🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
☆42Dec 12, 2024Updated last year
Alternatives and similar repositories for vulncov
Users that are interested in vulncov are comparing it to the libraries listed below
Sorting:
- A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!☆23Jan 5, 2026Updated 2 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- frida-codeshare-scripts.collection of useful FRIDA scripts.A curated list of Frida resources.纯实用frida脚本收集,脚本全网最全.不定时同步更新.☆102Dec 6, 2025Updated 3 months ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆98Updated this week
- ☆40Aug 2, 2024Updated last year
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- A library to facilitate the static analysis of Android apps☆15Jul 22, 2025Updated 7 months ago
- @DisCo is a graph based datastore designed to minimize reverse engineering efforts.☆12Jan 21, 2021Updated 5 years ago
- Unauthenticated enumeration of AWS IAM Roles.☆26Sep 7, 2025Updated 6 months ago
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆54Jan 29, 2025Updated last year
- Security tool against dependency typosquatting attacks☆55Updated this week
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- Fast and easy to use CLI-based file encryption program 📦☆13Oct 12, 2025Updated 4 months ago
- A collection of permissively licensed Semgrep rules.☆22Jul 5, 2024Updated last year
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆60Nov 3, 2024Updated last year
- A very simple open source implementation of Google's Project Naptime☆182Mar 27, 2025Updated 11 months ago
- A tool for secrets management, encryption as a service, and privileged access management☆12Jul 17, 2025Updated 7 months ago
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Updated this week
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Aug 30, 2018Updated 7 years ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆62Jan 25, 2025Updated last year
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆40May 7, 2023Updated 2 years ago
- ☆72Oct 24, 2025Updated 4 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated last year
- A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network c…☆41Feb 7, 2026Updated last month
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- SprayShark is a modular G-Suite password sprayer with threading!☆57May 17, 2025Updated 9 months ago
- Framework for Monitoring File Ingestion Source for Yara Matches☆50Mar 10, 2025Updated 11 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆116Apr 29, 2025Updated 10 months ago
- ☆19Dec 2, 2024Updated last year
- ☆53Feb 4, 2025Updated last year
- CVE-2023-26818 Exploit MacOS TCC Bypass W/ Telegram☆17Jun 6, 2024Updated last year
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆165Apr 10, 2024Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- WiiBin is a framework to determine architecture of an unknown binary and locate opcode sections within the same binary via supervised mac…☆20Dec 16, 2025Updated 2 months ago
- Find what egress ports are allowed☆46Nov 19, 2025Updated 3 months ago
- The official website for The Discord Analytics for Risks & Threats Project.☆22Dec 29, 2025Updated 2 months ago
- Examine Chrome extensions for security issues☆96Nov 16, 2025Updated 3 months ago