sast

Here are 23 public repositories matching this topic...

tenable / terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Updated Dec 10, 2024
Go

Bearer / bearer

Star

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

security security-audit privacy static-code-analysis static-analysis owasp dataflow vulnerability code-quality compliance vulnerabilities appsec security-scanner gdpr security-automation security-tools devsecops sast devsecops-tools

Updated Jan 22, 2025
Go

ZupIT / horusec

Star

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Updated Jan 22, 2025
Go

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Updated Jan 17, 2025
Go

insidersec / insider

Star

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…

Updated Apr 10, 2022
Go

chebuya / sastsweep

Star

Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets

cli security-audit static-code-analysis owasp vulnerability-scanners security-scanner sast security-research vulnerability-research semgrep

Updated Nov 16, 2024
Go

Night-Master / sdlc_golang

Star

sdlc 是一个基于 Go 语言构建的安全漏洞示范平台，旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识，除了可以用于devsecops以外，还可以用于安全行业从事者学习漏洞知识或者渗透知识，代码审计，提供了一个实践和学习的环境。本项目采用了前后端分离的设计模式，其中后端利用了轻量级框架 Gin，而前端则使用了 Vue 3。

security sdlc devsecops vulnerability-scanner sast whitebox-test

Updated Oct 18, 2024
Go

xfhg / intercept

Star

INTERCEPT / Policy as Code Auditing & Compliance

security auditing security-audit scanner static-analysis audit policy compliance policy-evaluation enforcement security-automation security-tools policy-engine devsecops policy-monitoring sast policy-as-code secconf

Updated Jan 22, 2025
Go

snyk / snyk-ls

Star

Language Server used by IDEs as Snyk Backend for Frontends

language-server ide sast

Updated Jan 22, 2025
Go

shivasurya / code-pathfinder

Star

Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, find vulnerabilities in code.

search golang security tree-sitter application-security security-tools code-scanning sast structural-search codeql