tcosolutions / betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
☆818Updated this week
Related projects ⓘ
Alternatives and complementary repositories for betterscan
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆808Updated last year
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,019Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆515Updated this week
- Semgrep rules registry☆809Updated this week
- Peirates - Kubernetes Penetration Testing tool☆1,243Updated last month
- GitHub Actions Pipeline Enumeration and Attack Tool☆570Updated 3 months ago
- Tool for building Kubernetes attack paths☆775Updated this week
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆457Updated last year
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆675Updated last year
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆516Updated 2 years ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆775Updated last week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆583Updated this week
- secureCodeBox (SCB) - continuous secure delivery out of the box☆784Updated this week
- A comprehensive list of software composition analysis tools.☆127Updated 5 months ago
- ☆400Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆861Updated this week
- OXO is a security scanning orchestrator for the modern age.☆528Updated last week
- Automating situational awareness for cloud penetration tests.☆1,955Updated last month
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆928Updated 3 months ago
- Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.☆1,046Updated 9 months ago
- Open Source Package Analysis☆733Updated 2 weeks ago
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,047Updated this week
- Awesome cloud enumerator☆894Updated 3 months ago
- An open source threat modeling tool from OWASP☆933Updated last week
- Twitter vulnerable snippets☆942Updated 3 weeks ago
- Attack surface detector that identifies endpoints by static analysis☆607Updated this week
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆274Updated 7 months ago
- An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses☆1,559Updated last month
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆489Updated 3 weeks ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆701Updated 3 months ago