Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
Updated
May 14, 2024 - OCaml
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. With repository stars⭐ and forks🍴
OpenScanHub is a service for static and dynamic analysis.
A demo repository of simple OWASP Top 10 type of vulnerabilities in (mostly) Python. Includes an exploration of GHAS features.
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
🐚 GitHub Action for running ShellCheck differentially
Precaution CLI
GitHub Action to run Precaution SAST
Real world test cases to evaluate static analyser efficacy
Next version of the analysis tools website
A static analyzer to scan JavaScript code for problematic regular expressions.
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.
Python SDK for the Finite State Platform API
SecHub provides a central API to test software with different security tools.
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."