mllamazares / vulncov
π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
β39Updated 4 months ago
Alternatives and similar repositories for vulncov:
Users that are interested in vulncov are comparing it to the libraries listed below
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β40Updated last year
- Nuclei plugins to audit Chrome extensionsβ64Updated 8 months ago
- Manager of third-party sources of Semgrep rules πβ81Updated 8 months ago
- Semgrep-based Policy Controller for Kubernetesβ47Updated last week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ68Updated last month
- A tool for preventing the installation of malicious PyPI and npm packagesβ133Updated this week
- boostsecurityio/lotpβ121Updated this week
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.β35Updated 3 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β132Updated last week
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ103Updated 2 months ago
- β110Updated last year
- Unauthenticated enumeration of AWS IAM Roles.β23Updated 3 months ago
- Protect against subdomain takeoverβ93Updated 10 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIsβ72Updated last year
- β60Updated 2 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS dataβ27Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ217Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ39Updated last year
- β69Updated 2 months ago
- LLM Testing Findings Templatesβ70Updated last year
- β165Updated 7 months ago
- ποΈ STRIDE vs. ASVS equivalence tableβ76Updated 7 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ114Updated last month
- Security tool against dependency typosquatting attacksβ39Updated this week
- β17Updated 2 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β46Updated 7 months ago
- A tool to uncover undocumented APIs from the AWS Console.β101Updated 4 months ago
- β57Updated last year
- Fork Threat Modeling Platform - Communityβ18Updated 3 weeks ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsβ91Updated this week