jfrog / jfrog-npm-tools
β54Updated last year
Related projects β
Alternatives and complementary repositories for jfrog-npm-tools
- A public cloud security knowledgebase - https://www.secwiki.cloud/β48Updated 8 months ago
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 2 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Updated 2 years ago
- A community collection of security reviews of open source software components.β92Updated 8 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ57Updated last year
- InfoSec OpenAI Examplesβ19Updated 11 months ago
- A small library to alter AWS API requests; Used for fuzzing researchβ21Updated last year
- β79Updated this week
- AWS SSO serverless phishing API.β29Updated 3 years ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chainβ86Updated 9 months ago
- β36Updated 3 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β55Updated 4 months ago
- Global Security Database Toolsβ41Updated 10 months ago
- β17Updated 2 years ago
- β36Updated 6 months ago
- A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installsβ52Updated last year
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β129Updated last year
- Dependency Combobulatorβ88Updated 10 months ago
- β14Updated last year
- Cloud Security Dashboard for AWS - based on ScoutSuiteβ0Updated last year
- Compares and analyzes GCP IAM roles.β76Updated 5 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β39Updated 10 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β39Updated 2 months ago
- β109Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.β36Updated 2 years ago
- Semgrep rules corresponding to the OWASP ASVS standardβ27Updated 4 years ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsβ79Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ37Updated last year