shivamsaraswat / SeCoRA
Secure Code Review AI Agent (SeCoRA) - AI SAST
☆48Updated last month
Alternatives and similar repositories for SeCoRA:
Users that are interested in SeCoRA are comparing it to the libraries listed below
- Nuclei plugins to audit Chrome extensions☆64Updated 8 months ago
- Identify hardcoded secrets in static structured text (version 2)☆90Updated last month
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆72Updated last year
- A tool to uncover undocumented APIs from the AWS Console.☆99Updated 4 months ago
- AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.☆69Updated last month
- Burp Suite extension for testing Passkey systems.☆65Updated last month
- A web CTF for training developers in bug hunting and secure coding!☆97Updated 2 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆104Updated 4 months ago
- A collection of Turbo Intruder scripts.☆54Updated last month
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated 2 weeks ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆138Updated 2 months ago
- A research project to add some brrrrrr to Burp☆139Updated last month
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆161Updated last year
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆134Updated 3 weeks ago
- A Powerful Network Reconnaissance Tool for Security Professionals☆100Updated 2 months ago
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆220Updated last month
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket☆73Updated last month
- Additional active scan checks for BURP☆26Updated 5 months ago
- Autonomous AI C2☆30Updated 8 months ago
- ☆21Updated 3 weeks ago
- Security tool against dependency typosquatting attacks☆39Updated this week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 3 months ago
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.☆213Updated 6 months ago
- Protect against subdomain takeover☆93Updated 10 months ago
- Web Server Vulnerability Scanning Tool☆30Updated 2 weeks ago
- ☆164Updated 6 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆36Updated 6 months ago
- A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network c…☆37Updated last month
- Hijack a slack bot to phish your way in☆55Updated 3 months ago
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated 3 months ago