Search Results for "code review"

The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc).

google-authenticator-libpam is a Pluggable Authentication Module (PAM) that adds one-time passcodes to Unix and Linux logins using open OATH standards. It plugs into PAM stacks for services like SSH, su, or desktop display managers, prompting users for a time-based (TOTP) or counter-based (HOTP) code after their password. A lightweight enrollment program bootstraps each account by generating a secret, printing a QR code, and writing per-user configuration with safe file permissions. Because verification happens locally, codes work offline and do not depend on any Google service, which suits high-security and air-gapped environments. ...

deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using coding agents to perform deep, project-aware security review rather than only basic pattern matching. The tool initializes a project-specific security context, scans code in batches, processes findings, and can optionally revalidate results to reduce false positives. For large repositories, it supports parallel work across worker machines and can resume interrupted scans without repeating completed work. ...

This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for...

...GitGot leverages the GitHub Search API to perform queries across repositories, files, and gists, allowing security researchers and penetration testers to discover sensitive information that may have been unintentionally exposed in public code. During a search session, users review results and provide feedback that allows GitGot to filter out irrelevant or repetitive findings. This feedback is used to build blacklists that eliminate results based on repository names, file names, user names, or fuzzy matches of file content. The approach helps reduce noise while guiding the search process toward more relevant results.

...It also covers token-based authentication patterns like access and refresh tokens, helping developers see how modern web applications attempt to balance security with usability. Rather than providing executable code or automated tools, the project emphasizes conceptual understanding and the reasoning behind why certain defenses matter in web architecture.

Milk is a security source code assessment tool using Orizon as API. Milk scans java and .NET source file in order to perform a security code review trying to point out safe coding best practices misuse.