Projects in Awesome Lists by advanced-security
A curated list of projects in awesome lists by advanced-security .
https://github.com/advanced-security/secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
github-advanced-security regex regex-patterns secret-scanning
Last synced: 27 Feb 2025
https://github.com/advanced-security/policy-as-code
GitHub Advanced Security Policy as Code
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
Last synced: 27 Feb 2025
https://github.com/advanced-security/maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
Last synced: 15 Apr 2025
https://github.com/advanced-security/gssar
GitHub Secret Scanning Auto Remediator (GSSAR)
aws github javascript remediation secret-scanning typescript
Last synced: 28 Apr 2025
https://github.com/advanced-security/GSSAR
GitHub Secret Scanning Auto Remediator (GSSAR)
aws github javascript remediation secret-scanning typescript
Last synced: 28 Apr 2025
https://github.com/advanced-security/ghas-to-csv
Play with GHAS API to provide posture data over time
csv github-actions github-advanced-security
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
Last synced: 27 Feb 2025
https://github.com/advanced-security/ghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub App
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
Last synced: 28 Apr 2025
https://github.com/advanced-security/filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
code-scanning github-advanced-security sarif
Last synced: 28 Apr 2025
https://github.com/advanced-security/probot-security-alerts
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
ghas nodejs probot sample security security-alerts typescript
Last synced: 08 Feb 2025
https://github.com/advanced-security/generate-sbom-action
An Action to wrap creating an SBOM via REST API
Last synced: 28 Apr 2025
https://github.com/advanced-security/enterprise-security-team
Manage a uniform team of security managers for every organization in your enterprise
Last synced: 28 Apr 2025
https://github.com/advanced-security/component-detection-dependency-submission-action
Last synced: 28 Apr 2025
https://github.com/advanced-security/gh-codeql-scan
GH CLI CodeQL Scan Extension
Last synced: 28 Apr 2025
https://github.com/advanced-security/secret-scanning-review-action
Action to detect if a secret is initially detected in a pull request
Last synced: 28 Apr 2025
https://github.com/advanced-security/set-codeql-language-matrix
Automatically set the CodeQL matrix job using the languages in your repository.
Last synced: 28 Apr 2025
https://github.com/advanced-security/ghas-license-utilization
Optimize the utilization of GHAS licenses in an enterprise (or organization)
Last synced: 28 Apr 2025
https://github.com/advanced-security/spdx-dependency-submission-action
upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API
Last synced: 28 Apr 2025
https://github.com/advanced-security/sample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
Last synced: 27 Feb 2025
https://github.com/advanced-security/codeql-workshops-staging
Original workshops and staging area for new ones
Last synced: 27 Feb 2025
https://github.com/advanced-security/mrva-code-search
Use code search to populate an MRVA repo list in VSCode
Last synced: 28 Apr 2025
https://github.com/advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
actions-workflow advanced-security code-scanning codeql ghas monorepo sarif sast
Last synced: 28 Apr 2025
https://github.com/advanced-security/sarif-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
Last synced: 28 Apr 2025
https://github.com/advanced-security/demo-java
GitHub Advanced Security scanning tutorial repository for Java
advanced-security demo devsecops example security static-analysis
Last synced: 12 Apr 2025
https://github.com/advanced-security/grab_ql
Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-sarif-security-standard-annotator
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standard
Last synced: 28 Apr 2025
https://github.com/advanced-security/cbom-action
Create a Crypto Bill of Materials using CodeQL
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-summarize
CodeQL Summary Generator
Last synced: 28 Apr 2025
https://github.com/advanced-security/teams-secret-scanning-notifier-azure-function
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
azure-function github-advanced-security github-app microsoft-teams-bot secret-scanning security-team
Last synced: 28 Apr 2025
https://github.com/advanced-security/ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
Last synced: 28 Apr 2025
https://github.com/advanced-security/dependabot-kev-action
Action to detect if any open Dependabot alerts are in the CISA Known Exploited Vulnerabilities (KEV) Catalog of CVEs and fail the workflow.
