snyk-labs / snyncLinks
Mitigate security concerns of Dependency Confusion supply chain security risks
☆47Updated 2 years ago
Alternatives and similar repositories for snync
Users that are interested in snync are comparing it to the libraries listed below
Sorting:
- Dependency Combobulator☆93Updated last year
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 3 years ago
- Scan DockerHub images that match a keyword to find secrets.☆59Updated 4 years ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 6 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated last month
- Manager of third-party sources of Semgrep rules 🗂☆87Updated 11 months ago
- A collection of my Semgrep rules☆49Updated last year
- Nuclei plugins to audit Chrome extensions☆64Updated 11 months ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 3 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆38Updated 3 years ago
- Fetch the details of assets hosted on AWS.☆89Updated last year
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆15Updated 2 weeks ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Updated last year
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆57Updated 3 weeks ago
- Let's check if your target is vulnerable for client side prototype pollution.☆65Updated last year
- boostsecurityio/lotp☆126Updated 2 months ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 2 months ago
- Salesforce object access auditor☆112Updated 2 years ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated 9 months ago
- An extension to use Semgrep inside Burp Suite.☆89Updated last month
- Slide Decks and Supporting Content of talks given for Bugcrowd☆17Updated 5 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆24Updated 3 years ago
- ☆72Updated 3 years ago
- AWS Security Checks☆39Updated 7 years ago
- Weaponizing Live CT logs for automated monitoring of assets☆134Updated 3 years ago
- Takeover AWS ips and have a working POC for Subdomain Takeover.☆91Updated 2 weeks ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆155Updated 9 months ago
- A project to visualize the software supply chain☆51Updated last year