There are no reviews yet. Be the first to send feedback to the community and the maintainers!
gh-sbom
Generate SBOMs with gh CLIsecret-scanning-custom-patterns
Examples of Custom Secret Scanning Patternscodeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs insteadpolicy-as-code
GitHub Advanced Security Policy as Codeadvanced-security-material
maven-dependency-submission-action
GitHub Action for submitting Maven dependenciescodeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Codeghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub Appghas-to-csv
Play with GHAS API to provide posture data over timecustom-codeql-bundle
An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations.qll` librarygh-code-scanning
A GitHub CLI extension for GitHub Code-Scanning!codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizationsfilter-sarif
GitHub Action for filtering Code Scanning alerts by path and idgh-codeql-scan
GH CLI CodeQL Scan Extensionenterprise-security-team
Manage a uniform team of security managers for every organization in your enterpriseprobot-security-alerts
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alertsawesome-codeql
A curated list of awesome CodeQL resources.generate-sbom-action
An Action to wrap creating an SBOM via REST APIsample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanningsbom-generator-action
codeql-workshops-staging
Original workshops and staging area for new onesdemo-csharp
GitHub Advanced Security C# Demo Applicationspdx-dependency-submission-action
mrva-code-search
Use code search to populate an MRVA repo list in VSCodesecret-scanning-review-action
Action to detect if a secret is initially detected in a PR commitghas-license-utilization
Optimize the utilization of GHAS licenses in an enterprise (or organization)ghas-bootcamp
dismiss-alerts
demo-python
GitHub Advanced Security Python Demo Applicationgrab_ql
Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extensioncomponent-detection-dependency-submission-action
set-codeql-language-matrix
Automatically set the CodeQL matrix job using the languages in your repository.SARIF-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local filedemo-java
GitHub Advanced Security scanning tutorial repository for Javaghas-workshop
monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflowcodeql-summarize
CodeQL Summary Generatorawesome-secret-scanning
A curated list of awesome GitHub Advanced Security secret scanning resources.cbom-action
Create a Crypto Bill of Materials using CodeQLcodeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.codeql-sarif-security-standard-annotator
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standardghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instancestag-sarif
[deprecated] Tag SARIF to allow filtering by that tag in GitHub Advanced Security Code Scanningspotbugs-findsecbugs-action
Run SpotBugs with FindSecBugs on Java and other JVM languages (e.g. Scala), and upload the results to GitHub Code Scanningdart-analyzer-sarif
Convert `dart analyze` CLI output into SARIFcodeql-bundle
CLI to build a custom CodeQL bundlecocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Actiongithub-app-auth
Utility to generate tokens to interact with the GitHub API via GitHub App integrationcodeql-docker
CodeQL Docker imageteams-secret-scanning-notifier-azure-function
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Functionsarif-toolkit
All things SARIF, as an Actioncodeql-coding-standards-bundle-releases
CodeQL bundles containing the CodeQL Coding Standards queriesgh-add-files
A GitHub CLI Extension that allows you to add files to your GitHub repositories directly from the command lineworkshop-2021-learning-journey
Introduction and Workshop to GitHub Advance Security for Learning Journey (May 2021)dependabot-kev-action
Action to detect if any open Dependabot alerts are in the CISA Known Exploited Vulnerabilities (KEV) Catalog of CVEs and fail the workflow.brew-dependency-submission-action
Brew Lockfile Dependency Submission Actiondemo-golang
remap-sarif
Remap a SARIF file with sourcemapsslack-secret-scanning-notifier-azure-function
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Functionghas-bootcamp-solutions
codeql-basics
An operational (runnable) demonstration of codeql basicsadjust-cvss
secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patternsaws-github-boilerplate
A boilerplate for an application reacting to webhooks from GitHub, deployed to AWS.ghas-mttr
GitHub Advanced Security Mean Time to Remediate (MTTR)demo-catalog
Demonstration Catalog for different Languages and Technologiespoc-resources
delombok
Delombok Java Code for analysis with Code Scanningcrypto-bill-of-materials-data
Generate a Crypto Bill of Materials using CodeQLsecurity-researcher-workshop
flake8-sarif-formatter
Format Flake8 results as SARIF for input to SAST tools such as GitHub Code Scanningdependabot-epss-action
Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.Love Open Source and this site? Check out how you can help us