insider
Security analyzer
A tool that analyzes source code to identify security vulnerabilities and provides reporting on compliance with the OWASP Top 10
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
519 stars
18 watching
80 forks
Language: Go
last commit: almost 3 years ago
Linked from 1 awesome list
androidandroid-securityclicsharpdotnetinsideriosios-securityjavascriptkotlinmavennodejsowaspsastsecurity-automationsecurity-scannersecurity-toolsstatic-analysisstatic-analyzerswift
sbilly/awesome-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 flatt-security/shisho | A tool that analyzes code for security vulnerabilities and provides feedback to developers | 369 |
 bearer/bearer | A tool for discovering and prioritizing security risks in software code | 2,112 |
 sonarsource/sonar-java | Analyzes Java code quality and security issues to help developers write cleaner code | 1,144 |
 dev-lu/osint_toolkit | A web application combining various security analysis tools and services into one platform | 526 |
 zupit/horusec | Identifies security flaws in software projects through static code analysis | 1,154 |
 tcosolutions/betterscan | A toolchain that scans source code and infrastructure IaC for security risks and provides a unified report. | 831 |
 theresafewconors/sooty | A tool designed to aid cybersecurity analysts in automating routine checks and enhancing their workflow | 1,364 |
 eth-sri/securify | A security scanner for Ethereum smart contracts | 219 |
 doyensec/electronegativity | An Electron application security analysis tool that identifies misconfigurations and potential weaknesses. | 980 |
| eth-sri/securify2 | An automated security scanner for Ethereum smart contracts | 589 |
 microsoft/infersharp | A tool that analyzes C# code for potential issues such as null pointer dereferences and resource leaks to help detect security vulnerabilities. | 737 |
 nodesecure/js-x-ray | A tool that scans JavaScript code for potential security vulnerabilities and patterns | 229 |
 security-code-scan/security-code-scan | Detects vulnerabilities in C# and VB.NET code | 942 |
 secdec/attack-surface-detector-burp | Identifies web app endpoints and parameters to help detect vulnerabilities | 98 |
 albuch/sbt-dependency-check | Automatically monitors dependencies for known vulnerabilities and generates reports on security issues | 266 |