Prevent merging of malicious code in pull requests

Focused malicious code detection ruleset, with a high protection-to-noise ratio

Deterministic verification layer for LLMs | AI hallucination detection | Model output validation | Formal verification for AI | Python 🐍

AI code generation and improvement

Codeaudit - Modern Python source code security analyzer based on distrust.

Automatically monitors GitHub for code similarities and potential plagiarism using GitHub API. Includes Slack & Email alerts and an AI-based scanning skeleton for advanced code similarity detection.

Contexi let you interact with entire codebase or data with context using a local LLM on your system.

OpenVul: An Open-Source Post-Training Framework for LLM-Based Vulnerability Detection

PyGitGuard is a Git security scanner designed to prevent accidental commits of sensitive data by scanning for:

Defensive secret scanner for Git repositories. Prevent tokens, keys, and passwords from being committed.

SAST Scanner Modified - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!

GoBfuscator is a professional-grade obfuscation tool specifically designed for Go (Golang) source code. It provides multiple layers of protection to make reverse engineering difficult while maintaining 100% runtime functionality.

Calculate context-aware confidence scores for security findings. Prioritize vulnerabilities based on actual exploitability in your codebase.

Static Python code vulnerability scanner powered by LLMs.

A Python-based AI agent for detecting insecure code patterns in Python projects and providing context-based remediation suggestions.

Multi-agent AI security pipeline for GitHub Action. AI agents that think like AppSec engineers, backed by a deterministic gate that no prompt injection can bypass.

Triagem automatizada de vulnerabilidades SAST integrada ao GitHub via API, com uso de LLM local (DeepSeek-R1 & Ollama)

Lightweight, DevSecOps-friendly secret scanner with SARIF & Pre-commit support. Detects API keys, tokens, and passwords with entropy analysis.

Public MCP repository to describe how AI agents can use our hosted MCP server to get code intelligence and insights for their users. On any codebase, any techstack.

A simple web-based tool to scan code for common security vulnerabilities (like SQL Injection, hardcoded passwords, and XSS) and auto-fix them. Upload your code, scan for issues, and download a fixed version instantly.