GitPlanet
All Categories → No Category → sast

Top 13 sast open source projects

Nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
✭ 1,874
CSSHTMLpythonnodejssecuritynodestatic-analysislintsecurity-scannercode-analysisdevsecopscode-reviewsastnode-securitynodejsscan
Terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
✭ 2,687
goOpen Policy AgentjavascriptshellHCLDockerfilesecuritykubernetesawsdevopssecurity-toolsterraformarchitectureinfrastructureinfrastructure-as-codedevsecopsscansiacaws-securitycloudsecuritycloud-securitysastazure-securitygcp-securityterrascansecurity-violations
Static Analysis
⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
✭ 9,310
rustMakefileawesome-liststatic-analysislinterstatic-code-analysiscode-qualityanalysisstatic-analyzerssast
Semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
✭ 5,668
javascriptpythonjavaocamlStandard MLshellstatic-analysisstatic-code-analysissastr2csemgrep
clj-holmes
A CLI SAST (Static application security testing) tool which was built with the intent of finding vulnerable Clojure code via rules that use a simple pattern language.
✭ 65
clojuresecuritysast
gha-setup-scancentral-client
GitHub Action to set up Fortify ScanCentral Client
✭ 15
typescriptjavascriptshellgithubsetupsecuritystatic-analysisapplication-securityactionappsecfortifysastgithub-actionfortify-sscfortify-on-demand
mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
✭ 140
HTMLpythonjavascriptCSSdockerdjangomalwaredjango-rest-frameworkapkmalware-analysisandroid-securitymobile-securityvirustotalandroguardapk-analysissastcode-securitydefect-dojomobile-audit
dr checker 4 linux
Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel
✭ 34
MakefileC++CMakepythonkernelkernel-modulellvmkernel-drivervulnerability-detectionvulnerability-scannerssast
intercept
INTERCEPT / Policy as Code Static Analysis Auditing / SAST
✭ 54
goMakefilesecurityauditingscannerstatic-analysisauditpolicycompliancepolicy-evaluationenforcementpolicy-enginedevsecopspolicy-monitoringsastpolicy-as-code
horusec-engine
Horusec analysis engine
✭ 18
goMakefileclisecuritycicdterraformnetcorehacktoberfestsastsecurity-development
DockerENT
The only open-source tool to analyze vulnerabilities and configuration issues with running docker container(s) and docker networks.
✭ 124
pythonHTMLdockerhacktoberfestsasthacktoberfest2020docker-sastruntime-security-testing
cd
CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
✭ 33
shellnodejshackingxsspenetration-testingvulnerability-scannersastdast
astam-correlator
Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
✭ 22
javajavascriptC#CSSrubyPHPsecurityvulnerabilitypentestingsastdastvulnerability-consolidation
1-13 of 13 sast projects