Search Results for "code review"
Sort By:
Showing 14 open source projects for "code review"
View related business solutions-
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). -
2
cargo-crev
A cryptographically verifiable code review system for the cargo
A cryptographically verifiable code review system for the cargo (Rust) package manager. cargo-crev is an implementation of Crev as a command-line tool integrated with cargo. This tool helps Rust users evaluate the quality and trustworthiness of their package dependencies. Crev is a language and ecosystem agnostic, distributed code review system. Use reviews produced by other users. -
3
Google Authenticator PAM Library
Example PAM module demonstrating two-factor authentication
google-authenticator-libpam is a Pluggable Authentication Module (PAM) that adds one-time passcodes to Unix and Linux logins using open OATH standards. It plugs into PAM stacks for services like SSH, su, or desktop display managers, prompting users for a time-based (TOTP) or counter-based (HOTP) code after their password. A lightweight enrollment program bootstraps each account by generating a secret, printing a QR code, and writing per-user configuration with safe file permissions. Because verification happens locally, codes work offline and do not depend on any Google service, which suits high-security and air-gapped environments. ... -
4
deepsec
Deepsec is a security harness for finding vulnerabilities
deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using coding agents to perform deep, project-aware security review rather than only basic pattern matching. The tool initializes a project-specific security context, scans code in batches, processes findings, and can optionally revalidate results to reduce false positives. For large repositories, it supports parallel work across worker machines and can resume interrupted scans without repeating completed work. ... -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
5
Laravel Socialite
Laravel wrapper around OAuth 1 & OAuth 2 libraries
...When upgrading to a new major version of Socialite, it's important that you carefully review the upgrade guide. Before using Socialite, you will need to add credentials for the OAuth providers your application utilizes. -
6
Enlightn
Your performance & security consultant, an artisan command away
Enlightn scans your Laravel app code to provide you actionable recommendations on improving its performance, security & more. We'll perform over 100 checks against your application for common issues, and provide actionable feedback for fixing them. Think of Enlightn as your performance and security consultant. Enlightn will "review" your code and server configurations, and give you actionable recommendations on improving performance, security, and reliability! ... -
7
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for... -
8
testssl.sh
Testing TLS/SSL encryption anywhere on any port
...If a particular check cannot be performed because of a missing capability on your client side, you'll get a warning. You can look at the code, see what's going on and you can change it. -
9
GitGot
Semi-automated tool for discovering exposed secrets in GitHub data
...GitGot leverages the GitHub Search API to perform queries across repositories, files, and gists, allowing security researchers and penetration testers to discover sensitive information that may have been unintentionally exposed in public code. During a search session, users review results and provide feedback that allows GitGot to filter out irrelevant or repetitive findings. This feedback is used to build blacklists that eliminate results based on repository names, file names, user names, or fuzzy matches of file content. The approach helps reduce noise while guiding the search process toward more relevant results. -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
Linux Exploit Suggester 2
Next-Generation Linux Kernel Exploit Suggester
...It inspects the target kernel and OS release, compares that information against a curated database of known kernel vulnerabilities, and reports which exploit primitives are plausibly applicable to the host. The script can optionally download exploit proof-of-concept code from public exploit repositories to accelerate validation in controlled environments. It supports wildcard matching for kernel strings to broaden detection coverage and colorizes its output for easier reading in terminal sessions. Typical usage is simple and lightweight: run the script on the target (or pass a manual kernel string) and review the ranked list of candidate exploits and references. -
11
mktwpol - Tripwire Policy Generator
Gentoo-centric script to make tripwire policy file from package lists
The mktwpol package is a companion pair of scripts, useful to automate the installation of tripwire, create plain-text tripwire policy files, and maintain a tripwire database. twsetup.sh is a bash script for completing a first time tripwire set-up with a minimum of fuss and study. It describes what it is going to do (including showing the exact commands that will be run), then calls twadmin, mktwpol.sh and tripwire to make key files, generate tripwire policy, encrypt the policy, and make... -
12
Web Security Basics
Web security concepts
...It also covers token-based authentication patterns like access and refresh tokens, helping developers see how modern web applications attempt to balance security with usability. Rather than providing executable code or automated tools, the project emphasizes conceptual understanding and the reasoning behind why certain defenses matter in web architecture. -
13
Portscan is a simple TCP port scanner (connect scan, similar to nmap -sC). It is implemented with threads for better speed. Please see the code and review it. Criticism is more than welcome. Helps needed to make it robust.
-
14
Milk is a security source code assessment tool using Orizon as API. Milk scans java and .NET source file in order to perform a security code review trying to point out safe coding best practices misuse.
- Previous
- You're on page 1
- Next
