QuliceQuality Police for Java projects
Stars: ✭ 250 (-31.88%)
trivy-vulnerability-explorerWeb application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
Stars: ✭ 63 (-82.83%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (-31.88%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-95.91%)
Phpstan PhpunitPHPUnit extensions and rules for PHPStan
Stars: ✭ 247 (-32.7%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+731.34%)
kleverRead-only mirror of the Klever Git repository
Stars: ✭ 18 (-95.1%)
dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+97%)
sturdySturdy is a library for developing sound static analyses in Haskell.
Stars: ✭ 49 (-86.65%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (-34.06%)
UTBotCppTool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage
Stars: ✭ 59 (-83.92%)
RecafThe modern Java bytecode editor
Stars: ✭ 3,374 (+819.35%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-61.31%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+245.23%)
Inline syscallInline syscalls made easy for windows on clang
Stars: ✭ 232 (-36.78%)
Revive🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+755.31%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (-5.72%)
Php ParserA PHP parser written in PHP
Stars: ✭ 15,101 (+4014.71%)
CheckA set of utilities for checking Go sources. This repository has migrated to https://gitlab.com/opennota/check
Stars: ✭ 225 (-38.69%)
subpyPython subsets
Stars: ✭ 41 (-88.83%)
NTPDoserNTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting
Stars: ✭ 96 (-73.84%)
report-ngGenerate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
Stars: ✭ 62 (-83.11%)
Codeql GoThe CodeQL extractor and libraries for Go.
Stars: ✭ 224 (-38.96%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-41.14%)
D ScannerSwiss-army knife for D source code
Stars: ✭ 221 (-39.78%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (-39.78%)
gospalGo static program analyser
Stars: ✭ 56 (-84.74%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (-56.13%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+886.92%)
SPDSEfficient and Precise Pointer-Tracking Data-Flow Framework
Stars: ✭ 38 (-89.65%)
BoltBolt is a language with in-built data-race freedom!
Stars: ✭ 215 (-41.42%)
LibscoutLibScout: Third-party library detector for Java/Android apps
Stars: ✭ 217 (-40.87%)
aparoidStatic and dynamic Android application security analysis
Stars: ✭ 62 (-83.11%)
TextThingRetro Text Editor is a simple text file editor.
Stars: ✭ 28 (-92.37%)
Forbidden ApisPoliceman's Forbidden API Checker
Stars: ✭ 216 (-41.14%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (-83.38%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-43.6%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-1.36%)
vulndb-data-mirrorA simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (-90.19%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+600%)
SyftCLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (-46.59%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-65.4%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (-46.59%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (-46.59%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (-85.56%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-91.83%)
luliA static analysis and linter tool for Lua
Stars: ✭ 45 (-87.74%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+873.3%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (-48.23%)
lint-checksA set of opinionated and useful lint checks
Stars: ✭ 61 (-83.38%)