Prevent merging of malicious code in pull requests

Focused malicious code detection ruleset, with a high protection-to-noise ratio

Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams

High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!

Offensive GitHub Actions attack surface analyzer : scan any repo for CI/CD vulnerabilities, pwn requests, supply chain risks, and secret leaks. Powered by 20 detection rules with CVSS scoring and OWASP CI/CD Top 10 mapping.

A comprehensive security design review checklist for hardening Jenkins, GitHub Actions, AWS, and Azure pipelines. Audit your software supply chain before production.

JenkinsBreaker: Offensive CI/CD security research framework focused on Jenkins exploitation, CVE chaining, and pipeline compromise scenarios.

Enterprise application security playbook covering attacker-driven testing, vulnerability management, and security automation across the SDLC.

GRIMSEC — 12 AI-Powered DevSecOps Agents. Analyze, audit, validate, and remediate vulnerabilities in any GitHub repo. 89-96% noise reduction.

Five review-gate skills for Claude Code that catch AI-generated code failures before they ship — code quality (15 LLM failure modes), tests, docs, security (OWASP Top 10:2025, CWE Top 25, LLM Top 10), and CI/CD–container–IaC hardening. Self-verifying via CI.

🛡️ A curated list of awesome DevSecOps tools, best practices, and resources for securing CI/CD pipelines. Covers SCA, SAST, DAST, IaC, and Container Security.

Security Engineering reference: taint analysis benchmark comparing Pysa, CodeQL & Semgrep on a controlled Django app (16 OWASP Top 10 cases). Includes CI/CD integration with SARIF, ground truth validation, and enterprise scaling patterns.

Collection of custom GHA and reusable workflows.

GitHub Actions security scanner: pin actions to SHAs, detect script injection, audit permissions. Fix supply chain vulnerabilities.

GitHub Actions pipeline that detects, gates, and audits AI-generated code — policy checks, security scans (Gitleaks + Semgrep), sandboxed tests, and risk-scored reviews

Catch typosquatting, timing attacks & behavioral anomalies in your GitHub Actions workflows before they compromise your CI/CD pipeline.

🛡️ A modern DevSecOps CI/CD pipeline dashboard and security portal. Monitors codebases using multi-layered scanners (GitLeaks, Trivy, Semgrep, Bandit) and generates isolated HTML vulnerability reports. Built with React, Vite, Express, and MongoDB.