Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+323.08%)
Reviewdog🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Stars: ✭ 4,541 (+3393.08%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+655.38%)
qodana-action⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana
Stars: ✭ 112 (-13.85%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+43.85%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (+141.54%)
ProgpilotA static analysis tool for security
Stars: ✭ 226 (+73.85%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+386.92%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (+126.92%)
FastLint-IssuesFastLint finds & fixes bugs in your commits
Stars: ✭ 123 (-5.38%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+392.31%)
FeramFeram finds & fixes bugs in your commits
Stars: ✭ 122 (-6.15%)
Cargo CrevA cryptographically verifiable code review system for the cargo (Rust) package manager.
Stars: ✭ 1,268 (+875.38%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+1066.15%)
Struts ScanPython2编写的struts2漏洞全版本检测和利用工具
Stars: ✭ 1,256 (+866.15%)
ThemisEasy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Stars: ✭ 1,232 (+847.69%)
GrepbugsA regex based source code scanner.
Stars: ✭ 118 (-9.23%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-19.23%)
All About Code ReviewThis is a curated list of resources about code reviews: articles, tools, trainings...
Stars: ✭ 80 (-38.46%)
Npgsql.fsharp.analyzerF# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.
Stars: ✭ 103 (-20.77%)
PhpinspectionseaA Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Stars: ✭ 1,211 (+831.54%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+7755.38%)
Fb Contriba FindBugs/SpotBugs plugin for doing static code analysis for java code bases
Stars: ✭ 124 (-4.62%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-11.54%)
ReviewbotA tool for running automated static analysis on code posted to a Review Board instance.
Stars: ✭ 99 (-23.85%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-44.62%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-33.08%)
PhpstanPHP Static Analysis Tool - discover bugs in your code without running it!
Stars: ✭ 10,534 (+8003.08%)
CodechartaCodeCharta visualizes multiple code metrics using 3D tree maps.
Stars: ✭ 85 (-34.62%)
AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (-38.46%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+1693.85%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+8720%)
AngelswordPython3编写的CMS漏洞检测框架
Stars: ✭ 1,223 (+840.77%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-20.77%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-39.23%)
XssconXSSCon: Simple XSS Scanner tool
Stars: ✭ 118 (-9.23%)
PfunFunctional, composable, asynchronous, type-safe Python.
Stars: ✭ 75 (-42.31%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-20.77%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-44.62%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (-1.54%)
Git Autofixupcreate fixup commits for topic branches
Stars: ✭ 63 (-51.54%)
ReviewboardAn extensible and friendly code review tool for projects and companies of all sizes.
Stars: ✭ 1,334 (+926.15%)
Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+7061.54%)
NsdepcopNsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.
Stars: ✭ 114 (-12.31%)
UnimportA linter, formatter for finding and removing unused import statements.
Stars: ✭ 96 (-26.15%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+6703.08%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+6883.08%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+6928.46%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-12.31%)
Violations LibJava library for parsing report files from static code analysis.
Stars: ✭ 94 (-27.69%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+767.69%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (-52.31%)