GraphQL-specific security scanner. Detects introspection exposure, field harvesting, depth/complexity attacks, batch abuse, and injection.
-
Updated
Mar 16, 2026 - Go
#
appsec
Here are 45 public repositories matching this topic...
[MIRROR] self-hosted WAF to protect your websites from attacks and exploits
security api-gateway captcha firewall waf xss bruteforce self-hosted cybersecurity sql-injection vulnerability application-security web-security cve appsec web-application-firewall http-flood blueteam websecurity
-
Updated
Mar 25, 2026 - Go
Yet another simple WAF build with golang
-
Updated
Oct 28, 2025 - Go
Advanced SBOM visualization tool. Provides graphical information about the dependency stack of your application, list of vulnerabilities and overall application health. Supports multiple methods of data aggregation and filtering in a convenient, modern interface.
-
Updated
Jan 9, 2026 - Go
Text Janitor is a a comprehensive text analysis and cleaning toolkit developed by Martin Mkrtchian for maintaining code quality and text hygiene across your projects.
-
Updated
Oct 6, 2025 - Go
A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
-
Updated
Sep 4, 2025 - Go
Secrets & hash scanner written in Go (API keys, tokens, high-entropy strings, hash types & crackability hints).
-
Updated
Dec 14, 2025 - Go
Risk-based compliance mapper and release gate for SOC 2, NIS 2 e DORA. Context over thresholds.
go golang security nist infosec compliance cicd risk-assessment appsec vulnerability-management sca dora risk-management iso27001 cvss soc2 rgc sbom epss release-gates
-
Updated
Mar 27, 2026 - Go
Secret Scanner
security ai secrets appsec leaks devsecops github-actions secret-scanning secret-scanner llm githistory
-
Updated
Nov 27, 2025 - Go
A terminal interactive game designed to train yourself to identify insecure coding practices.
-
Updated
Oct 29, 2025 - Go
Passive recon golang module to expand testing targets (subdomains and urls)
security discovery penetration-testing application-security pentesting appsec security-tools reconnaissance security-testing pentesting-tools
-
Updated
Mar 13, 2026 - Go
urlyzer is a URL parsing analysis tool.
url security dfir urls application-security web-security pentesting url-parsing bugbounty appsec blueteam security-automation security-tools redteaming redteam offensivesecurity redteam-tools applicationsecurity appsec-tools blueteam-tools
-
Updated
Jul 27, 2024 - Go
Static secret scanner for CI/CD pipelines. Entropy-based false positive reduction. Zero external dependencies. Built for environments where network-verified tools cannot run.
-
Updated
Mar 24, 2026 - Go
Multitool for Enhancing Code Security
-
Updated
Feb 17, 2026 - Go
Ghosted is a Trust Erosion scanner, pulling domains from your CSP checking if they're available to buy.
-
Updated
Oct 14, 2025 - Go
Interaction-based application security / quality tool (Control Unit)
-
Updated
Dec 18, 2023 - Go
Improve this page
Add a description, image, and links to the appsec topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the appsec topic, visit your repo's landing page and select "manage topics."