Checkmarx

All

51 repositories

sast-to-ast-export
Public
CLI tool to export data from CxSAST and import into Checkmarx Application Security Testing Platform
security application ast sast
Go
•
Apache License 2.0
•5•3•2•1•Updated Feb 3, 2025Feb 3, 2025
kics
Public
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
security iac infrastructure-as-code cloudnative appsec vulnerability-detection hacktoberfest vulnerability-scanners security-tools open-policy-agent
Open Policy Agent
•
Apache License 2.0
•316•2.2k•125•67•Updated Feb 3, 2025Feb 3, 2025
2ms
Public
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
security secret-management secrets appsec secret-keys api-keys
Go
•
Apache License 2.0
•17•85•32•0•Updated Feb 3, 2025Feb 3, 2025
ast-cli
Public
A CLI project wrapping application security testing (AST) APIs
ast checkmarx checkmarx-ast cli
Go
•
Apache License 2.0
•24•45•6•15•Updated Feb 3, 2025Feb 3, 2025
homebrew-ast-cli
Public
Ruby
•0•2•0•0•Updated Feb 3, 2025Feb 3, 2025
ast-eclipse-plugin
Public
The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
security eclipse-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•11•4•0•5•Updated Feb 3, 2025Feb 3, 2025
ast-azure-plugin
Public
The CxAST Azure DevOps plugin enables you to trigger SAST, SCA, and KICS scans directly from an Azure DevOps pipeline.
security security-tools azure-devops-extension checkmarx checkmarx-ast
TypeScript
•
Apache License 2.0
•5•4•6•14•Updated Feb 2, 2025Feb 2, 2025
containers-types
Public
Go
•0•0•0•1•Updated Jan 31, 2025Jan 31, 2025
containers-resolver
Public
Go
•0•0•0•0•Updated Jan 31, 2025Jan 31, 2025
containers-syft-packages-extractor
Public
Go
•0•0•0•1•Updated Jan 30, 2025Jan 30, 2025
ast-teamcity-plugin
Public
The CxAST TeamCity plugin enables you to trigger SAST, SCA, and KICS scans directly from a TeamCity project.
security teamcity-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•2•3•1•8•Updated Jan 29, 2025Jan 29, 2025
ast-visual-studio-extension
Public
The CxAST Visual Studio plugin enables you to import results from a CxAST scan directly into your IDE
security visual-studio-extension checkmarx visual-studio-2022 checkmarx-ast
C#
•
Apache License 2.0
•6•2•3•9•Updated Jan 29, 2025Jan 29, 2025
ast-jetbrains-plugin
Public
The CxAST JetBrains plugin enables you to import results from a CxAST scan directly into your IDE.
security jetbrains-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•3•3•0•11•Updated Jan 29, 2025Jan 29, 2025
containers-images-extractor
Public
Go
•0•0•0•0•Updated Jan 28, 2025Jan 28, 2025
gen-ai-prompts
Public
Remediate SAST results using AI
Go
•1•3•2•1•Updated Jan 28, 2025Jan 28, 2025
ast-vscode-extension
Public
The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
security vscode-extension checkmarx checkmarx-ast
Hack
•
Apache License 2.0
•6•12•7•21•Updated Jan 28, 2025Jan 28, 2025
ast-github-action
Public
Checkmarx application security testing (AST) GitHub action
security github-actions checkmarx checkmarx-ast
Shell
•
Apache License 2.0
•24•16•13•4•Updated Jan 27, 2025Jan 27, 2025
kics-cdk-validator-plugin
Public
A KICS plugin for AWS CDK
TypeScript
•
Apache License 2.0
•3•6•1•5•Updated Jan 23, 2025Jan 23, 2025
plugins-release-workflow
Public
Automates the release workflow across all components, starting with the CLI, followed by the Wrappers, and concluding with the Plugins. This streamlined process ensures consistent and efficient deployment across the entire ecosystem.
0•0•0•0•Updated Jan 22, 2025Jan 22, 2025
kics-github-action
Public
GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
JavaScript
•
GNU General Public License v3.0
•33•44•10•1•Updated Jan 22, 2025Jan 22, 2025
Vulnerabilities-Proofs-of-Concept
Public
JavaScript
•0•0•0•0•Updated Jan 13, 2025Jan 13, 2025
gen-ai-wrapper
Public
Go
•
Apache License 2.0
•0•0•1•6•Updated Dec 30, 2024Dec 30, 2024
ast-cli-maven-plugin
Public
A Maven plugin for using the AST CLI in Maven lifecycle phases
Java
•
Apache License 2.0
•0•0•0•9•Updated Dec 9, 2024Dec 9, 2024
vorpal-reviewdog-github-action
Public
Run Vorpal with reviewdog 🐶
Shell
•
Apache License 2.0
•0•3•0•0•Updated Oct 10, 2024Oct 10, 2024
dast-github-action
Public
Shell
•
GNU General Public License v3.0
•2•2•0•1•Updated Sep 23, 2024Sep 23, 2024
terraform-aws-cxone
Public
HCL
•5•0•1•2•Updated Aug 20, 2024Aug 20, 2024
ci-cd-integrations
Public
If you are using a CI/CD platform that doesn’t yet have a dedicated Checkmarx plugin, please check this repository.
circleci maven bitbucket ci-cd sonar bamboo-plugin checkmarx securtiy checkmarx-ast
Groovy
•
Apache License 2.0
•17•9•0•2•Updated Jul 3, 2024Jul 3, 2024
Goatlin
Public
(aka Kotlin Goat) - an intentionally vulnerable Kotlin application
Kotlin
•
GNU General Public License v3.0
•138•33•0•7•Updated Apr 17, 2024Apr 17, 2024
capital
Public
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
ctf vulnerable-web-app apisecurity
CSS
•
GNU Affero General Public License v3.0
•72•282•4•13•Updated Apr 12, 2024Apr 12, 2024
gitleaks
Public
Protect and discover secrets using Gitleaks 🔑
Go
•
MIT License
•1.5k•0•0•1•Updated Mar 31, 2024Mar 31, 2024