1 repositorio
Analyzing code to detect weak or insecure cryptographic implementations and algorithms.
Distinct from Cryptographic Implementations: Candidates focus on implementation of ciphers or generators, not the auditing of their use.
Explore 1 awesome GitHub repository matching security & cryptography · Cryptographic Auditing. Refine with filters or upvote what's useful.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Detects the use of weak hashing algorithms, deprecated ciphers, and insecure random number generators.