Alternatives and similar repositories for npm-manifest-check

Users that are interested in npm-manifest-check are comparing it to the libraries listed below

• Aqua-Nautilus / Dependency-Deprecated-Checker
  ☆56Updated last year
• csdev / ezghsa
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Updated last week
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆354Updated this week
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆76Updated 4 months ago
• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆107Updated 2 years ago
• Permiso-io-tools / LogLicker
  Tool for obfuscating and deobfuscating data.
  ☆75Updated last year
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆114Updated this week
• Checkmarx / 2ms
  Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
  ☆139Updated this week
• semgr8ns / semgr8s
  Semgrep-based Policy Controller for Kubernetes
  ☆47Updated 9 months ago
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆135Updated last month
• singe / tidcli
  A simple touchID prompt'er for use in shell scripts.
  ☆99Updated last year
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Updated 2 years ago
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆54Updated last week
• Hacking-the-Cloud / htc-ctfs
  Holds the public Hacking the Cloud CTFs.
  ☆63Updated last year
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆210Updated this week
• Betterment / claws
  💅🏽 analyzes your github actions
  ☆97Updated this week
• FogSecurity / yes3-scanner
  YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection
  ☆99Updated 5 months ago
• kudelskisecurity / youshallnotpass
  YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.
  ☆37Updated 2 years ago
• antitree / go-pillage-registries
  Pentester-focused Docker registry tool to enumerate and pull images
  ☆37Updated 2 months ago
• adanalvarez / HoneyTrail
  Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…
  ☆51Updated last year
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆89Updated last year
• referefref / gitdoorcheck
  Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs
  ☆73Updated last year
• r3volved / CVEAggregate
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Updated 2 years ago
• PaloAltoNetworks / github-oidc-utils
  ☆37Updated 8 months ago
• rotemreiss / MalifiScan
  A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…
  ☆70Updated last month
• Aqua-Nautilus / TrailShark
  ☆53Updated last year
• OWASP / cornucopia
  The source files and tools needed to build the OWASP Cornucopia decks in various languages
  ☆84Updated this week
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆45Updated last year
• os-scar / overlay
  Overlay is a browser extension helping developers evaluate open source packages before picking them
  ☆225Updated 6 months ago
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆59Updated 11 months ago