π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
β42Dec 12, 2024Updated last year
Alternatives and similar repositories for vulncov
Users that are interested in vulncov are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.β10Apr 3, 2022Updated 3 years ago
- Semgrep-based Policy Controller for Kubernetesβ47Apr 4, 2025Updated 11 months ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and useβ14Aug 30, 2018Updated 7 years ago
- β72Oct 24, 2025Updated 5 months ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.β100Mar 22, 2026Updated last week
- NordVPN Special Discount Offer β’ AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- β40Aug 2, 2024Updated last year
- A tool for secrets management, encryption as a service, and privileged access managementβ12Jul 17, 2025Updated 8 months ago
- Additional active scan checks for BURPβ28Oct 3, 2024Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β41Dec 12, 2023Updated 2 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.β22Jul 11, 2023Updated 2 years ago
- Build a CVE library with aggregated CISA, EPSS and CVSS dataβ29Sep 27, 2023Updated 2 years ago
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloadedβ85Updated this week
- The official website for The Discord Analytics for Risks & Threats Project.β22Dec 29, 2025Updated 3 months ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3β89Dec 7, 2025Updated 3 months ago
- NordVPN Threat Protection Proβ’ β’ AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Burp Suite extension for testing Passkey systems.β75Apr 1, 2025Updated 11 months ago
- Secure Code Review AI Agent (SeCoRA) - AI SASTβ55Jan 29, 2025Updated last year
- Security tool against dependency typosquatting attacksβ55Updated this week
- CTFd Theme for StormCTF (Updated a little bit for the newest version of CTFd)β12May 19, 2019Updated 6 years ago
- @DisCo is a graph based datastore designed to minimize reverse engineering efforts.β12Jan 21, 2021Updated 5 years ago
- β11Dec 9, 2025Updated 3 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.β62Jan 25, 2025Updated last year
- AcSecurity is a Python module designed to scan applications for common security vulnerabilities. It checks for hardcoded secrets, dependeβ¦β16Aug 29, 2025Updated 7 months ago
- Unauthenticated enumeration of AWS IAM Roles.β26Sep 7, 2025Updated 6 months ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Proof-of-concept modular implant platform leveraging v8β54Mar 4, 2025Updated last year
- A very simple open source implementation of Google's Project Naptimeβ185Mar 27, 2025Updated last year
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password β¦β166Apr 10, 2024Updated last year
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β60Nov 3, 2024Updated last year
- MCP Server Semgrep is a [Model Context Protocol](https://modelcontextprotocol.io) compliant server that integrates the powerful Semgrep sβ¦β25Mar 20, 2025Updated last year
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passworβ¦β41May 7, 2023Updated 2 years ago
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMsβ14Mar 8, 2026Updated 3 weeks ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"β16Apr 10, 2025Updated 11 months ago
- A collection of permissively licensed Semgrep rules.β22Jul 5, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting β’ AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- β53Feb 4, 2025Updated last year
- Markdown internal & external links validation library and CLIβ11Jul 16, 2019Updated 6 years ago
- β76Oct 18, 2025Updated 5 months ago
- β19Dec 2, 2024Updated last year
- A malicious KeePass plugin to exfiltrate the master key.β16Oct 25, 2021Updated 4 years ago
- Artifact package accompanying our POPL 2020 submission titled Provenance-Guided Synthesis of Datalog Programs.β19Jul 9, 2020Updated 5 years ago
- β14Mar 6, 2023Updated 3 years ago