Betterleaks alternatives for AI agents.

Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

Tfsec is now part of Trivy

ShellCheck, a static analysis tool for shell scripts

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Go security checker

Staticcheck - The advanced Go linter

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

Radare2 and Frida better together.

Static analysis tool to detect potential nil panics in Go code

Protect against malicious open source packages 🤖

An Intelligent Python Code Quality Analyzer

Security risk analysis for Kubernetes resources

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

A tool to enforce Swift style and conventions.