advanced-security Goto Github PK

.github

GitHub Advanced Security's Org README

adjust-cvss

advanced-security-material

alert-suppression-queries

CodeQL packs for alert suppression queries for each supported code scanning language

awesome-codeql

A curated list of awesome CodeQL resources.

awesome-dependabot

A curated list of awesome Dependabot (and related software supply chain) resources.

awesome-secret-scanning

A curated list of awesome GitHub Advanced Security secret scanning resources.

aws-github-boilerplate

A boilerplate for an application reacting to webhooks from GitHub, deployed to AWS.

brew-dependency-submission-action

Brew Lockfile Dependency Submission Action

cbom-action

Create a Crypto Bill of Materials using CodeQL

cocoapods-dependency-submission-action

CocoaPods Lockfile Dependency Submission Action

codeql-bundle

CLI to build a custom CodeQL bundle

codeql-bundle-action

Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

codeql-coding-standards-bundle-releases

CodeQL bundles containing the CodeQL Coding Standards queries

codeql-development-toolkit

The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.

codeql-docker

CodeQL Docker image

codeql-extractor-iac

CodeQL Extractor, Library, and Queries for Infrastructure as Code

codeql-queries

[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead

codeql-sarif-security-standard-annotator

Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standard

codeql-summarize

CodeQL Summary Generator

codeql-workshops-staging

Original workshops and staging area for new ones

codeql_container_example

This repository serves as an exemplary resource demonstrating how to set up CodeQL to scan containerized applications for vulnerabilities. Its primary objective is to showcase the implementation of CodeQL in the code scanning process.

component-detection-dependency-submission-action

conan-dependency-submission

Conan Dependency Submission to GitHub

conda-dependency-submission-action

config

crypto-bill-of-materials-data

Generate a Crypto Bill of Materials using CodeQL

custom-codeql-bundle

An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations.qll` library

dart-analyzer-sarif

Convert `dart analyze` CLI output into SARIF

delombok

Delombok Java Code for analysis with Code Scanning