DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
☆976Mar 13, 2026Updated last week
Alternatives and similar repositories for DevSkim
Users that are interested in DevSkim are comparing it to the libraries listed below
Sorting:
- A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats☆842Updated this week
- DevSkim plugin for Visual Studio.☆56Apr 16, 2020Updated 5 years ago
- Vulnerability Patterns Detector for C# and VB.NET☆972Jul 8, 2024Updated last year
- DevSkim plugin for VS Code.☆39Apr 16, 2020Updated 5 years ago
- Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams wr…☆448Oct 28, 2022Updated 3 years ago
- A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…☆4,387Feb 17, 2026Updated last month
- Collection of tools for analyzing open source packages.☆358Mar 9, 2026Updated last week
- Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.☆2,920Feb 26, 2026Updated 3 weeks ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆869Sep 1, 2023Updated 2 years ago
- ☆1,670Updated this week
- threatspec - continuous threat modeling, through code☆383Dec 30, 2020Updated 5 years ago
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆2,000Updated this week
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆281Feb 17, 2026Updated last month
- OpenSSF Scorecard - Security health metrics for Open Source☆5,315Updated this week
- A logger for MSBuild that records a structured representation of executed targets, tasks, property and item values.☆1,613Mar 9, 2026Updated last week
- .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…☆214Jan 7, 2026Updated 2 months ago
- Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null d…☆747Jan 16, 2024Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,504Updated this week
- An open source, online threat modelling tool from OWASP☆484Jul 18, 2025Updated 8 months ago
- Source Link enables a great source debugging experience for your users, by adding source control metadata to your built assets☆1,335Updated this week
- A .NET library for retrieving countries, states, and cities.☆13Feb 7, 2026Updated last month
- SARIF Microsoft Visual Studio Code extension☆132Feb 14, 2026Updated last month
- A Pythonic framework for threat modeling☆1,113Updated this week
- A .NET Standard 2.1+ Library to perform string parsing operations on Streams and StreamReaders. Includes Extensions for Regex.☆20Updated this week
- VisualCodeGrepper - Code security scanning tool.☆547Jul 6, 2023Updated 2 years ago
- Scans your project to determine what components you use☆537Mar 14, 2026Updated last week
- Object Analysis Toolkit is a C# library for analyzing objects using Rules.☆101Feb 11, 2026Updated last month
- Home for the dotnet-format command☆1,945Mar 9, 2026Updated last week
- ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…☆14,440Updated this week
- Application Security Automation☆527Sep 5, 2023Updated 2 years ago
- A library to predict inputs and outputs of MSBuild projects☆40Sep 16, 2025Updated 6 months ago
- Cross platform code coverage for .NET☆3,132Mar 5, 2026Updated 2 weeks ago
- Code analyzer for C# and VB.NET projects☆894Updated this week
- goSDL☆522Nov 3, 2025Updated 4 months ago
- A self-hosted Fuzzing-As-A-Service platform☆2,830Nov 1, 2023Updated 2 years ago
- The Microsoft.VisualStudio.Threading is a xplat library that provides many threading and synchronization primitives used in Visual Studio…☆1,028Mar 13, 2026Updated last week
- Tye is a tool that makes developing, testing, and deploying microservices and distributed applications easier. Project Tye includes a loc…☆5,232Nov 20, 2023Updated 2 years ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,201Nov 20, 2025Updated 4 months ago
- An ultra-lightweight Rx source-only nuget to avoid depending on the full System.Reactive for IObservable<T> producers☆32Updated this week