Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
-
Updated
Sep 1, 2023 - Python
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
The only open-source tool to analyze vulnerabilities and configuration issues with running docker container(s) and docker networks.
Generic SAST Library
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
Ready to use docker image for CodeQL
This project is deprecated. Use https://github.com/returntocorp/semgrep instead
Parse GitLab SAST reports into more human readable projects
OpenScanHub is a service for static and dynamic analysis.
This is a github action which can make bandit security report of your python project
Pure python, self-contained, silly implementation of a SAST tool
Static Application Security Testing Analyzer for JavaScript Source Code
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."