🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
☆41Dec 12, 2024Updated last year
Alternatives and similar repositories for vulncov
Users that are interested in vulncov are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.☆10Apr 3, 2022Updated 4 years ago
- A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!☆24Apr 4, 2026Updated 2 weeks ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Aug 30, 2018Updated 7 years ago
- ☆72Oct 24, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆100Apr 11, 2026Updated last week
- ☆40Aug 2, 2024Updated last year
- A tool for secrets management, encryption as a service, and privileged access management☆12Jul 17, 2025Updated 9 months ago
- Fast and easy to use CLI-based file encryption program 📦☆13Oct 12, 2025Updated 6 months ago
- frida-codeshare-scripts.collection of useful FRIDA scripts.A curated list of Frida resources.纯实用frida脚本收集,脚本全网最全.不定时同步更新.☆104Mar 12, 2026Updated last month
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆22Jul 11, 2023Updated 2 years ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆88Updated this week
- The official website for The Discord Analytics for Risks & Threats Project.☆22Dec 29, 2025Updated 3 months ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆90Dec 7, 2025Updated 4 months ago
- Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).☆10Nov 11, 2020Updated 5 years ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated last year
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆55Jan 29, 2025Updated last year
- Security tool against dependency typosquatting attacks☆55Updated this week
- CTFd Theme for StormCTF (Updated a little bit for the newest version of CTFd)☆12May 19, 2019Updated 6 years ago
- @DisCo is a graph based datastore designed to minimize reverse engineering efforts.☆12Jan 21, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆11Dec 9, 2025Updated 4 months ago
- Unauthenticated enumeration of AWS IAM Roles.☆26Updated this week
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆63Jan 25, 2025Updated last year
- A very simple open source implementation of Google's Project Naptime☆186Mar 27, 2025Updated last year
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆166Apr 10, 2024Updated 2 years ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆61Nov 3, 2024Updated last year
- A collection of scripts based on libclang for extracting API information from interpreters☆25Jul 10, 2012Updated 13 years ago
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆41May 7, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Mar 8, 2026Updated last month
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated last year
- A collection of permissively licensed Semgrep rules.☆22Jul 5, 2024Updated last year
- ☆53Feb 4, 2025Updated last year
- WebSocket Penetration Testing Toolkit for Burp Suite☆29Mar 5, 2026Updated last month
- ☆14Mar 6, 2023Updated 3 years ago
- Funny Fuzzing Wordlist☆14Jun 14, 2022Updated 3 years ago