47 results found Sort:
- Filter by Primary Language:
- Python (12)
- Go (6)
- Java (4)
- JavaScript (4)
- Shell (3)
- Rust (2)
- Makefile (1)
- OCaml (1)
- Perl (1)
- Ruby (1)
- C++ (1)
- TypeScript (1)
- Clojure (1)
- CSS (1)
- HCL (1)
- HTML (1)
- Kotlin (1)
- +
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Created
2015-12-18
8,894 commits to master branch, last one a day ago
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Created
2019-12-13
7,365 commits to develop branch, last one 20 hours ago
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Created
2017-09-11
1,654 commits to master branch, last one 2 months ago
nodejsscan is a static security code scanner for Node.js applications.
Created
2015-02-27
514 commits to master branch, last one 8 months ago
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Created
2022-09-27
1,237 commits to main branch, last one a day ago
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
Created
2021-12-13
71 commits to main branch, last one 6 months ago
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Created
2020-09-08
705 commits to main branch, last one 9 months ago
IDEA静态代码安全审计及漏洞一键修复插件
Created
2020-10-09
64 commits to 2018.3 branch, last one 2 years ago
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Created
2020-03-23
378 commits to master branch, last one 9 months ago
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Created
2022-01-31
414 commits to main branch, last one 2 days ago
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers,...
Created
2023-01-10
100 commits to main branch, last one 11 months ago
基于pytorch的ocr算法库,包括 psenet, pan, dbnet, sast , crnn
Created
2020-09-04
81 commits to version2 branch, last one 3 years ago
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to im...
Created
2019-11-12
163 commits to master branch, last one 3 years ago
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Created
2020-04-15
205 commits to master branch, last one about a month ago
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
Created
2022-03-23
73 commits to main branch, last one 4 months ago
《深入理解SAST静态应用安全测试》Static Application Security Testing.
Created
2022-01-17
57 commits to main branch, last one about a month ago
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Created
2018-04-29
256 commits to master branch, last one 3 years ago
SecHub provides a central API to test software with different security tools.
Created
2019-07-22
4,217 commits to develop branch, last one 2 days ago
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Created
2022-12-26
165 commits to main branch, last one 4 days ago
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
Created
2020-03-26
356 commits to master branch, last one 11 days ago
Corax for Java: A general static analysis framework for java code checking.
Created
2023-08-29
49 commits to main branch, last one about a month ago
Django application that performs SAST and Malware Analysis for Android APKs
Created
2020-11-21
163 commits to main branch, last one 10 days ago
A source code static analysis platform for AppSec enthusiasts.
Created
2023-01-06
379 commits to main branch, last one about a month ago
鹏 RocB - Java代码审计IDEA插件 SAST
Created
2021-08-28
27 commits to main branch, last one 2 years ago
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
Created
2023-12-03
103 commits to main branch, last one 2 months ago
The only open-source tool to analyze vulnerabilities and configuration issues with running docker container(s) and docker networks.
Created
2020-06-18
102 commits to master branch, last one 2 years ago
Generic SAST Library
Created
2020-04-09
223 commits to master branch, last one 9 months ago
A CLI SAST (Static application security testing) tool which was built with the intent of finding vulnerable Clojure code via rules that use a simple pattern language.
Created
2021-09-25
111 commits to main branch, last one about a year ago
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
Created
2023-03-30
48 commits to main branch, last one 5 months ago
Ready to use docker image for CodeQL
Created
2021-03-02
2 commits to main branch, last one 4 months ago