Alternatives and similar repositories for DevSkim

Users that are interested in DevSkim are comparing it to the libraries listed below

• microsoft / component-detection
  Scans your project to determine what components you use
  ☆505Updated last week
• security-code-scan / security-code-scan
  Vulnerability Patterns Detector for C# and VB.NET
  ☆961Updated last year
• pumasecurity / puma-scan
  Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams wr…
  ☆448Updated 2 years ago
• microsoft / sbom-tool
  The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
  ☆1,902Updated this week
• sonatype-nexus-community / DevAudit
  Open-source, cross-platform, multi-purpose security auditing tool
  ☆361Updated 2 years ago
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆395Updated 3 years ago
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆349Updated last month
• microsoft / rest-api-fuzz-testing
  REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…
  ☆264Updated 3 years ago
• microsoft / sarif-sdk
  .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…
  ☆206Updated 2 weeks ago
• CycloneDX / cyclonedx-dotnet
  Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
  ☆238Updated last month
• microsoft / ApplicationInspector
  A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…
  ☆4,362Updated last week
• blabla1337 / skf-flask
  Security Knowledge Framework (SKF) Python Flask / Angular project
  ☆822Updated last year
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆367Updated 4 years ago
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆485Updated 2 months ago
• microsoft / threat-modeling-templates
  Microsoft Threat Modeling Template files
  ☆194Updated 2 years ago
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆317Updated 3 months ago
• OWASP / SafeNuGet
  MsBuild task to warn about insecure NuGet libraries
  ☆97Updated 5 years ago
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆326Updated 3 years ago
• mike-goodwin / owasp-threat-dragon-desktop
  An installable desktop variant of OWASP Threat Dragon
  ☆592Updated 2 weeks ago
• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆325Updated last year
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆134Updated 3 weeks ago
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆431Updated this week
• checkmarx-ts / CxOverwatch
  Checkmarx Health Monitor
  ☆18Updated last year
• dotnet-security-guard / roslyn-security-guard
  Roslyn analyzers that aim to help security audit on .NET applications.
  ☆207Updated 7 years ago
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆853Updated 2 years ago
• OWASP / Docker-Security
  Getting a handle on container security
  ☆662Updated last year
• RetireNet / dotnet-retire
  Open source vulnerability scanner for .NET Core projects
  ☆179Updated 3 years ago
• simonec73 / threatsmanager
  Threats Manager Platform Core libraries and SDK
  ☆75Updated 6 months ago
• checkmarx-ts / checkmarx-github-action
  Checkmarx Scan Github Action
  ☆31Updated last year
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆700Updated last month