GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world

United States of America

Pinned Repositories

advanced-security-material
Language:Shell74 5 525
awesome-codeql
A curated list of awesome CodeQL resources.
50 2 06
awesome-dependabot
A curated list of awesome Dependabot (and related software supply chain) resources.
5 2 02
awesome-secret-scanning
A curated list of awesome GitHub Advanced Security secret scanning resources.
11 1 02
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
Language:CodeQL53 2 188
codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
Language:CodeQL85 1 021
gh-sbom
Generate SBOMs with gh CLI
Language:Go193 4 1813
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
Language:TypeScript53 6 4531
policy-as-code
GitHub Advanced Security Policy as Code
Language:Python88 4 3621
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
Language:HTML164 8 2027

GitHub Advanced Security's Repositories

advanced-security/gh-sbom
Generate SBOMs with gh CLI
Language:Go193 4 1813
advanced-security/secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
Language:HTML164 8 2027
advanced-security/codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
Language:CodeQL85 1 021
advanced-security/maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
Language:TypeScript53 6 4531
advanced-security/filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
Language:Java35 2 68
advanced-security/codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
Language:Shell27 1 36
advanced-security/enterprise-security-team
Manage a uniform team of security managers for every organization in your enterprise
Language:Python25 2 05
advanced-security/gh-codeql-scan
GH CLI CodeQL Scan Extension
Language:Shell20 2 75
advanced-security/generate-sbom-action
An Action to wrap creating an SBOM via REST API
Language:TypeScript19 2 14
advanced-security/sample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
19 1 011
advanced-security/demo-csharp
GitHub Advanced Security C# Demo Application
Language:C#14 4 2181
advanced-security/cbom-action
Create a Crypto Bill of Materials using CodeQL
Language:Python12 2 218
advanced-security/codeql-workshops-staging
Original workshops and staging area for new ones
Language:CodeQL12 2 27
advanced-security/awesome-secret-scanning
A curated list of awesome GitHub Advanced Security secret scanning resources.
11 1 02
advanced-security/demo-python
GitHub Advanced Security Python Demo Application
Language:Python11 4 0226
advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
Language:Java11 3 16
advanced-security/codeql-bundle
CLI to build a custom CodeQL bundle
Language:Python10 1 34
advanced-security/grab_ql
Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
Language:Python10 4 123
advanced-security/codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
Language:C#9 3 122
advanced-security/demo-java
GitHub Advanced Security scanning tutorial repository for Java
Language:Java9 5 0269
advanced-security/secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patterns
Language:Python8 2 12
advanced-security/dependabot-epss-action
Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.
Language:PowerShell6 0 81
advanced-security/ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
Language:TypeScript6 1 24
advanced-security/github-app-auth
Utility to generate tokens to interact with the GitHub API via GitHub App integration
Language:Go6 1 03
advanced-security/sarif-toolkit
All things SARIF, as an Action
Language:Python4 3 43
advanced-security/adjust-cvss
Language:Java3 1 14
advanced-security/demo-golang
Language:Go3 1 054
advanced-security/codeql_container_example
This repository serves as an exemplary resource demonstrating how to set up CodeQL to scan containerized applications for vulnerabilities. Its primary objective is to showcase the implementation of CodeQL in the code scanning process.
Language:TypeScript1 7 02
advanced-security/ghas-mttr
GitHub Advanced Security Mean Time to Remediate (MTTR)
Language:Python1 3 33
advanced-security/secret-scanning-notifications
A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency
Language:TypeScript1 1 03