Rules Registry for Compliance Frameworks

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Static Application Security Testing (SAST) Tools.

A production-grade AWS DevSecOps Hybrid CI/CD Factory that enforces security and compliance at every stage of the software delivery lifecycle. Built with a hybrid IaC approach using Terraform for core platform infrastructure and CloudFormation for CI/CD orchestration.

AWS native Static Application Security Testing (SAST) utility to find and eradicate vulnerable software packages stored in AWS CodeArtifact. Built for both real-time distributed and centralized deployments.

An experimental Static Application Security Testing (SAST) scanner built on GPT and the OpenAI api.

Bugsmirror MASST (Mobile Application Security Suite and Tools) is a comprehensive platform for end-to-end mobile application security. It offers threat detection tools for static, runtime, dynamic API testing and red teaming; robust app shielding solution for threat mitigation; threat visibility dashboard; & AI powered insight in a single platform.

Awesome Static Application Security Testing

Linter for Go ensuring all array and slice bounds are validated.

gradle pipeline

A framework for code security that provides abstractions for static analysis tools and datasets to support their integration, testing, and evaluation.

Scans your repo with an LLM and outputs a clean JSON report. Core rules: SQLi, XSS, Insecure Deserialization, SSRF, RCE, SSTI. Optional: Cloud (IaC) and Authorization/Business Logic checks.

Template CI/CD Pipeline to create a virtual environment with APK reverse engineering tools

Ecommerce Microservices application in Kotlin.