AppThreat

Empower your devs.

United Kingdom

https://appthreat.com

AppThreat's repositories

dep-scan

OWASP dep-scan is an open-source security audit based on known vulnerabilities and advisories for project dependencies. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, and Google CloudBuild. No server is required!

Language:PythonMIT426 11 74

sast-scan

Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!

Language:PythonMIT143 12 25

vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.

Language:PythonMIT73 6 66

atom

Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.

Language:RustApache-2.028 2 57

blint

BLint is a Binary Linter to check the security properties, and capabilities in your executables. It is powered by lief.

Language:PythonApache-2.013 3 26

joern-lib

Python library for code analysis with CPG and Joern

Language:Jupyter NotebookApache-2.010 3 7

dep-scan-action

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. No server required!

MIT8 20

vuln-list

Linux upstream vulnerabilities data suitable for dep-scan

Apache-2.07 20

cpggen

Generate CPG for multiple languages for code and threat analysis

Language:C#Apache-2.06 4 22

threat-db

A graph database for components, vulnerabilities and threats powered by dgraph

Language:PythonApache-2.05 10

hub_scan

Scan reports for popular docker hub and gcr images

Language:Shell4 30

docs

Docs that are published at https://appthreat.io

Apache-2.02 50

blint-action

Action to run BLint, the binary linter.

Apache-2.01 20

cve-annotations

UNUSED: Community powered annotations for CVE to identify source, sink, exploits and other information.

NOASSERTION1 20

depscan-bin

Binary builds for dep-scan - The Dependency Scanner

Apache-2.01 1 7

rosa

An experiment that looks very promising so far.

Language:PythonApache-2.01 20

scan-reports

Library for producing gorgeous html reports from AppThreat scan results. Compatible with SARIF and grafeas format.

Language:HTML1 20

vulpy

Vulnerable Python Application To Learn Secure Development

Language:PythonMIT1 20

.github

Apache-2.0020

annotator

Apache-2.0020

charts

Helm charts for cloudsec apps

Apache-2.0010

cpggen-action

Generate CPG for multiple languages for use with joern

Apache-2.0030

ide

An IDE with AppThreat scanners built-in. Secure coding is here.

020

joern11

Joern v1.1.1742 with backported fixes from 1.2.x. Use temporarily before a full upgrade to 1.2.x

Language:ScalaApache-2.0010

joern2

Experimental joern.

Apache-2.0020

scan-base

Base docker image for scanners

Language:DockerfileMIT020

shst

Language:TypeScriptMIT020

vdb

Precompiled AppThreat vulnerability database for dep-scan

Language:ShellApache-2.0010

vuln-list-update

Collects vulnerability data from a range of sources.

Language:GoApache-2.0000

WebGoat

WebGoat 8.0

Language:JavaScriptNOASSERTION020