GitHub Advanced Security's repositories
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
policy-as-code
GitHub Advanced Security Policy as Code
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
ghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub App
filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
awesome-codeql
A curated list of awesome CodeQL resources.
SARIF-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
secret-scanning-review-action
Action to detect if a secret is initially detected in a PR commit
codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
codeql-summarize
CodeQL Summary Generator
ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
cocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Action
teams-secret-scanning-notifier-azure-function
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
cbom-action
Create a Crypto Bill of Materials using CodeQL
dependabot-kev-action
Action to detect if any open Dependabot alerts are in the CISA Known Exploited Vulnerabilities (KEV) Catalog of CVEs and fail the workflow.
sarif-toolkit
All things SARIF, as an Action
brew-dependency-submission-action
Brew Lockfile Dependency Submission Action
gh-add-files
A GitHub CLI Extension that allows you to add files to your GitHub repositories directly from the command line
awesome-secret-scanning
A curated list of awesome GitHub Advanced Security secret scanning resources.
secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patterns
slack-secret-scanning-notifier-azure-function
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
python-lint-code-scanning-action
Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning
.github
GitHub Advanced Security's Org README
awesome-dependabot
A curated list of awesome Dependabot (and related software supply chain) resources.
reusable-workflows
Advanced Security Reusable GitHub Actions Workflows
secret-scanning-notifications
A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency