8 مستودعات
Categorizes and prioritizes security findings based on risk level and status.
Distinguishing note: Focuses on the management and prioritization of security findings.
Explore 8 awesome GitHub repositories matching security & cryptography · Finding Classification. Refine with filters or upvote what's useful.
Trufflehog is a security tool designed to continuously monitor code repositories and cloud environments to detect, verify, and remediate exposed sensitive credentials and API keys. It functions as a comprehensive secret scanning engine that integrates directly into deployment pipelines and version control systems to intercept sensitive data before it is committed or pushed. By utilizing read-only operations and volatile memory processing, the system ensures that discovered credentials are never stored persistently, maintaining strict data privacy throughout the scanning lifecycle. The platfor
Categorizes security findings by type and status to prioritize remediation efforts.
This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma
Ranks and prioritizes security findings based on business risk and impact analysis.
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan
Centralizes results from multiple scanning tools into a single interface for scoring and triage.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Associates detected security issues with CWE identifiers for standardized vulnerability descriptions.
Assigns impact levels and confidence scores to findings for color-coded prioritization.
Naabu is a port scanner library and tool that probes hosts for open ports using SYN, CONNECT, and UDP methods to identify active services. It functions as a Go library for embedding port scanning into programs, and as a standalone tool that accepts targets as hostnames, IP addresses, CIDR ranges, or ASN numbers. The tool discovers live hosts before scanning, filters ports by range or top lists, and can integrate with Nmap for service version detection. The project distinguishes itself through its SYN-based port probing approach that sends TCP SYN packets and analyzes responses without complet
Filters misconfiguration results by specific finding types like dangling DNS or origin IP exposure.
This project is a suite of automated tools and an LLM code review framework designed for design auditing, security scanning, and AI-driven code analysis. It functions as a developer workflow orchestrator that uses static analysis agents and agent-based workflows to automate pull request analysis and security audits. The system employs a dual-loop agent architecture to coordinate primary analysis and secondary verification, reducing false positives. It distinguishes itself through the use of browser automation to perform live UI component testing and verify frontend changes against accessibili
Categorizes and prioritizes security vulnerabilities and bugs by risk level to guide remediation.
This project is a specialized instruction set for AI coding agents designed to perform structured, language-specific code reviews. It functions as an automated tool that evaluates source code against predefined checklists to identify security, performance, and architectural inconsistencies across diverse technology stacks. The system distinguishes itself by employing a multi-phase analysis pipeline that moves from high-level architectural assessments to granular, line-by-line inspections. It utilizes a severity-based taxonomy to categorize findings, clearly separating blocking security issues
Labels review findings by impact level to distinguish between critical blocking issues and minor suggestions.