Skip to content
@advanced-security

GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world
README.md

Welcome to the GitHub Advanced Security Organisation! 👋

This organisation contains open source initiatives created by developers at GitHub (and around the world) to show the art of the possible with advanced security. :octocat: 💻

GitHub Advanced Security consists of CodeQL, Code Scanning, Secret Scanning, Security Overview and Dependency Review. A core principle of each of these solutions is being automated and integrable via API's and Webhooks. In this organisation, you will find starter kits, actions, custom queries and bundles, scripts and full-blown solutions that show off how you can integrate into GitHub Advanced Security (GHAS).

In comparison to the official GitHub organisation, a lot of the software you find here is developed as a best effort. These are open-source solutions developed outside of core responsibilities but with the aim for you to leverage and consume as you would any standard open-source software. 👐

We love contributions and feedback from you! So please feel free to open pull requests and issues as you can! 💕

Welcome and we hope what you find here useful 🙇

Pinned Loading

  1. secret-scanning-custom-patterns Public

    Examples of Custom Secret Scanning Patterns

    HTML 158 24

  2. maven-dependency-submission-action Public

    GitHub Action for submitting Maven dependencies

    TypeScript 49 25

  3. advanced-security-material Public

    Shell 70 25

  4. codeql-coding-standards-bundle-releases Public

    CodeQL bundles containing the CodeQL Coding Standards queries

    6 3

  5. codeql-bundle-action Public

    Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

    Shell 25 6

Repositories

Showing 10 of 92 repositories
  • sample-javascript-monorepo Public
    TypeScript 0 MIT 0 0 10 Updated Mar 28, 2025
  • monorepo-code-scanning-action Public

    Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define

    JavaScript 6 MIT 0 3 (1 issue needs help) 2 Updated Mar 27, 2025
  • codeql-development-toolkit Public

    The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.

    C# 8 MIT 2 9 0 Updated Mar 27, 2025
  • codeql-bundle Public

    CLI to build a custom CodeQL bundle

    Python 10 MIT 4 3 1 Updated Mar 27, 2025
  • codeql-sap-js Public

    CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS

    CodeQL 5 MIT 1 4 3 Updated Mar 26, 2025
  • generate-sbom-action Public

    An Action to wrap creating an SBOM via REST API

    TypeScript 18 MIT 4 0 10 Updated Mar 24, 2025
  • monorepo-filtering-workaround Public

    A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow

    Java 10 MIT 6 1 2 Updated Mar 24, 2025
  • spdx-dependency-submission-action Public

    upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API

    JavaScript 12 MIT 4 2 5 Updated Mar 24, 2025
  • reusable-workflows Public

    Advanced Security Reusable GitHub Actions Workflows

    3 MIT 6 4 3 Updated Mar 24, 2025
  • codeql-summarize Public

    CodeQL Summary Generator

    Python 7 MIT 2 2 1 Updated Mar 24, 2025
View all repositories