Last synced: 28 Apr 2025
https://github.com/advanced-security/dependabot-epss-action
Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
Last synced: 28 Apr 2025
https://github.com/advanced-security/monorepo-code-scanning-action
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
actions advanced-security code-scanning-ready codeql monorepo sast
Last synced: 14 Apr 2025
https://github.com/advanced-security/gh-add-files
A GitHub CLI Extension that allows you to add files to your GitHub repositories directly from the command line
Last synced: 28 Apr 2025
https://github.com/advanced-security/spotbugs-findsecbugs-action
Run SpotBugs with FindSecBugs on Java and other JVM languages (e.g. Scala), and upload the results to GitHub Code Scanning
Last synced: 27 Feb 2025
https://github.com/advanced-security/codeql-bundle
CLI to build a custom CodeQL bundle
Last synced: 28 Apr 2025
https://github.com/rvermeulen/codeql-bundle
CLI to build a custom CodeQL bundle
Last synced: 27 Dec 2024
https://github.com/advanced-security/dart-analyzer-sarif
Convert `dart analyze` CLI output into SARIF
Last synced: 28 Apr 2025
https://github.com/advanced-security/github-app-auth
Utility to generate tokens to interact with the GitHub API via GitHub App integration
authentication ci-cd github github-api github-app
Last synced: 28 Apr 2025
https://github.com/advanced-security/cocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Action
Last synced: 28 Apr 2025
https://github.com/advanced-security/remap-sarif
Remap a SARIF file with sourcemaps
Last synced: 28 Apr 2025
https://github.com/advanced-security/sarif-toolkit
All things SARIF, as an Action
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql-coding-standards-bundle-releases
CodeQL bundles containing the CodeQL Coding Standards queries
Last synced: 27 Feb 2025
https://github.com/advanced-security/qlsh
qlsh - a CodeQL REPL/shell for running interactive queries against a CodeQL database
Last synced: 16 Mar 2025
https://github.com/advanced-security/aws-github-boilerplate
A boilerplate for an application reacting to webhooks from GitHub, deployed to AWS.
aws boilerplate-template github-apps webhooks
Last synced: 30 Apr 2025
https://github.com/advanced-security/brew-dependency-submission-action
Brew Lockfile Dependency Submission Action
Last synced: 12 Mar 2025
https://github.com/advanced-security/slack-secret-scanning-notifier-azure-function
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
github-advanced-security secret-scanning slack-bot
Last synced: 28 Apr 2025
https://github.com/advanced-security/reusable-workflows
Advanced Security Reusable GitHub Actions Workflows
Last synced: 27 Feb 2025
https://github.com/advanced-security/crypto-bill-of-materials-data
Generate a Crypto Bill of Materials using CodeQL
Last synced: 27 Feb 2025
https://github.com/advanced-security/secret-scanning-notifications
A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency
Last synced: 27 Feb 2025
https://github.com/advanced-security/secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patterns
github-advanced-security secret-scanning
Last synced: 28 Apr 2025
https://github.com/advanced-security/delombok
Delombok Java Code for analysis with Code Scanning
Last synced: 28 Apr 2025
https://github.com/advanced-security/ghas-mttr
GitHub Advanced Security Mean Time to Remediate (MTTR)
Last synced: 04 Apr 2025
https://github.com/advanced-security/python-lint-code-scanning-action
Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning
Last synced: 28 Apr 2025
https://github.com/advanced-security/codeql_container_example
This repository serves as an exemplary resource demonstrating how to set up CodeQL to scan containerized applications for vulnerabilities. Its primary objective is to showcase the implementation of CodeQL in the code scanning process.
codeql codescanning containers
Last synced: 27 Feb 2025
https://github.com/advanced-security/alert-suppression-queries
CodeQL packs for alert suppression queries for each supported code scanning language
Last synced: 27 Feb 2025
https://github.com/advanced-security/.github
GitHub Advanced Security's Org README
Last synced: 27 Feb 2025
https://github.com/advanced-security/ghas-bootcamp-query
Example custom query used to demo CodeQL
Last synced: 27 Feb 2025
https://github.com/advanced-security/demo-catalog
Demonstration Catalog for different Languages and Technologies
Last synced: 27 Feb 2025
https://github.com/advanced-security/flake8-sarif-formatter
Format Flake8 results as SARIF for input to SAST tools such as GitHub Code Scanning
Last synced: 27 Feb 2025
https://github.com/advanced-security/policy-as-code-testing
Policy as Code Testing Repository
Last synced: 27 Feb 2025
https://github.com/advanced-security/conan-dependency-submission
Conan Dependency Submission to GitHub
Last synced: 27 Feb 2025