CommitGuard

By Abdullah-Shahen

Verifies if all commits on a branch are signed-off

Policy checks to validate AWS IAM policies in Terraform templates" Action For GitHub Actions

By aws-actions

Creator verified by GitHub

Validate IAM Policies in TF templates using ValidatePolicy, CheckAccessNotGranted CheckNoNewAccess API in Access Analyzer

3 stars

Analyze with CodeQL

By codebeltnet

An opinionated action that is used to initialize CodeQL

Finalyze with CodeQL

By codebeltnet

An opinionated action that performs the actual SAST analysis with previously initialized CodeQL

Attest Build Provenance

By actions

Creator verified by GitHub

Generate provenance attestations for build artifacts

76 stars

Fortify AST Scan

By fortify

Creator verified by GitHub

Find and fix vulnerabilities to build secure software with Fortify Code Security

8 stars

Create GitHub App Token

By actions

Creator verified by GitHub

GitHub Action for creating a GitHub App installation access token

265 stars

golang-govulncheck-action

By golang

Creator verified by GitHub

Run govulncheck

82 stars

CyberArk Conjur Secret Fetcher Action

By cyberark

Creator verified by GitHub

Securely retrieve a secret from CyberArk Conjur Secrets Manager and present to your action as a masked environment variable

2 stars

Docker Scout

By docker

Creator verified by GitHub

List vulnerabilities in images; find better base images and upload an image SBOM to Docker Scout

65 stars

Kubevious CLI

By kubevious

Use the Kubevious CLI in a github action

46 stars

Dastardly Scan Action

By PortSwigger

Creator verified by GitHub

Runs a Dastardly scan against a target site

217 stars

DeadFinder Action

By hahwul

Find dead-links (broken links)

125 stars

Maven Dependency Tree Dependency Submission

By advanced-security

Creator verified by GitHub

A GitHub Action for Maven project to submit a complete dependency tree to populate the GitHub Dependency Graph

44 stars

Secret Scanner

By secret-scanner

Scan for secrets in a repository

3 stars

Sbt Dependency Submission

By scalacenter

Creator verified by GitHub

Submits the dependency graph of an sbt build to the Github Submission API

57 stars

Secrets Scanner

By kams-mash

Scan repo for secrets using awslabs/git-secrets

Dependency Review

By actions

Creator verified by GitHub

Prevent the introduction of dependencies with known vulnerabilities

544 stars

Frogbot by JFrog

By jfrog

Creator verified by GitHub

JFrog Frogbot is a Git bot that scans your pull requests and repositories for security vulnerabilities

283 stars

OSSF Scorecard action

By ossf

Creator verified by GitHub

Run OSSF Scorecard checks and output results in SARIF format

228 stars