tcosolutions / betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
☆856Updated 2 weeks ago
Alternatives and similar repositories for betterscan:
Users that are interested in betterscan are comparing it to the libraries listed below
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆836Updated last year
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,080Updated this week
- Open Source Package Analysis☆823Updated 2 weeks ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆557Updated last week
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆515Updated last month
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆798Updated this week
- Attack surface detector that identifies endpoints by static analysis☆677Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆880Updated this week
- Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.☆1,119Updated last year
- Vulnerable app with examples showing how to not use secrets☆1,292Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆659Updated this week
- Automating situational awareness for cloud penetration tests.☆2,059Updated 2 weeks ago
- Open source vulnerability DB and triage service.☆1,788Updated this week
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆528Updated 2 years ago
- ☆406Updated 2 years ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆608Updated this week
- OXO is a security scanning orchestrator for the modern age.☆548Updated this week
- An open source threat modeling tool from OWASP☆1,055Updated this week
- VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, i…☆478Updated this week
- ☆521Updated 2 weeks ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆972Updated 4 months ago
- Peirates - Kubernetes Penetration Testing tool☆1,298Updated 2 weeks ago
- Tool for building Kubernetes attack paths☆837Updated last week
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆687Updated last year
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆566Updated this week
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆470Updated last year
- A comprehensive list of software composition analysis tools.☆141Updated 9 months ago
- PeTeReport is an open-source application vulnerability reporting tool.☆495Updated 9 months ago
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆381Updated 5 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆919Updated this week