Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-77.2%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+919.02%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-55.85%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (-62.07%)
Anchore EngineA service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
Stars: ✭ 1,192 (+45.37%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+665.98%)
clair-cicdMaking CoreOS' Clair easily work in CI/CD pipelines
Stars: ✭ 27 (-96.71%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-74.76%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-56.1%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (-51.46%)
K8s SecurityKubernetes security notes and best practices
Stars: ✭ 588 (-28.29%)
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+597.07%)
RailsgoatA vulnerable version of Rails that follows the OWASP Top 10
Stars: ✭ 699 (-14.76%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (-9.15%)
HadolintDockerfile linter, validate inline bash, written in Haskell
Stars: ✭ 6,284 (+666.34%)
Modern Cpp TemplateA template for modern C++ projects using CMake, Clang-Format, CI, unit testing and more, with support for downstream inclusion.
Stars: ✭ 690 (-15.85%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (-32.2%)
ShellcheckShellCheck, a static analysis tool for shell scripts
Stars: ✭ 27,211 (+3218.41%)
Lazy importerlibrary for importing functions from dlls in a hidden, reverse engineer unfriendly way
Stars: ✭ 544 (-33.66%)
JediAwesome autocompletion, static analysis and refactoring library for python
Stars: ✭ 5,037 (+514.27%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-5.49%)
SonarqubeContinuous Inspection
Stars: ✭ 6,365 (+676.22%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-37.93%)
PhasarA LLVM-based static analysis framework.
Stars: ✭ 503 (-38.66%)
Rubocop RspecCode style checking for RSpec files
Stars: ✭ 603 (-26.46%)
CheckstyleCheckstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Stars: ✭ 6,481 (+690.37%)
CrosshairAn analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (-28.54%)
Oss FuzzOSS-Fuzz - continuous fuzzing for open source software.
Stars: ✭ 6,937 (+745.98%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+533.41%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (-15.12%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (-30.61%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-2.93%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (-32.93%)
Esp32 esp8266 attacksProof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
Stars: ✭ 686 (-16.34%)
Pep8speaksA GitHub app to automatically review Python code style over Pull Requests
Stars: ✭ 546 (-33.41%)
BinexpLinux Binary Exploitation
Stars: ✭ 742 (-9.51%)
SvfStatic Value-Flow Analysis Framework for Source Code
Stars: ✭ 540 (-34.15%)
Exploit WriteupsA collection where my current and future writeups for exploits/CTF will go
Stars: ✭ 676 (-17.56%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (-37.44%)
Awesome Go LintersA curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (-2.32%)
Error ProneCatch common Java mistakes as compile-time errors
Stars: ✭ 5,799 (+607.2%)
Githack.git 泄漏利用工具,可还原历史版本
Stars: ✭ 501 (-38.9%)
DawnscannerDawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Stars: ✭ 642 (-21.71%)
PhpatPHP Architecture Tester - Easy to use architectural testing tool for PHP ✔️
Stars: ✭ 489 (-40.37%)
ElsaEmacs Lisp Static Analyzer
Stars: ✭ 485 (-40.85%)
Kernelpopkernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (-23.41%)
ClusterfuzzScalable fuzzing infrastructure.
Stars: ✭ 4,648 (+466.83%)
SarkIDAPython Made Easy
Stars: ✭ 477 (-41.83%)
SonartsStatic code analyzer for TypeScript
Stars: ✭ 776 (-5.37%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (-23.54%)
MalwaresourcecodeCollection of malware source code for a variety of platforms in an array of different programming languages.
Stars: ✭ 8,666 (+956.83%)
ApklabAndroid Reverse-Engineering Workbench for VS Code
Stars: ✭ 470 (-42.68%)
AndromedaAndromeda - Interactive Reverse Engineering Tool for Android Applications
Stars: ✭ 627 (-23.54%)
Dogma🔐 A code style linter for Elixir
Stars: ✭ 472 (-42.44%)
FlowdroidFlowDroid Static Data Flow Tracker
Stars: ✭ 471 (-42.56%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (-12.44%)