30 open-source projects similar to designsecurity/progpilot, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Progpilot alternative.
Phan is a static analyzer and type checker for PHP that identifies bugs and type incompatibilities without executing the code. It serves as a quality gate for continuous integration pipelines and a tool for verifying type safety, specifically checking union types, generics, and array shapes. The project is distinguished by its use of a background daemon and Language Server Protocol implementation, which provide real-time diagnostics and navigation within editors. It also features a baseline-based suppression system that allows developers to record existing errors in a snapshot file to focus e
Security-focused static analysis for the Phoenix Framework
dawn is a source code scanner designed to review your web applications for security issues.
Brakeman is a static analysis security tool and scanner specifically designed for Ruby on Rails source code. It identifies common security vulnerabilities, such as injection and cross-site scripting, by analyzing the application codebase without executing the application. The tool functions as a security auditor that detects mass assignment risks and template vulnerabilities. It evaluates the final output of rendered views and identifies unrestricted assignment patterns that could allow unauthorized modification of model attributes. The system provides vulnerability management through the us
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
LinkFinder is a security reconnaissance and static analysis tool designed for JavaScript endpoint discovery. It extracts absolute and relative URLs and parameters from JavaScript files to map the attack surface of web applications and identify hidden API routes. The tool operates through static code analysis and regular expression pattern matching to find endpoints without executing the source code. It includes a data processor for importing exported files from Burp Suite, enabling the batch analysis of multiple JavaScript assets in a single execution. The system provides capabilities for do
Gitleaks is a static analysis security tool and secret detection engine designed to find hardcoded passwords, API keys, and authentication tokens. It functions as a Git secret scanner that analyzes both local file systems and Git commit history to prevent credential leaks. The tool distinguishes itself through a decoding pipeline that transforms base64 and hex strings into plaintext to find obfuscated secrets. It further reduces false positives using proximity-based validation and fingerprint-based suppression to filter out known or baseline findings. The system covers a broad range of detec
This project is an AI agent workflow orchestrator and automated software lifecycle manager designed to sequence specialized AI personas for end-to-end software development. It serves as a prompt engineering library and a full-stack development toolkit that guides the process from initial discovery and specification through to deployment and code review. The system features a context management framework that utilizes progressive loading and routing tables to fetch reference files on-demand, reducing token consumption within the model context window. It employs a definition-based routing syste
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Scan your container images for package vulnerabilities with Aqua Security
GitHub action to run Go lint checks on PR event
A Github Action to statically validate Fastlane metadata for Android (supply).
kube-bench is a Kubernetes security benchmark scanner and configuration auditor. It verifies if a cluster adheres to the Center for Internet Security standards and other hardening guides to identify security misconfigurations and vulnerabilities. The tool operates as a containerized security scanner, utilizing host namespaces to analyze nodes and control plane components without requiring the installation of binaries directly on the host. It supports multiple Kubernetes distributions, applying environment-specific benchmarks to ensure auditing accuracy for managed services. The project cover
nargs is a Go static analysis tool to find unused arguments in function declarations.
Shellharden is a shell script hardening tool and linter designed to improve the security and reliability of Bash scripts. It functions as an automated utility that rewrites scripts to follow industry standards for quoting and security practices. The project provides an optimizer and standardizer that replaces unsafe patterns and aliases with safer functional equivalents. It includes a syntax highlighter that uses visual markers and colorization to indicate vulnerabilities and areas where quoting corrections are required. The tool covers a broad range of capabilities including automated safet
Static analyzer and linter for Clojure code that sparks joy
Checkov is a static analysis tool and security scanner designed to identify misconfigurations in infrastructure as code, container images, and Kubernetes configurations. It functions as a cloud security posture tool, an SCA vulnerability scanner, and a secret scanning utility to prevent security breaches and version control leaks. The project distinguishes itself through deep graph analysis and variable resolution, allowing it to map relationships between interconnected resources and evaluate the final state of infrastructure attributes. It provides extensibility for defining custom security
A GitHub action to run hadolint and reports violations given a Dockerfile within a repository
Detect concurrency and memory bugs and possible panic locations in Rust projects
Github Action helps you check your code with PHP_CodeSniffer
A Github Action that runs pycodestyle and leaves a comment on your pull request with style errors.