Alternatives and similar repositories for DevSkim

Users that are interested in DevSkim are comparing it to the libraries listed below

• microsoft / component-detection
  Scans your project to determine what components you use
  ☆499Updated last week
• microsoft / sbom-tool
  The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
  ☆1,860Updated this week
• microsoft / ApplicationInspector
  A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…
  ☆4,360Updated 2 weeks ago
• microsoft / rest-api-fuzz-testing
  REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…
  ☆263Updated 3 years ago
• security-code-scan / security-code-scan
  Vulnerability Patterns Detector for C# and VB.NET
  ☆964Updated last year
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆396Updated 3 years ago
• microsoft / sarif-sdk
  .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…
  ☆205Updated last month
• CycloneDX / cyclonedx-dotnet
  Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
  ☆228Updated 2 weeks ago
• sonatype-nexus-community / DevAudit
  Open-source, cross-platform, multi-purpose security auditing tool
  ☆361Updated 2 years ago
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆349Updated 3 weeks ago
• pumasecurity / puma-scan
  Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams wr…
  ☆451Updated 2 years ago
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆366Updated 4 years ago
• microsoft / threat-modeling-templates
  Microsoft Threat Modeling Template files
  ☆193Updated 2 years ago
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆486Updated last month
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆324Updated 3 years ago
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆413Updated last week
• blabla1337 / skf-flask
  Security Knowledge Framework (SKF) Python Flask / Angular project
  ☆819Updated last year
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆313Updated last month
• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆318Updated last year
• OWASP / pytm
  A Pythonic framework for threat modeling
  ☆1,029Updated 2 months ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆689Updated last month
• slsa-framework / slsa
  Supply-chain Levels for Software Artifacts
  ☆1,712Updated this week
• OWASP / SafeNuGet
  MsBuild task to warn about insecure NuGet libraries
  ☆97Updated 5 years ago
• mike-goodwin / owasp-threat-dragon-desktop
  An installable desktop variant of OWASP Threat Dragon
  ☆592Updated 2 weeks ago
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆131Updated last week
• checkmarx-ts / checkmarx-github-action
  Checkmarx Scan Github Action
  ☆31Updated last year
• simonec73 / threatsmanager
  Threats Manager Platform Core libraries and SDK
  ☆75Updated 4 months ago
• slackhq / goSDL
  goSDL
  ☆522Updated 2 years ago
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆396Updated last week
• OWASP / Docker-Security
  Getting a handle on container security
  ☆661Updated last year