🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
☆42Dec 12, 2024Updated last year
Alternatives and similar repositories for vulncov
Users that are interested in vulncov are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.☆10Apr 3, 2022Updated 4 years ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- ☆72Oct 24, 2025Updated 7 months ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆102Updated this week
- ☆40Aug 2, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A tool for secrets management, encryption as a service, and privileged access management☆12Jul 17, 2025Updated 10 months ago
- frida-codeshare-scripts.collection of useful FRIDA scripts.A curated list of Frida resources.纯实用frida脚本收集,脚本全网最全.不定时同步更新.☆109Mar 12, 2026Updated 2 months ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆22Jul 11, 2023Updated 2 years ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆89Apr 24, 2026Updated last month
- The official website for The Discord Analytics for Risks & Threats Project.☆23Dec 29, 2025Updated 5 months ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆89Dec 7, 2025Updated 5 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated 2 years ago
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆57Jan 29, 2025Updated last year
- Security tool against dependency typosquatting attacks☆56May 19, 2026Updated last week
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆97Mar 12, 2024Updated 2 years ago
- @DisCo is a graph based datastore designed to minimize reverse engineering efforts.☆12Jan 21, 2021Updated 5 years ago
- ☆13Updated this week
- AcSecurity is a Python module designed to scan applications for common security vulnerabilities. It checks for hardcoded secrets, depende…☆16Aug 29, 2025Updated 9 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆64Jan 25, 2025Updated last year
- A very simple open source implementation of Google's Project Naptime☆187Mar 27, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆166Apr 10, 2024Updated 2 years ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆61Nov 3, 2024Updated last year
- Unauthenticated enumeration of AWS IAM Roles.☆28Apr 18, 2026Updated last month
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Mar 8, 2026Updated 2 months ago
- A POC for better exception reporting for futures☆12Aug 20, 2014Updated 11 years ago
- Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks☆14May 20, 2026Updated last week
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated last year
- A collection of permissively licensed Semgrep rules.☆24Jul 5, 2024Updated last year
- ☆53Feb 4, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆77Oct 18, 2025Updated 7 months ago
- WebSocket Penetration Testing Toolkit for Burp Suite☆30Mar 5, 2026Updated 2 months ago
- ☆19Dec 2, 2024Updated last year
- Funny Fuzzing Wordlist☆14Jun 14, 2022Updated 3 years ago
- A tool to uncover undocumented APIs from the AWS Console.☆121Mar 16, 2026Updated 2 months ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated 2 years ago
- A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network c…☆46May 20, 2026Updated last week