Alternatives and similar repositories for npm-manifest-check:

Users that are interested in npm-manifest-check are comparing it to the libraries listed below

• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆82Updated last week
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆63Updated 2 months ago
• csdev / ezghsa
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Updated last month
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆39Updated last year
• mchaffe / cloudprefixes
  Recon tool to query cloud prefixes for services associated with an IP address
  ☆24Updated 4 months ago
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆39Updated last week
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆119Updated last month
• Checkmarx / 2ms
  Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
  ☆87Updated this week
• DataDog / undocumented-aws-api-hunter
  A tool to uncover undocumented APIs from the AWS Console.
  ☆95Updated 3 months ago
• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆106Updated last year
• adanalvarez / HoneyTrail
  Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…
  ☆48Updated 3 months ago
• singe / tidcli
  A simple touchID prompt'er for use in shell scripts.
  ☆96Updated 8 months ago
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆124Updated this week
• Permiso-io-tools / LogLicker
  Tool for obfuscating and deobfuscating data.
  ☆67Updated 11 months ago
• RichardoC / gitlab-secrets
  This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…
  ☆45Updated 6 months ago
• Hacking-the-Cloud / htc-ctfs
  Holds the public Hacking the Cloud CTFs.
  ☆54Updated 11 months ago
• OWASP / www-project-secure-headers
  The OWASP Secure Headers Project
  ☆147Updated this week
• OWASP / cornucopia
  The source files and tools needed to build the OWASP Cornucopia decks in various languages
  ☆57Updated this week
• kpolley / PIIDetective
  PII detection platform, leveraging human-in-the-loop AI
  ☆49Updated 2 months ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆38Updated 2 months ago
• oxsecurity / codetotal
  Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…
  ☆76Updated 6 months ago
• tenable / hidden-services-revealer
  ☆32Updated 6 months ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆35Updated 3 years ago
• talbeerysec / STS-token-decoder
  AWS STS token decoder
  ☆37Updated 6 months ago
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆46Updated this week
• red-kite-solutions / stalker
  Stalker, the Extensible Attack Surface Management tool.
  ☆81Updated this week
• cybrota / whispr
  A multi-vault secret injection tool for safely injecting secrets into app environment
  ☆116Updated 2 weeks ago
• github / cleanowners
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆124Updated this week
• kudelskisecurity / youshallnotpass
  YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.
  ☆36Updated last year