Merge branch 'main' into master

This commit is contained in:
abdul-hai-apisec
2021-11-30 12:24:56 +05:30
committed by GitHub
52 changed files with 2652 additions and 0 deletions
@@ -0,0 +1,7 @@
{
"name": "Anchore Container Scan",
"creator": "Indeni Cloudrail",
"description": "Produce container image vulnerability and compliance reports based on the open-source Anchore container image scanner.",
"iconName": "anchore",
"categories": ["Code Scanning", "dockerfile"]
}
@@ -0,0 +1,7 @@
{
"name": "Brakeman",
"creator": "Brakeman",
"description": "Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications.",
"iconName": "brakeman",
"categories": ["Code Scanning", "ruby"]
}
@@ -0,0 +1,7 @@
{
"name": "CxSAST",
"creator": "Checkmarx",
"description": "Scan your code with Checkmarx CxSAST and see your results in the GitHub security tab.",
"iconName": "checkmarx",
"categories": ["Code Scanning", "javascript", "python", "java", "php", "c#", "c", "c++", "ruby", "swift", "go", "json", "kotlin", "apex", "scala", "perl"]
}
@@ -0,0 +1,7 @@
{
"name": "Codacy Security Scan",
"creator": "Codacy",
"description": "Free, out-of-the-box, security analysis provided by multiple open source static analysis tools.",
"iconName": "codacy",
"categories": ["Code Scanning", "apex", "bash", "c", "coffeescript", "c++", "c#", "crystal", "dockerfile", "elixir", "go", "groovy", "java", "javascript", "jsp", "kotlin", "markdown", "php", "plsql", "powershell", "python", "ruby", "scala", "swift", "tsql", "typescript", "velocity", "vba", "xml"]
}
@@ -0,0 +1,7 @@
{
"name": "CodeScan",
"creator": "CodeScan Enterprises, LLC",
"description": "CodeScan allows for better visibility on your code quality checks based on your custom rulesets.",
"iconName": "codescan",
"categories": ["Code Scanning", "javascript", "apex"]
}
@@ -0,0 +1,7 @@
{
"name": "42Crunch API Security Audit",
"creator": "42Crunch",
"description": "Use the 42Crunch API Security Audit REST API to perform static application security testing (SAST) on OpenAPI/Swagger files.",
"iconName": "42crunch",
"categories": ["Code Scanning"]
}
@@ -0,0 +1,9 @@
{
"name": "Detekt",
"creator": "Detekt",
"description": "Static code analysis for Kotlin",
"iconName": "detekt",
"categories": ["Code Scanning", "Kotlin"]
}
@@ -0,0 +1,7 @@
{
"name": "njsscan",
"creator": "NodeJSScan",
"description": "nodejsscan is a static security code scanner that finds insecure code patterns in your Node.js applications.",
"iconName": "njsscan",
"categories": ["Code Scanning", "JavaScript", "TypeScript"]
}
@@ -0,0 +1,7 @@
{
"name": "OSSAR",
"creator": "GitHub",
"description": "Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).",
"iconName": "octicon mark-github",
"categories": ["Code Scanning", "python", "javascript"]
}
@@ -0,0 +1,7 @@
{
"name": "Prisma Cloud IaC Scan",
"creator": "Palo Alto Prisma Cloud",
"description": "Scan your Infrastructure as Code files with Prisma Cloud to detect security issues",
"iconName": "prisma",
"categories": ["Code Scanning"]
}
@@ -0,0 +1,7 @@
{
"name": "RuboCop Linting",
"creator": "arthurnn",
"description": "A Ruby static code analyzer and formatter, based on the community Ruby style guide.",
"iconName": "rubocop",
"categories": ["Code Scanning", "ruby"]
}
@@ -0,0 +1,7 @@
{
"name": "SecurityCodeScan",
"creator": "@security-code-scan",
"description": "Vulnerability Patterns Detector for C# and VB.NET",
"iconName": "securitycodescan",
"categories": ["Code Scanning", "C#", "Visual Basic .NET"]
}
@@ -0,0 +1,7 @@
{
"name": "Semgrep",
"creator": "Returntocorp",
"description": "Continuously run Semgrep to find bugs and enforce secure code standards. Start with 1k+ community rules or write your own in a few minutes.",
"iconName": "semgrep",
"categories": ["Code Scanning", "Go", "Java", "JavaScript", "JSON", "Python", "Ruby", "TypeScript", "JSX", "TSX"]
}
@@ -0,0 +1,7 @@
{
"name": "Scan",
"creator": "ShiftLeft",
"description": "Scan is a free open-source security tool for modern DevOps teams from ShiftLeft.",
"iconName": "shiftleft",
"categories": ["Code Scanning"]
}
@@ -0,0 +1,7 @@
{
"name": "Snyk Container",
"creator": "Snyk",
"description": "Detect vulnerabilities in your container images and surface the issues in GitHub code scanning.",
"iconName": "snyk",
"categories": ["Code Scanning", "dockerfile"]
}
@@ -0,0 +1,7 @@
{
"name": "Snyk Infrastructure as Code",
"creator": "Snyk",
"description": "Detect vulnerabilities in your infrastructure as code files and surface the issues in GitHub code scanning.",
"iconName": "snyk",
"categories": ["Code Scanning"]
}
@@ -0,0 +1,8 @@
{
"name": "Trivy",
"creator": "Aqua Security",
"description": "Scan Docker container images for vulnerabilities in OS packages and language dependencies with Trivy from Aqua Security.",
"iconName": "trivy",
"categories": ["Code Scanning", "dockerfile"],
"enterprise_requirements": ["docker"]
}
@@ -0,0 +1,7 @@
{
"name": "Xanitizer",
"creator": "RIGS IT",
"description": "Automatically scan your code for vulnerabilities and generate compliance reports with the static security analysis tool Xanitizer (SAST).",
"iconName": "xanitizer",
"categories": ["Code Scanning", "javascript", "java", "scala", "typescript", "xml", "json"]
}