mllamazares / vulncov
๐งช Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
โ38Updated 2 months ago
Alternatives and similar repositories for vulncov:
Users that are interested in vulncov are comparing it to the libraries listed below
- Security tool against dependency typosquatting attacksโ39Updated last week
- Protect against subdomain takeoverโ92Updated 8 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsโ45Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.โ40Updated last year
- Semgrep-based Policy Controller for Kubernetesโ46Updated this week
- truffleproc โ hunt secrets in process memory (TruffleHog & gdb mashup)โ113Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.โ35Updated last month
- A tool to uncover undocumented APIs from the AWS Console.โ95Updated 3 months ago
- A tool for preventing the installation of malicious PyPI and npm packagesโ124Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsโ82Updated last week
- boostsecurityio/lotpโ112Updated this week
- โ109Updated last year
- ๐๏ธ STRIDE vs. ASVS equivalence tableโ75Updated 5 months ago
- HashiCorp-relevant rules for the Semgrep code analysis toolโ39Updated last year
- โ32Updated 6 months ago
- Manager of third-party sources of Semgrep rules ๐โ78Updated 6 months ago
- LLM Testing Findings Templatesโ66Updated last year
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIsโ72Updated 11 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsโ60Updated last year
- โ47Updated 3 months ago
- โ62Updated 3 weeks ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. โฆโ61Updated 7 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsโ101Updated 2 weeks ago
- Build a CVE library with aggregated CISA, EPSS and CVSS dataโ27Updated last year
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)โ46Updated last month
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.โ62Updated 3 weeks ago
- Clean accounts over permissions in GCP infra at scaleโ71Updated last year
- Nuclei plugins to audit Chrome extensionsโ63Updated 7 months ago
- Create notes during a security code review in VSCode ๐ Import your favorite SAST tool findings ๐ ๏ธ and collaborate with others ๐คโ132Updated last year