DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
☆972Updated this week
Alternatives and similar repositories for DevSkim
Users that are interested in DevSkim are comparing it to the libraries listed below
Sorting:
- A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats☆840Feb 20, 2026Updated last week
- Vulnerability Patterns Detector for C# and VB.NET☆971Jul 8, 2024Updated last year
- The GitHub Action for DevSkim☆41May 21, 2025Updated 9 months ago
- DevSkim plugin for VS Code.☆39Apr 16, 2020Updated 5 years ago
- A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…☆4,384Feb 17, 2026Updated last week
- Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams wr…☆447Oct 28, 2022Updated 3 years ago
- Collection of tools for analyzing open source packages.☆357Updated this week
- Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.☆2,916Updated this week
- ☆1,671Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆868Sep 1, 2023Updated 2 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆280Feb 17, 2026Updated last week
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,984Feb 20, 2026Updated last week
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…☆213Jan 7, 2026Updated last month
- A logger for MSBuild that records a structured representation of executed targets, tasks, property and item values.☆1,610Feb 15, 2026Updated last week
- Source Link enables a great source debugging experience for your users, by adding source control metadata to your built assets☆1,335Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,193Feb 20, 2026Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,272Feb 16, 2026Updated last week
- Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null d…☆748Jan 16, 2024Updated 2 years ago
- Home for the dotnet-format command☆1,946Updated this week
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,200Nov 20, 2025Updated 3 months ago
- An open source, online threat modelling tool from OWASP☆484Jul 18, 2025Updated 7 months ago
- ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…☆14,395Updated this week
- Security libraries for ASP.NET☆554Mar 3, 2023Updated 2 years ago
- A Pythonic framework for threat modeling☆1,108Updated this week
- SARIF Microsoft Visual Studio Code extension☆131Feb 14, 2026Updated 2 weeks ago
- An ultra-lightweight Rx source-only nuget to avoid depending on the full System.Reactive for IObservable<T> producers☆32Feb 8, 2026Updated 3 weeks ago
- Stamp your assemblies, packages and more with a unique version generated from a single, simple version.json file and include git commit I…☆1,544Updated this week
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆558Mar 6, 2023Updated 2 years ago
- Application Security Automation☆527Sep 5, 2023Updated 2 years ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,574Updated this week
- Scans your project to determine what components you use☆532Feb 20, 2026Updated last week
- Cross platform code coverage for .NET☆3,130Feb 21, 2026Updated last week
- Code analyzer for C# and VB.NET projects☆892Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- Tye is a tool that makes developing, testing, and deploying microservices and distributed applications easier. Project Tye includes a loc…☆5,232Nov 20, 2023Updated 2 years ago
- The Microsoft.VisualStudio.Threading is a xplat library that provides many threading and synchronization primitives used in Visual Studio…☆1,026Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,253Feb 20, 2026Updated last week
- Visual Studio solution generator☆453Jan 14, 2026Updated last month