There are no reviews yet. Be the first to send feedback to the community and the maintainers!
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.capital
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.JS-SCP
JavaScript Secure Coding Practices guide2ms
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and gitchainjacking
Find which of your direct GitHub dependencies is susceptible to RepoJacking attackskics-github-action
GitHub actions of KICS scan - Keeping Infrastructure as Code Securechainalert-github-action
scans popular packages and alerts in cases there is suspicion of an account takeoverast-cli
A CLI project wrapping application security testing (AST) APIsdustilock
DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.Goatlin
(aka Kotlin Goat) - an intentionally vulnerable Kotlin applicationcuteboi
This open-source project tracks CuteBoi's activity over time as there are evidence the actor is still active. All information provided here is intended for research purposes.Kotlin-SCP
Kotlin Secure Coding Practices is a guide written for anyone using Kotlin for mobile development.ast-github-action
Checkmarx application security testing (AST) GitHub actionWebViewGoat
A deliberately vulnerable Android application to demonstrate exfiltration scenariosred-lili
This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided here is intended for research purposes.ast-vscode-extension
The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.kics-cdk-validator-plugin
A KICS plugin for AWS CDKdriffty
Cloud Infrastructure Security Drift Detection - for KICSci-cd-integrations
If you are using a CI/CD platform that doesnโt yet have a dedicated Checkmarx plugin, please check this repository.swag
ast-azure-plugin
The CxAST Azure DevOps plugin enables you to trigger SAST, SCA, and KICS scans directly from an Azure DevOps pipeline.sast-to-ast-export
CLI tool to export data from CxSAST and import into Checkmarx Application Security Testing Platformast-teamcity-plugin
The CxAST TeamCity plugin enables you to trigger SAST, SCA, and KICS scans directly from a TeamCity project.ast-eclipse-plugin
The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.dast-github-action
API-Security-Top-10
ast-visual-studio-extension
The CxAST Visual Studio plugin enables you to import results from a CxAST scan directly into your IDEJobDeCrypter
A decryption tool for the JobCrypter ransomwarehomebrew-ast-cli
NFCdrip
solidity-ddenv
Containerized Solidity Decentralized App Development Environmentast-jetbrains-plugin
The CxAST JetBrains plugin enables you to import results from a CxAST scan directly into your IDE.nexus-security-plugin
SmartBulbExfil
kics-orb
vorpal-reviewdog-github-action
Run Vorpal with reviewdog ๐ถLove Open Source and this site? Check out how you can help us