Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
created at April 4, 2013, 1:06 p.m.
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
created at Oct. 22, 2013, 8:26 p.m.
Scan your code for security misconfiguration, search for passwords and secrets.
created at Feb. 21, 2017, 8:06 p.m.
Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
created at Oct. 28, 2021, 4:58 p.m.
Security risk analysis for Kubernetes resources
created at May 8, 2018, 8:52 a.m.
a static analysis tool for finding vulnerabilities in C/C++ source code
created at Nov. 12, 2018, 5:23 p.m.
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
created at Nov. 6, 2019, 7:53 a.m.
Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.
created at Oct. 19, 2016, 11:02 p.m.
Securely manage passwords, certs, and other secrets in Chef
created at April 8, 2013, 6:05 p.m.
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
created at Oct. 1, 2021, 12:01 p.m.
Discover internet-wide misconfigurations while drinking coffee
created at March 3, 2021, 6:47 p.m.
A project security/vulnerability/risk scanning tool
created at March 18, 2017, 3:24 p.m.
preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.
created at April 29, 2021, 10:37 a.m.
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at April 25, 2020, 12:47 a.m.
Presentations, training modules, and other education materials from Duo Security's Application Security team.
created at Oct. 22, 2019, 4:40 p.m.