Pinned Repositories
2ms
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
ast-cli
A CLI project wrapping application security testing (AST) APIs
capital
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
chainalert-github-action
scans popular packages and alerts in cases there is suspicion of an account takeover
chainjacking
Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
ci-cd-integrations
If you are using a CI/CD platform that doesn’t yet have a dedicated Checkmarx plugin, please check this repository.
dustilock
DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
JS-SCP
JavaScript Secure Coding Practices guide
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
kics-github-action
GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
Checkmarx's Repositories
Checkmarx/JS-SCP
JavaScript Secure Coding Practices guide
Checkmarx/chainalert-github-action
scans popular packages and alerts in cases there is suspicion of an account takeover
Checkmarx/dustilock
DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
Checkmarx/Kotlin-SCP
Kotlin Secure Coding Practices is a guide written for anyone using Kotlin for mobile development.
Checkmarx/WebViewGoat
A deliberately vulnerable Android application to demonstrate exfiltration scenarios
Checkmarx/swag
Checkmarx/API-Security-Top-10
Checkmarx/JobDeCrypter
A decryption tool for the JobCrypter ransomware
Checkmarx/NFCdrip
Checkmarx/solidity-ddenv
Containerized Solidity Decentralized App Development Environment
Checkmarx/kics-orb
Checkmarx/SmartBulbExfil
Checkmarx/homebrew-tap
Homebrew Formulae to binaries