code-security

There are 54 repositories under code-security topic.

  • skills/secure-code-game

    A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

    Language:JavaScript2.5k2437310

  • SVF-tools/SVF

    Static Value-Flow Analysis Framework for Source Code

    Language:C++1.6k54662471

  • payloadbox/ssti-payloads

    🎯 Server Side Template Injection Payloads

    74081156
  • globstar

    DeepSourceCorp/globstar

    Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.

    Language:Go46333447
  • PRevent

    apiiro/PRevent

    Prevent merging of malicious code in pull requests

    Language:Python2393018

  • payloadbox/csv-injection-payloads

    🎯 CSV Injection Payloads

    2346188

  • mpast/mobileAudit

    Django application that performs SAST and Malware Analysis for Android APKs

    Language:HTML22192846

  • apiiro/malicious-code-ruleset

    Focused malicious code detection ruleset, with a high protection-to-noise ratio

    Language:Python127428

  • fabriziosalmi/iamnotacoder

    AI code generation and improvement

    Language:Python32104
  • GPT-Security-Best-Practices

    VolkanSah/GPT-Security-Best-Practices

    The purpose of this document is to outline the security risks and vulnerabilities that may arise when implementing ChatGPT in web applications and to provide best practices for mitigating these risks.

    31102

  • SpectralOps/vscode-extension

    Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations

    Language:TypeScript19322

  • nocomplexity/codeaudit

    Codeaudit - Modern Python source code analyzer based on distrust.

    Language:Python17000

  • GitsecureHQ/gitsecure-docs

    Official documentation for Gitsecure

    Language:MDX8123

  • aonexyz/code-copyright-monitor

    Automatically monitors GitHub for code similarities and potential plagiarism using GitHub API. Includes Slack & Email alerts and an AI-based scanning skeleton for advanced code similarity detection.

    Language:Python7

  • Hack23/talks

    How to secure your development pipeline with static application security test (SAST) / Dynamic application security test (DAST), software composition analysis (SCA) using Sonarqube.

    7110

  • AI-Security-Research-Group/contexi

    Contexi let you interact with entire codebase or data with context using a local LLM on your system.

    Language:Python6100

  • butlerem/vulnerability-scanner-UniXcoder-RAG

    AI-powered browser-based vulnerability scanner using UniXcoder embeddings and RAG with LLM to detect security flaws across 9 languages.

    Language:TypeScript6

  • digo5ds/pygitguard

    PyGitGuard is a Git security scanner designed to prevent accidental commits of sensitive data by scanning for:

    Language:Python40

  • github-samples/securing-your-code

    Securing your Code with GitHub workshop

    Language:TypeScript4002

  • Saluki/eslint-workshop-2020

    ESLint backbone repository for workshop

    Language:JavaScript4200

  • TaylorHo/enygmah

    The only tool your project needs to ensure security and quality. Open-source and free.

    Language:Rust4

  • ejmockler/brutalist-mcp

    All AIs are sycophants.

    Language:TypeScript30

  • elicpeter/nyx

    Lightweight Rust CLI vulnerability scanner

    Language:Rust3

  • NextSecurity/sast-scanner-modified

    SAST Scanner Modified - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!

    Language:Python3000

  • rafabd1/SecretHound

    A fast and powerful CLI tool for finding secrets and other data in files, web pages, and other text sources. Supports multi-threading and advanced pattern matching.

    Language:Go3100

  • TheSpiritMan/demo-counter-app

    Complete DevOps CI/CD project with Documented Walkthrough

    Language:Java3100

  • Har1sh-k/SecLint

    A Python-based AI agent for detecting insecure code patterns in Python projects and providing context-based remediation suggestions.

    Language:Python2

  • marsgokturk/securepy

    Static Python code vulnerability scanner powered by LLMs.

    Language:Python2

  • samay825/Python-To-Cython

    Python Cython Obfuscator: Enterprise-grade code protection tool that transforms Python source into secure, compiled binaries. Features military-grade obfuscation, , and IP protection. Perfect for securing intellectual property and preventing reverse engineering.

    2

  • tj-actions/bandit

    :octocat: Github action to run PyCQA's bandit security linter.

    Language:Dockerfile2342

  • wizzardx/sly-probe

    A universal, language-agnostic code analysis and verification engine. LLM-powered. Formal-methods-backed. Runtime-ready. Think mypy meets miri meets Coq—for any language.

    20

  • bivex/Kage

    A PHP code encryption and protection tool designed to secure source code and provide a secure runtime environment, enhanced with a C extension for performance.

    Language:Roff1

  • codebytemirza/LLMgrep

    LLMGrep combines the precision of Semgrep's static analysis with the power of Large Language Models to deliver comprehensive security scanning, interactive vulnerability discussions, and intelligent rule generation capabilities.

    Language:Python110

  • luftwaffe66/GoBfuscator

    Language:Python1

  • sMiNT0S/AIBugBench

    From prompt to paste: evaluate AI / LLM output under a strict Python sandbox and get actionable scores across 7 categories, including security, correctness and upkeep.

    Language:Python1

  • usrbinbrain/seekurity-review

    Triagem automatizada de vulnerabilidades SAST integrada ao GitHub via API, com uso de LLM local (DeepSeek-R1 & Ollama)

    Language:Python10