564 Open source projects that are alternatives of or similar to Sast Scan

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

All-in-one tool for managing vulnerability reports from AppSec pipelines

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Curating the best DevSecOps resources and tooling.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Kogito Runtimes - Kogito is a cloud-native business automation technology for building cloud-ready business applications.

a workflow engine

A tool for component-driven application development.

The git workflow for contributing to open source repositories.

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Vue2 dataflow graph editor

Free and open fair-code licensed node based Workflow Automation Tool. Easily automate tasks across different services.

The DevSecOps toolset for REST APIs

💠 BPE: Business Process Engine

📦 Makes easy release software

Git-based version control for WordPress. Whoa!

🎯 RFI/LFI Payload List

Cuneiform distributed programming language

📓 My workflow context and own code conventions

The OWASP ZAP Heads Up Display (HUD)

Reusable workflow library for Django

PLynx is a domain agnostic platform for managing reproducible experiments and data-oriented workflows.

Identify hardcoded secrets and dangerous behaviours

Engine for Mergify

An easy and fast way to build automation and workflows on Windows, Linux, macOS, and the cloud.

A graph node engine and editor written in Javascript similar to PD or UDK Blueprints, comes with its own editor in HTML5 Canvas2D. The engine can run client side or server side using Node. It allows to export graphs as JSONs to be included in applications independently.

A repository for setting up a RNAseq workflow

A web developer workflow used by WeChat team based on Gulp, with cross-platform supported and solutions prepared.

SuiteCRM - Open source CRM for the world

🐆 EXPERIMENTAL -- Runs GitHub Actions workflows locally (local) -- Don't run your YAML like a 🐪

The continuous merge workflow

Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

Simple and reliable workflow engine, written in Ruby

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

The Secure Coding Framework

End to end functional test and automation framework

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

Alfred workflow to easily open Github repositories

🕸 Node-based Visualizations for React

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

🔐 Docker Container for Penetration Testing & Security

Add & commit files from a path directly from GitHub Actions

Schedulis is a high performance workflow task scheduling system that supports high availability and multi-tenant financial level features, Linkis computing middleware, and has been integrated into data application development portal DataSphere Studio

[Deprecated, use flor_core instead] A Rails engine which providing essential infrastructure of workflow. It's based on Workflow Nets.

Full-featured library for writing Alfred 3 & 4 workflows

The helpful and handy location for finding and sharing z/OS files, which are not included in the product.

🔱 Collection and Roadmap for everyone who wants DevSecOps.

👷 The aim of this project is to help you to build your things. From Bootstrap themes over static websites to single page applications.

Desktop Application for modeling Zeebe Workflows with BPMN

Travis CI and deployment service to build PDF from LaTeX document.

Repository of Windows Workflow Foundation Activities for UiPath Community

Node-based automation server

ContainerSSH: Launch containers on demand

Make git commit message more readable and useful.