Rules Registry for Compliance Frameworks

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Static Application Security Testing (SAST) Tools.

A production-grade AWS DevSecOps Hybrid CI/CD Factory that enforces security and compliance at every stage of the software delivery lifecycle. Built with a hybrid IaC approach using Terraform for core platform infrastructure and CloudFormation for CI/CD orchestration.

AWS native Static Application Security Testing (SAST) utility to find and eradicate vulnerable software packages stored in AWS CodeArtifact. Built for both real-time distributed and centralized deployments.

An experimental Static Application Security Testing (SAST) scanner built on GPT and the OpenAI api.

Linter for Go ensuring all array and slice bounds are validated.

gradle pipeline

A framework for code security that provides abstractions for static analysis tools and datasets to support their integration, testing, and evaluation.

Scans your repo with an LLM and outputs a clean JSON report. Core rules: SQLi, XSS, Insecure Deserialization, SSRF, RCE, SSTI. Optional: Cloud (IaC) and Authorization/Business Logic checks.

Template CI/CD Pipeline to create a virtual environment with APK reverse engineering tools

Bugsmirror MASST (Mobile Application Security Suite and Tools) is a comprehensive platform for end-to-end mobile application security. It offers threat detection tools for static, runtime, dynamic API testing and red teaming; robust app shielding solution for threat mitigation; threat visibility dashboard; & AI powered insight in a single platform.

Ecommerce Microservices application in Kotlin.