microsoft / DevSkim

Related projects ⓘ

Alternatives and complementary repositories for DevSkim

• microsoft / binskim
  A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
  ☆779Updated 3 weeks ago
• pumasecurity / puma-scan
  Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams wr…
  ☆447Updated 2 years ago
• microsoft / rest-api-fuzz-testing
  REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…
  ☆262Updated 2 years ago
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆332Updated 3 years ago
• sonatype-nexus-community / DevAudit
  Open-source, cross-platform, multi-purpose security auditing tool
  ☆361Updated last year
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆397Updated 2 years ago
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆313Updated 2 years ago
• microsoft / component-detection
  Scans your project to determine what components you use
  ☆438Updated this week
• microsoft / ApplicationInspector
  A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…
  ☆4,254Updated 3 weeks ago
• security-code-scan / security-code-scan
  Vulnerability Patterns Detector for C# and VB.NET
  ☆943Updated 4 months ago
• microsoft / sarif-sdk
  .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…
  ☆195Updated this week
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆483Updated 4 months ago
• mike-goodwin / owasp-threat-dragon-desktop
  An installable desktop variant of OWASP Threat Dragon
  ☆594Updated 2 weeks ago
• OWASP / glue
  Application Security Automation
  ☆522Updated last year
• OWASP / pytm
  A Pythonic framework for threat modeling
  ☆924Updated last week
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆808Updated last year
• microsoft / sbom-tool
  The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
  ☆1,628Updated this week
• CycloneDX / cyclonedx-dotnet
  Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
  ☆185Updated last week
• auth0 / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆638Updated last year
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆299Updated 6 months ago
• slackhq / goSDL
  goSDL
  ☆523Updated 2 years ago
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆317Updated this week
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,612Updated last month
• gauntlt / gauntlt
  a ruggedization framework that embodies the principle "be mean to your code"
  ☆982Updated 2 years ago
• microsoft / threat-modeling-templates
  Microsoft Threat Modeling Template files
  ☆180Updated last year
• dotnet-security-guard / roslyn-security-guard
  Roslyn analyzers that aim to help security audit on .NET applications.
  ☆208Updated 6 years ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆622Updated this week
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆188Updated 6 years ago
• RetireNet / dotnet-retire
  Open source vulnerability scanner for .NET Core projects
  ☆178Updated 2 years ago
• OWASP / SafeNuGet
  MsBuild task to warn about insecure NuGet libraries
  ☆97Updated 4 years ago