trailofbits / vendetectLinks
A tool to automatically detect copy+pasted and vendored code between repositories
☆74Updated 2 weeks ago
Alternatives and similar repositories for vendetect
Users that are interested in vendetect are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆126Updated last month
- Automated vulnerability discovery and annotation☆67Updated last year
- Data about all known supply-chain attacks through history☆63Updated 7 months ago
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced stru…☆90Updated this week
- Security tool against dependency typosquatting attacks☆54Updated this week
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆75Updated 2 years ago
- Multi-agent system (MAS) hijacking demos☆39Updated last week
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆41Updated last month
- An OpenAI API Compatible Honeypot Gateway☆17Updated 9 months ago
- eBPF Memory Dump Tool☆97Updated 4 months ago
- Golem automates C/C++ vulnerability discovery with SemGrep+LLVM+LLM☆95Updated 6 months ago
- 💅🏽 analyzes your github actions☆97Updated last week
- ☆71Updated 2 months ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆69Updated 4 months ago
- macOS persistence mechanism scanner with code signature verification and timeline tracking.☆188Updated 3 weeks ago
- Post-Quantum Cryptography Scanner - Scan SSH/TLS servers for PQC support☆103Updated 2 months ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Updated last year
- An interactive CLI application for interacting with authenticated Jupyter instances.☆55Updated 8 months ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆74Updated 9 months ago
- Unauthenticated enumeration of AWS IAM Roles.☆26Updated 4 months ago
- ☆86Updated last week
- Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.☆88Updated last month
- Performing secure code review with LLMs (and vibe coding IDEs)☆35Updated 5 months ago
- Trail of Bits Testing Handbook - appsec.guide☆89Updated this week
- A very simple open source implementation of Google's Project Naptime☆181Updated 9 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆134Updated 7 months ago
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆93Updated 3 months ago
- SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results☆43Updated 2 weeks ago
- A command line tool for extracting machine learning ready data from software binaries powered by Radare2☆73Updated 8 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆81Updated last week