oxsecurity / codetotalLinks
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
☆78Updated last year
Alternatives and similar repositories for codetotal
Users that are interested in codetotal are comparing it to the libraries listed below
Sorting:
- ☆112Updated 2 years ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆119Updated 2 years ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆74Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆40Updated 8 months ago
- FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.☆57Updated 3 months ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- Dependency Combobulator☆93Updated last year
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆147Updated this week
- Scan DockerHub images that match a keyword to find secrets.☆60Updated 4 years ago
- Scan your account for the use of untrusted AMIs☆28Updated last week
- Pentester-focused Docker registry tool to enumerate and pull images☆33Updated last month
- Kubernetes Pwnage for all☆57Updated 4 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆134Updated 5 months ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆42Updated this week
- Secrets scanner that understands code☆188Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆125Updated 6 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 7 months ago
- ☆17Updated 3 years ago
- ☆116Updated 2 years ago
- boostsecurityio/lotp☆132Updated 4 months ago
- WAF bypass PoC☆48Updated last year
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- InfoSec OpenAI Examples☆19Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 11 months ago
- Find CVE PoCs on GitHub☆151Updated last month
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆129Updated 3 weeks ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 3 years ago
- ☆39Updated last year
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago