sast topic
codeql-docker
Ready to use docker image for CodeQL
DockerENT
The only open-source tool to analyze vulnerabilities and configuration issues with running docker container(s) and docker networks.
betterscan-ce
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to im...
mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.