oxsecurity / codetotalLinks
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
β79Updated last year
Alternatives and similar repositories for codetotal
Users that are interested in codetotal are comparing it to the libraries listed below
Sorting:
- FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.β60Updated 6 months ago
- π Visualize and explore IaC βοΈ Create and share notes in VS Code π€ Sync notes and findings in real-time with friendsβ73Updated last year
- β114Updated 2 years ago
- Scan your account for the use of untrusted AMIsβ30Updated this week
- Dependency Combobulatorβ94Updated last year
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β121Updated 2 years ago
- β39Updated last year
- Manager of third-party sources of Semgrep rules πβ90Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ106Updated 10 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and versβ¦β131Updated 2 weeks ago
- β60Updated 2 years ago
- Kubernetes Pwnage for allβ56Updated 5 years ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by useβ¦β73Updated 2 years ago
- Pentester-focused Docker registry tool to enumerate and pull imagesβ37Updated last month
- Virtual environment for learning DevSecOpsβ38Updated 8 years ago
- Blogpost series showcasing interesting cloud - web app security bugsβ50Updated 2 years ago
- boostsecurityio/lotpβ139Updated last month
- β12Updated 4 years ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.β47Updated this week
- A Terraform reproducer for IngressNightmareβ25Updated 8 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated last year
- Discover vulnerabilities and container image misconfiguration in production environments.β56Updated last week
- πA cutting edge context aware GraphQL API fuzzing tool!β155Updated this week
- WAF bypass PoCβ49Updated 2 years ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β137Updated last year
- β141Updated this week
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Updated 3 years ago
- GCP GOAT is the vulnerable application for learn the GCP Securityβ69Updated 6 months ago
- Secrets scanner that understands codeβ191Updated 2 years ago
- β103Updated 3 weeks ago