code-scanning
There are 88 repositories under code-scanning topic.
skills/secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
laminas/laminas-code
Extensions to the PHP Reflection API, static code scanning, and code generation
github/codeql-action
Actions for running CodeQL analysis
dec0dOS/amazing-github-template
🚀 Useful README.md, LICENSE, CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md, GitHub Issues, Pull Requests and Actions templates to jumpstart your projects.
JetBrains/Qodana
📝 Source repository of Qodana Help
JetBrains/qodana-action
⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle
owenrumney/squealer
Telling tales on you for leaking secrets!
JetBrains/qodana-cli
🔧 JetBrains Qodana’s official command line tool
hudangwei/codemillx
codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)
naivesystems/analyze
NaiveSystems Analyze is a static analysis tool for code security and compliance.
github/codeql-coding-standards
This repository contains CodeQL queries and libraries which support various Coding Standards.
GeekMasher/advanced-security-compliance
GitHub Advance Security Compliance Action
shivasurya/code-pathfinder
An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced structural search, derive insights, find vulnerabilities in code.
kereva-dev/kereva-scanner
Code scanner to check for issues in prompts and LLM calls
codetyio/codety-scanner
Codety Scanner is a comprehensive code scanner designed to detect code issues for 30+ programming languages and IaC frameworks. It embeds more than 6,000 code analysis rules and can detect code smells, vulnerable code, secrets in the code, performance issues, style violations, and more.
codescan-ai/codescan
CodeScanAI is an open source tool that utilizes powerful AI models (OpenAI, Gemini, and even self-hosted servers) to scan your codebase for possible security vulnerabilities.
zkoppert/advanced-security-enforcer
A GitHub action for organizations that enables advanced security code scanning on all new repos
advanced-security/filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
advanced-security/codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
PyCQA/bandit-action
GitHub Action to run Bandit
haskell-actions/hlint-scan
Scan Haskell code with HLint.
G-Research/fsharp-analyzers
Analyzers for F#
gacts/gitleaks
🚀 GitHub action for running gitleaks/gitleaks (no license key is required)
nocomplexity/codeaudit
Codeaudit - Modern Python source code analyzer based on distrust.
Finatext/gls
Support gitleaks config development and extend some gitleaks features.
php-gettext/PHP-Scanner
PHP code scanner for gettext
advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
fguisso/introducao-ao-code-scanning
Introdução Guiada ao Code Scanning
andreas-kupries/kettle
Mirror of kettle @ core.tcl.tk/akupries -- A build system for pure Tcl, and critcl packages
swinton/code-scanning-playground
A template repository to help you get started with Code Scanning on GitHub
thomasbiege/code
my code
austimkelly/secretsynth
A secret scanner wrapper to aggregate results across multiple secret scanning tools
jesuscmartinez/lets-threat-model-core
Lets Threat Model is an AI-driven tool that helps teams identify and manage threats early in the development lifecycle. Built with extensibility and automation in mind, it brings security into agile workflows by generating actionable threat models.
justinchuby/lintrunner-adapters
Adapters and tools for lintrunner
eliasmoflag/xscan
Simple header-only IDA-style code scanner