oxsecurity / codetotalLinks
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
โ78Updated 10 months ago
Alternatives and similar repositories for codetotal
Users that are interested in codetotal are comparing it to the libraries listed below
Sorting:
- FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.โ52Updated last month
- ๐งช Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.โ39Updated 6 months ago
- ๐ Visualize and explore IaC โ๏ธ Create and share notes in VS Code ๐ค Sync notes and findings in real-time with friendsโ73Updated last year
- Manager of third-party sources of Semgrep rules ๐โ87Updated 11 months ago
- โ111Updated 2 years ago
- Nuclei plugins to audit Chrome extensionsโ65Updated 11 months ago
- Dependency Combobulatorโ93Updated last year
- boostsecurityio/lotpโ127Updated 2 months ago
- An extension to use Semgrep inside Burp Suite.โ89Updated last month
- โ36Updated 11 months ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chainโ96Updated 4 months ago
- DefectDojo Community Contentโ18Updated last month
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).โ28Updated 4 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsโ105Updated 5 months ago
- Damn Vulnerable SCA Applicationโ38Updated 3 weeks ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilitiesโ27Updated 3 months ago
- WAF bypass PoCโ48Updated last year
- A collection of my Semgrep rulesโ49Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. โฆโ65Updated last week
- truffleproc โ hunt secrets in process memory (TruffleHog & gdb mashup)โ119Updated last year
- Semgrep-based Policy Controller for Kubernetesโ47Updated 3 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.โ23Updated 3 years ago
- โ17Updated 3 years ago
- Create notes during a security code review in VSCode ๐ Import your favorite SAST tool findings ๐ ๏ธ and collaborate with others ๐คโ133Updated 3 months ago
- Efficient DevSecOpsโ47Updated last week
- Burp Suite extension for testing Passkey systems.โ70Updated 3 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratioโ122Updated 4 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.โ21Updated 3 months ago
- โ12Updated 3 months ago
- Awesome resources about Security in Kubernetesโ43Updated 2 years ago