8 مستودعات
Analyzing source code for security vulnerabilities and coding flaws without executing the program.
Distinct from Source Code Analysis: Candidates are focused on educational analysis, web extraction, or code protection.
Explore 8 awesome GitHub repositories matching security & cryptography · Static Analysis Security Testing. Refine with filters or upvote what's useful.
Secguide is an API security hardening framework and a comprehensive knowledge base of secure coding guidelines. It provides a multi-language security standard and a set of static analysis rules designed to identify security flaws and protect application programming interfaces from common exploits. The project functions as a reference library of security patterns and remediation guides, maintaining consistent security requirements across various programming languages. It utilizes rule-based pattern matching and a static analysis pipeline to detect dangerous API calls and vulnerabilities within
Analyzes source code without execution to find potential security flaws during the development or build process.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Analyzes Go source code to identify potential security vulnerabilities and common coding flaws through static analysis.
Checkov is a static analysis tool and security scanner designed to identify misconfigurations in infrastructure as code, container images, and Kubernetes configurations. It functions as a cloud security posture tool, an SCA vulnerability scanner, and a secret scanning utility to prevent security breaches and version control leaks. The project distinguishes itself through deep graph analysis and variable resolution, allowing it to map relationships between interconnected resources and evaluate the final state of infrastructure attributes. It provides extensibility for defining custom security
Analyzes source code to find security vulnerabilities and logic flaws before deployment.
Snyk is an application security testing platform designed to identify and remediate vulnerabilities across source code, open-source dependencies, container images, and infrastructure-as-code configurations. It functions as a comprehensive security workflow automation tool, utilizing a static analysis engine and dependency graph mapping to detect security flaws and license compliance issues throughout the software development lifecycle. The platform distinguishes itself through agentic workflow orchestration and an automated remediation pipeline that generates and submits pull requests to patc
Analyzes application source code across multiple programming languages to detect security flaws and insecure coding patterns.
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
Performs static analysis on proprietary source code to detect injection flaws, secret leaks, and other security vulnerabilities.
Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co
Analyzes source code without execution to find security vulnerabilities and hard-coded secrets.
nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code for security flaws and common coding vulnerabilities. It functions as a static application security testing tool that analyzes code without executing the program. The tool operates as a security linter that can be integrated into continuous integration pipelines to block insecure code from merging into main branches. It automates the auditing process through rule-based detection and pattern-based static analysis. The project provides capabilities for vulnerability alert autom
Analyzes source code for security vulnerabilities without execution to find flaws before deployment.
هذا المشروع هو مستودع تعليمي شامل مصمم لتعليم ممارسات DevOps من خلال مسارات تعلم منظمة وتمارين عملية. يركز على إتقان إدارة البنية التحتية، وتنسيق الحاويات، وإدارة النظام من خلال توفير منهج يغطي دورة الحياة الكاملة للبيئات السحابية الأصلية، من التوفير الأولي إلى الصيانة المستمرة والأمان. يتميز المستودع بتقديم نهج عملي قائم على المهام للمجالات التشغيلية المعقدة. يرشد المستخدمين خلال تنفيذ البنية التحتية ككود، وتكوين إدارة الحالة عن بُعد لتعاون الفريق، ونشر تقوية الأمان متعددة الطبقات. من خلال التأكيد على التكوين التصريحي وأتمتة سطر الأوامر، يمكن المشروع المتعلمين من بناء بيئات قابلة للتكرار ومتسقة عبر منصات سحابية متنوعة. تمتد وحدات التعلم عبر سطح تشغيلي واسع، بما في ذلك إدارة قاعدة البيانات، وخطوط أنابيب التسليم المؤتمتة، ومراقبة النظام القائمة على الملاحظة. يمكن للمستخدمين ممارسة تكوين الوصول إلى الشبكة، وإدارة حصص موارد الحاوية، وتنفيذ شبكات الخدمة، مع اكتساب الخبرة أيضاً في اختبار الأمان الثابت والديناميكي. تم تنظيم المحتوى في مسارات محددة تساعد المطورين والمهندسين على التحضير للشهادات المهنية وتحديات البنية التحتية في العالم الحقيقي.
Provides practical experience in analyzing source code for security vulnerabilities during the development phase.