trailofbits / deptectiveLinks
Deptective automatically determines the native dependencies required to run any arbitrary program or command.
☆126Updated last month
Alternatives and similar repositories for deptective
Users that are interested in deptective are comparing it to the libraries listed below
Sorting:
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced stru…☆90Updated this week
- Security tool against dependency typosquatting attacks☆54Updated this week
- Unauthenticated enumeration of AWS IAM Roles.☆26Updated 4 months ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Updated last year
- A tool to automatically detect copy+pasted and vendored code between repositories☆74Updated 2 weeks ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆74Updated 9 months ago
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆93Updated 3 months ago
- Post-Quantum Cryptography Scanner - Scan SSH/TLS servers for PQC support☆103Updated 2 months ago
- ☆75Updated 2 months ago
- An OpenAI API Compatible Honeypot Gateway☆17Updated 9 months ago
- 💅🏽 analyzes your github actions☆97Updated last week
- Semgrep-based Policy Controller for Kubernetes☆47Updated 9 months ago
- MCP security wrapper☆207Updated last month
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated last week
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆75Updated 2 years ago
- Automated vulnerability discovery and annotation☆67Updated last year
- ☆86Updated last week
- Tool for obfuscating and deobfuscating data.☆75Updated last year
- Pentester-focused Docker registry tool to enumerate and pull images☆36Updated 2 months ago
- Data about all known supply-chain attacks through history☆63Updated 7 months ago
- A simple touchID prompt'er for use in shell scripts.☆99Updated last year
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆158Updated last year
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆69Updated 4 months ago
- Trail of Bits Testing Handbook - appsec.guide☆89Updated this week
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆180Updated last year
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…☆70Updated last month
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆37Updated 2 years ago
- CLI tool for searching logs and unstructured content in Amazon S3 buckets☆212Updated 6 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆114Updated this week
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆134Updated 7 months ago