Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
-
Updated
Jan 29, 2024 - Python
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
blackduckcopilot
Scanner-One is a freely usable Static Application Security Testing (SAST) scanner for all source code languages. Currently functional for Cpp, Java, Javascript, PHP and Python.
Scanner for cryptographic gems & their reverse dependecies in Ruby applications
DevSecOps Framework - Python application
SAST Scanner Modified - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potential issues.
Quick script to scan through a PHP project and flag up functions that are of interest when looking for security vulnerabilities. Aids manual code review.
A script to automate SAST analysis of your decompiled APKs with Checkmarx, and a Dockerfile if you ever need it.
Совместное использование инструментов SAST, DAST и SCA для повышения эффективности обнаружения и устранения уязвимостей программных модулей ─=≡Σ((( つ><)つ📊📊📊
Python library for code analysis with CPG and Joern
Special snowflakes are a main in the posterior - there's times when infra-related changes don't get merged back to earlier branches, causing.. well, different IAC Configurations. Standardize them With helm and conditions - and if you're looking for a way to have Image Promotion figured out (Even for NextsJS - the workaround is a pain because of …
Static analyser for unsafe use of jQuery methods which are vulnerable to XSS attack. Also available as a Coala Bear.
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."