malicious-code-ruleset are comparing it to the libraries listed below

• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆126Updated last month
• apiiro / PRevent
  Prevent merging of malicious code in pull requests
  ☆224Updated 2 months ago
• xvnpw / ai-security-analyzer
  A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects
  ☆80Updated 3 weeks ago
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆135Updated last year
• opengrep / opengrep-rules
  ☆68Updated 4 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆36Updated last week
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 5 months ago
• nccgroup / ccs
  ☆111Updated last year
• RefactorSecurity / vscode-security-notes
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆133Updated 2 months ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆86Updated 10 months ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆199Updated this week
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆182Updated last month
• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆64Updated 10 months ago
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 2 months ago
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆118Updated last year
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆145Updated this week
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Updated last year
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆52Updated this week
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆105Updated 4 months ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆87Updated last month
• ReversecLabs / cloud-security-vm
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆141Updated 5 months ago
• dreadnode / burpference
  A research project to add some brrrrrr to Burp
  ☆169Updated 3 months ago
• BishopFox / llm-testing-findings
  LLM Testing Findings Templates
  ☆72Updated last year
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆52Updated last year
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆119Updated last week
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆44Updated 6 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆279Updated this week
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆55Updated 4 months ago
• tenable / hidden-services-revealer
  ☆36Updated 10 months ago
• spaceraccoon / ogp-ctf-2024
  A web CTF for training developers in bug hunting and secure coding!
  ☆99Updated 4 months ago