Alternatives and similar repositories for insider

Users that are interested in insider are comparing it to the libraries listed below

• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆850Updated last year
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆409Updated 9 months ago
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆378Updated last year
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆274Updated 2 years ago
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆149Updated 4 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆182Updated 6 years ago
• imperva / automatic-api-attack-tool
  Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…
  ☆484Updated 2 years ago
• OWASP / Docker-Security
  Getting a handle on container security
  ☆661Updated last year
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆366Updated 4 years ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆225Updated last year
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆184Updated last year
• OWASP / threat-model-cookbook
  This project is about creating and publishing threat model examples.
  ☆423Updated 3 years ago
• SasanLabs / VulnerableApp
  OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
  ☆337Updated last month
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆324Updated 3 years ago
• owaspsamm / sammwise
  NextJS-based single-page application for completing and reviewing SAMM assessments
  ☆76Updated 2 years ago
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆964Updated this week
• mgreiler / secure-code-review-checklist
  ☆190Updated 2 years ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆689Updated last month
• blabla1337 / skf-labs
  Repo for all the SKF Docker lab examples
  ☆454Updated last year
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆101Updated last month
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆268Updated 6 months ago
• OWASP / SecureCodingDojo
  The Secure Coding Dojo is a platform for delivering secure coding knowledge.
  ☆585Updated 2 weeks ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆124Updated last year
• okta-graveyard / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆649Updated 2 years ago
• OWASP / threat-dragon
  An open source threat modeling tool from OWASP
  ☆1,169Updated last week
• mike-goodwin / owasp-threat-dragon-desktop
  An installable desktop variant of OWASP Threat Dragon
  ☆592Updated 2 weeks ago
• planetlevel / jot
  Java Observability Toolkit
  ☆62Updated last year
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆103Updated last year
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆578Updated 4 months ago
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆396Updated 3 years ago