Security Scanning
Showing 31 of 31 projects
Pack your entire codebase into a single AI-friendly file for analysis by LLMs like Claude, ChatGPT, and Gemini.
A curated directory of static analysis (SAST) tools and linters for all programming languages, config files, and build tools.
A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more.
A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.
A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.
An open-source platform for continuous code quality inspection and security analysis across 30+ programming languages.
A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.
A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.
A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.
A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.
A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.
A static analysis security scanner for Terraform code that identifies misconfigurations across major cloud providers.
A static analysis tool for finding errors and security vulnerabilities in PHP applications.
Automated security health metrics for open source projects, assessing security best practices and risks.
A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.
A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.
An enterprise-friendly Python tool for detecting and preventing secrets from entering codebases with a baseline approach.
A source code analyzer that identifies features and characteristics in software components using static analysis and a JSON rules engine.
A dynamic infrastructure framework for distributing security scanning workloads across multiple cloud instances.
A static analysis tool for finding bugs in Java code, succeeding the FindBugs project.
A collection of automated AI-powered workflows for code review, security scanning, and design review using Claude Code agents.
An open-source Cloud Security Posture Management (CSPM) tool that scans AWS, Azure, GCP, Oracle, and GitHub for security misconfigurations.
A collection of pre-commit hooks for automating code quality, security, and documentation checks for Terraform, OpenTofu, and Terragrunt configurations.
A static analysis tool that checks Kubernetes YAML files and Helm charts for security and production readiness best practices.
A universal secret manager CLI for developers that centralizes secrets from multiple providers and prevents secret sprawl.
Static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.
A static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.
KICS is an open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in Infrastructure as Code.
ESLint plugin that identifies potential security vulnerabilities in Node.js code, requiring human triage for false positives.
Scans websites for publicly known security vulnerabilities in frontend JavaScript libraries using the Snyk database.
A Claude Agent skill providing best practices, testing strategies, and CI/CD workflows for Terraform and OpenTofu infrastructure code.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.