apiiro / malicious-code-ruleset
Focused malicious code detection ruleset, with a high protection-to-noise ratio
☆114Updated last month
Alternatives and similar repositories for malicious-code-ruleset:
Users that are interested in malicious-code-ruleset are comparing it to the libraries listed below
- boostsecurityio/lotp☆121Updated this week
- Semgrep-based Policy Controller for Kubernetes☆47Updated last week
- ☆110Updated last year
- ☆60Updated 2 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆103Updated 2 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆70Updated last month
- Nuclei plugins to audit Chrome extensions☆64Updated 9 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆134Updated this week
- Prevent merging of malicious code in pull requests☆217Updated 3 weeks ago
- Manager of third-party sources of Semgrep rules 🗂☆81Updated 8 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆40Updated last year
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆193Updated this week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 2 weeks ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 4 months ago
- ☆165Updated 7 months ago
- Security tool against dependency typosquatting attacks☆39Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆27Updated last month
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆138Updated 3 months ago
- AI featured threat modeling and security review action☆43Updated 5 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆46Updated 8 months ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆116Updated last year
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Updated 5 months ago
- boostsecurityio/poutine☆263Updated 2 weeks ago
- Protect against subdomain takeover☆93Updated 10 months ago
- Tool for obfuscating and deobfuscating data.☆70Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆101Updated last year
- HASH (HTTP Agnostic Software Honeypot)☆138Updated 11 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆105Updated 5 months ago