There are no reviews yet. Be the first to send feedback to the community and the maintainers!
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!sast-scan
Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm.atom
Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.joern-lib
Python library for code analysis with CPG and Joernblint
BLint is a Binary Linter to check the security properties, and capabilities in your executables. It is powered by lief.sast-scan-action
GitHub action for performing SAST scanning using various oss tools such as gitleaks, bandit, findsecbugs etccpggen
Generate CPG for multiple languages for code and threat analysisdep-scan-action
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. No server required!vuln-list
Subset of https://github.com/aquasecurity/vuln-list suitable for dep-scanthreat-db
A graph database for components, vulnerabilities and threats powered by dgraphhub_scan
Scan reports for popular docker hub and gcr imagesatom-samples
Collection of atom, data-flow, and usage slices for appthreat/atom.docs
Docs that are published at https://appthreat.iocdxgen-docs
Documentation repo for CycloneDX Generator (cdxgen)blint-action
Action to run BLint, the binary linter.scan-reports
Library for producing gorgeous html reports from AppThreat scan results. Compatible with SARIF and grafeas format.cve-annotations
UNUSED: Community powered annotations for CVE to identify source, sink, exploits and other information.rosa
An experiment that looks very promising so far.depscan-bin
Binary builds for dep-scan - The Dependency ScannerLove Open Source and this site? Check out how you can help us