Alternatives and similar repositories for damn-vulnerable-js-sca

Users that are interested in damn-vulnerable-js-sca are comparing it to the libraries listed below

• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆107Updated 2 years ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆41Updated 11 months ago
• RyanJarv / roles
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Updated 2 months ago
• codesoap / pfuzz
  A web fuzzer using the httpipe format
  ☆101Updated last year
• jthack / hero
  a hackbot proof-of-concept
  ☆40Updated last year
• csdev / ezghsa
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Updated 2 months ago
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆42Updated 2 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆54Updated 2 years ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆90Updated last year
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 4 years ago
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆155Updated last year
• hex0punk / wally
  Function callpath mapping analysis tool for Go
  ☆34Updated 8 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆113Updated last week
• riskframe / ai-rmm
  AI Resilience Maturity Model
  ☆25Updated last year
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆54Updated this week
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 7 months ago
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆82Updated last week
• TinderSec / oidc-scanner-aws
  ☆49Updated 2 years ago
• SecureStackCo / actions-sbom
  A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…
  ☆25Updated 2 years ago
• omar2535 / GraphQLer
  🔍A cutting edge context aware GraphQL API fuzzing tool!
  ☆154Updated 2 months ago
• trailofbits / deptective
  Deptective automatically determines the native dependencies required to run any arbitrary program or command.
  ☆123Updated 3 weeks ago
• rotemreiss / MalifiScan
  A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…
  ☆66Updated this week
• boringtools / git-alerts
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆227Updated 5 months ago
• kpolley / PIIDetective
  PII detection platform, leveraging human-in-the-loop AI
  ☆53Updated 11 months ago
• salesforce / lobster-pot
  Scans every git push to your Github organisations to find unwanted secrets.
  ☆87Updated 6 months ago
• AppThreat / atom
  atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆74Updated this week
• nccgroup / ccs
  ☆114Updated 2 years ago
• trailofbits / mcp-context-protector
  MCP security wrapper
  ☆202Updated this week
• trufflesecurity / driftwood
  Private key usage verification
  ☆432Updated 7 months ago
• jgamblin / EPSS-MCP
  MultiStep MCP That Returns CVE Information With EPSS Score
  ☆12Updated 6 months ago