44 Repos
Tools for identifying bugs, vulnerabilities, and code quality issues.
Explore 44 awesome GitHub repositories matching part of an awesome list · Static Code Analysis. Refine with filters or upvote what's useful.
Git-secrets is a security utility designed to prevent the accidental exposure of sensitive credentials by integrating automated scanning directly into the version control commit lifecycle. It functions as a commit scanner that evaluates staged files and commit messages against defined security policies before changes are finalized in a repository. The tool utilizes regular expression pattern matching to identify potential secrets and supports the registration of custom patterns to address specific organizational security requirements. To manage operational friction, it includes mechanisms for
Prevents accidental commits of credentials to Git repositories.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Loads the Ladon scanner into a PowerShell session from a local file and executes its commands.
Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co
Scans code for OWASP Top 10 security and privacy risks.
nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code for security flaws and common coding vulnerabilities. It functions as a static application security testing tool that analyzes code without executing the program. The tool operates as a security linter that can be integrated into continuous integration pipelines to block insecure code from merging into main branches. It automates the auditing process through rule-based detection and pattern-based static analysis. The project provides capabilities for vulnerability alert autom
Static security scanner for Node.js applications.
.. image:: https://travis-ci.org/python-security/pyt.svg?branch=master :target: https://travis-ci.org/python-security/pyt
Static analysis for Python web application vulnerabilities.
Asset and object usage detector.
phptrace
Tracing and troubleshooting tool for PHP scripts.
WebTools.bundle is a web-based administration tool designed to extend the functionality of Plex Media Server. It functions as a plugin that provides a centralized interface for managing media server operations, including library maintenance, configuration adjustments, and the installation of community-developed extensions. The tool distinguishes itself by offering a comprehensive suite of utilities for database integrity and server customization. It enables users to verify metadata accuracy, identify missing files, and remove obsolete entries from media libraries. Additionally, it provides a
Scans project files to identify translatable strings for localization workflows.
Editor utility for unity to help check resources in the current scene (including active textures, their sizes, materials, meshes and which objects are using them)
Resource usage checker for scenes.
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
IDE and CLI linting for security best practices.
Lint an npm or yarn lockfile to analyze and detect security issues
Lints lockfiles to prevent malicious package injection.
phpvulhunter是一款PHP源码自动化审计工具,通过这个工具,可以对一些开源CMS进行自动化的代码审计,并生成漏洞报告。 ##安装 首先从github上进行获取:
Static analysis tool for PHP vulnerabilities.
JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
Analyzes dependency trees for security risks.
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
Detects malicious code patterns in JavaScript and Node.js.
python audit tool
Static security scanner for Python applications.
Small tool to inform you about potential risks in project dependencies list
Checks project dependencies for potential security risks.
A CLI tool for signing and verifying npm and yarn packages.
Signs and verifies npm and yarn packages.
ESLint plugin to detect and stop Trojan Source attacks
Detects Trojan Source attacks in source code.
A server-side TypeScript and JavaScript library immune to Regular Expression Denial of Service (ReDoS) attacks by using Rust and linear RegEx under the hood. Regolith has a linear worst case time complexity, compared to the default RegExp found in TypeScript and JavaScript, which has an exponential worst case.
TypeScript library to prevent ReDoS attacks.
Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git
Prevents committing sensitive filenames to Git.