mllamazares / vulncov
๐งช Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
โ39Updated 3 months ago
Alternatives and similar repositories for vulncov:
Users that are interested in vulncov are comparing it to the libraries listed below
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.โ40Updated last year
- Manager of third-party sources of Semgrep rules ๐โ80Updated 8 months ago
- boostsecurityio/lotpโ115Updated last week
- A small tool to help developers understand a huge set of security requirements from appsec teamsโ45Updated 2 years ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)โ49Updated 2 months ago
- โ110Updated last year
- Build a CVE library with aggregated CISA, EPSS and CVSS dataโ27Updated last year
- Protect against subdomain takeoverโ93Updated 10 months ago
- Create notes during a security code review in VSCode ๐ Import your favorite SAST tool findings ๐ ๏ธ and collaborate with others ๐คโ132Updated this week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsโ49Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesโ216Updated last week
- truffleproc โ hunt secrets in process memory (TruffleHog & gdb mashup)โ114Updated last year
- Nuclei plugins to audit Chrome extensionsโ64Updated 8 months ago
- Security tool against dependency typosquatting attacksโ39Updated this week
- A tool for preventing the installation of malicious PyPI and npm packagesโ129Updated this week
- โ68Updated 2 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsโ102Updated last month
- HashiCorp-relevant rules for the Semgrep code analysis toolโ39Updated last year
- A tool to uncover undocumented APIs from the AWS Console.โ98Updated 4 months ago
- Semgrep-based Policy Controller for Kubernetesโ47Updated last week
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.โ35Updated 3 months ago
- A web CTF for training developers in bug hunting and secure coding!โ97Updated 2 months ago
- โ164Updated 6 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsโ61Updated last year
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsโ82Updated 2 weeks ago