awesome-security / awesome-static-analysisLinks
A curated list of static analysis tools, linters and code quality checkers for various programming languages
☆47Updated 9 years ago
Alternatives and similar repositories for awesome-static-analysis
Users that are interested in awesome-static-analysis are comparing it to the libraries listed below
Sorting:
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆84Updated last week
- ☆156Updated 5 months ago
- The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility t…☆113Updated 6 months ago
- Code Hierarchy Exploration Net (chen)☆24Updated last week
- 🗒️ A [work-in-progress] collection for interview questions for Information Security roles☆138Updated 2 years ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆58Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago
- A comprehensive list of software composition analysis tools.☆162Updated 3 months ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.☆111Updated last year
- A static analyzer powered by AI☆23Updated last year
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆160Updated last year
- LLM Testing Findings Templates☆75Updated last year
- Core model including reused documentation☆101Updated last month
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Updated last year
- A very simple open source implementation of Google's Project Naptime☆184Updated 10 months ago
- Trail of Bits Testing Handbook - appsec.guide☆92Updated this week
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMs☆39Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆79Updated this week
- This repo is meant to be a list of companies that hire security people full remote.☆455Updated 8 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆301Updated this week
- OWASP Code Review Guide Web Repository☆148Updated 3 years ago
- ☆196Updated 2 years ago
- A curated list of Awesome Security Challenges.☆211Updated last year
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated 7 months ago
- Watch the latest awesome security talks around the globe☆279Updated 11 months ago
- Adversarial AI - Attacks, Mitigations, and Defense Strategies, published by Packt☆77Updated last month
- OWASP Machine Learning Security Top 10 Project☆95Updated last month
- The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable we…☆77Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆141Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Updated 3 months ago