Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
Updated
Jun 12, 2024 - Go
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
SecHub provides a central API to test software with different security tools.
⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. With repository stars⭐ and forks🍴
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
Integrate static security testing with HCL AppScan on Cloud using GitHub Actions
Corax for Java: A general static analysis framework for java code checking.
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
A static analyzer to scan JavaScript code for problematic regular expressions.
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.
Real world test cases to evaluate static analyser efficacy
🐚 GitHub Action for running ShellCheck differentially
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
OpenScanHub is a service for static and dynamic analysis.
CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potential issues.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Precaution CLI
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."