trailofbits / vendetectLinks
A tool to automatically detect copy+pasted and vendored code between repositories
☆70Updated last month
Alternatives and similar repositories for vendetect
Users that are interested in vendetect are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆121Updated last month
- Data about all known supply-chain attacks through history☆60Updated 4 months ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆41Updated 10 months ago
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced stru…☆81Updated last week
- Security tool against dependency typosquatting attacks☆54Updated this week
- Automated vulnerability discovery and annotation☆67Updated last year
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆42Updated 2 months ago
- 💅🏽 analyzes your github actions☆95Updated last month
- Trail of Bits Testing Handbook☆82Updated this week
- Semgrep-based Policy Controller for Kubernetes☆47Updated 6 months ago
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆53Updated 8 months ago
- ☆84Updated this week
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated last month
- ☆73Updated this week
- eBPF Memory Dump Tool☆87Updated last month
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆52Updated 11 months ago
- Unauthenticated enumeration of AWS IAM Roles.☆25Updated last month
- An OpenAI API Compatible Honeypot Gateway☆16Updated 7 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆133Updated 4 months ago
- Tool for obfuscating and deobfuscating data.☆73Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆127Updated 8 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆72Updated 2 weeks ago
- ☆50Updated 11 months ago
- A simple touchID prompt'er for use in shell scripts.☆99Updated last year
- ☆39Updated last year
- Performing secure code review with LLMs (and vibe coding IDEs)☆28Updated 2 months ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆94Updated this week
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated last year
- A web CTF for training developers in bug hunting and secure coding!☆100Updated 9 months ago
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…☆102Updated this week