Stars
Open source projects and tools for managing and securing open source
🔎 Static code analysis engine to find security issues in code.
Every practical and proposed defense against prompt injection.
🌟 Open-source, visual programming for developers. Includes a VS Code extension, integrates with existing TypeScript code, browser and Node.js.
🧵 CLI tool for directly patching container images!
AexPy /eikspai/ is Api EXplorer in PYthon for detecting API breaking changes in Python packages.
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
Collection of tools for analyzing open source packages.
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysi…
CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
Semgrep queries developed by Trail of Bits.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …
A nvim plugin Powered by GPT4ALL for Real-time Code Explanation and Vulnerability Detection (no internet necessary)
GPT4All: Run Local LLMs on Any Device. Open-source and available for commercial use.
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Canarytokens helps track activity and actions on your network.
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…