Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…
☆551Apr 10, 2022Updated 3 years ago
Alternatives and similar repositories for insider
Users that are interested in insider are comparing it to the libraries listed below
Sorting:
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆869Sep 1, 2023Updated 2 years ago
- Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.☆1,299Updated this week
- [W.I.P] An ecosystem of crawlers for detecting: leaks, sensitive data exposure and attempts exfiltration of data☆32Feb 28, 2026Updated last week
- Django application that performs SAST and Malware Analysis for Android APKs☆224Updated this week
- APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…☆956Jan 17, 2025Updated last year
- HTTP fuzzer engine security oriented☆60Updated this week
- Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime☆2,978Updated this week
- Oversecured Vulnerable Android App☆731Jul 18, 2024Updated last year
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆423Nov 14, 2024Updated last year
- ☆19Feb 11, 2026Updated 3 weeks ago
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,577Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,088Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,441Jun 11, 2025Updated 8 months ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆280Feb 17, 2026Updated 2 weeks ago
- Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.☆545Jan 6, 2023Updated 3 years ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.☆742Jun 25, 2021Updated 4 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,285Feb 27, 2026Updated last week
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)☆1,631Mar 11, 2024Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,549Updated this week
- Multi-Cloud Security Auditing Tool☆7,562Sep 23, 2025Updated 5 months ago
- nodejsscan is a static security code scanner for Node.js applications.☆2,553Oct 10, 2025Updated 4 months ago
- The extension of Burp Suite for Conviso Platform aims to serve as an integration between them, making the life of an analyst easier, beca…☆36Dec 30, 2025Updated 2 months ago
- Performing security tests inside your CI☆591May 15, 2024Updated last year
- Application Security Automation☆527Sep 5, 2023Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,412Jun 17, 2025Updated 8 months ago
- Generic SAST Library☆136Jun 17, 2025Updated 8 months ago
- A collection of custom security tools for quick needs.☆3,284May 1, 2023Updated 2 years ago
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,445Updated this week
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆348Jul 20, 2020Updated 5 years ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,928Feb 16, 2026Updated 2 weeks ago
- Vulnerable Java based Web Application☆270Jun 20, 2024Updated last year
- Open Source Vulnerability Management Platform☆6,284Feb 13, 2026Updated 3 weeks ago
- A curated list of amazingly awesome Burp Extensions☆3,372Feb 17, 2026Updated 2 weeks ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆960Feb 27, 2026Updated last week
- A security focused static analysis tool for Android and Java applications.☆1,217Feb 28, 2026Updated last week
- All kind of frida stuff when needed in pentesting or reverse engineering of an android app - The perfect starter kit☆18Jun 2, 2020Updated 5 years ago
- Fork of iSec Partners Android Intent Fuzzer (https://www.isecpartners.com/tools/mobile-security/intent-fuzzer.aspx)☆16Feb 10, 2015Updated 11 years ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆605Feb 10, 2026Updated 3 weeks ago