insidersec / insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…
☆516Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for insider
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆808Updated last year
- threatspec - continuous threat modeling, through code☆332Updated 3 years ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆375Updated last week
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆457Updated last year
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆147Updated 4 years ago
- A starter secure code review checklist☆178Updated 5 years ago
- Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan☆818Updated this week
- Agile Threat Modeling Toolkit☆620Updated this week
- Security Champions Playbook v 2.1☆350Updated last year
- Performing security tests inside your CI☆576Updated 6 months ago
- SAMM stands for Software Assurance Maturity Model.☆397Updated 2 years ago
- Repo for all the OWASP-SKF Docker lab examples☆440Updated 3 months ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆213Updated 6 months ago
- Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.☆1,149Updated this week
- The Secure Coding Framework☆262Updated 4 years ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆675Updated last year
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆515Updated this week
- The DevSecOps toolset for REST APIs☆271Updated last year
- This project is about creating and publishing threat model examples.☆409Updated 3 years ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆784Updated this week
- OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.☆160Updated 8 months ago
- Scan your code for security misconfiguration, search for passwords and secrets.☆638Updated last year
- A Continuous Threat Modeling methodology☆313Updated 2 years ago
- OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.☆298Updated last week
- An installable desktop variant of OWASP Threat Dragon☆594Updated last week
- Semgrep rules registry☆809Updated this week
- Getting a handle on container security☆632Updated 11 months ago
- Purposely vulnerable Java application to help lead secure coding workshops☆169Updated 4 months ago
- A Pythonic framework for threat modeling☆921Updated last week