roslyn-security-guard - Roslyn analyzers that aim to help security audit on .NET applications.

  •        132

⚠️ This project is no longer active. The project Security Code Scan is a more recent version which include all the analyzers from this project. It has many important bug fixes. Roslyn analyzers that aim to help security audits on .NET applications.

https://dotnet-security-guard.github.io
https://github.com/dotnet-security-guard/roslyn-security-guard

Tags
Implementation
License
Platform

   




Related Projects

roslyn - The

  •    CSharp

Roslyn provides open-source C# and Visual Basic compilers with rich code analysis APIs. It enables building code analysis tools with the same APIs that are used by Visual Studio.Discussion about the transition of language design to the new repos is at https://github.com/dotnet/roslyn/issues/18002.

MappingGenerator - :arrows_counterclockwise: "AutoMapper" like, Roslyn based, code fix provider that allows to generate mapping code in design time

  •    CSharp

I would like to thank all of you who contributed to this product by reporting issues, testing, authoring PRs, or buying me coffee. PR authors (except the Only README Updaters) and Coffee Buyers will be awarded with a special license for MappingGenerator for free - I will send them an email with details in a few days. You can download it as Visual Studio Extension from Visual Studio Marketplace.

Search Guard - Elasticsearch plugin that offers encryption, authentication, and authorisation

  •    Java

Search Guard is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats.

code-cracker - An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties

  •    CSharp

An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties. Check the official project site on code-cracker.github.io. There you will find information on how to contribute, our task board, definition of done, definition of ready, etc.

Roslynator - A collection of 500+ analyzers, refactorings and fixes for C#, powered by Roslyn.

  •    CSharp

Although Roslynator products are free of charge, any donation is welcome and supports further development. Currently VS Code does not support distribution of Roslyn-based tools in an extension. Also it does not support analyzers at all. Please read the tutorial how to install refactorings and code fixes for CS diagnostics.


roslyn-analyzers

  •    CSharp

This repository contains a number of Roslyn diagnostic analyzers initially developed to help flesh out the design and implementation of the static analysis APIs. They have been migrated from the main dotnet/roslyn repository in order to continue and speed their further development.Pre-release builds are available on MyGet gallery: https://dotnet.myget.org/Gallery/roslyn-analyzers.

omnisharp-roslyn - OmniSharp based on roslyn workspaces

  •    CSharp

OmniSharp-Roslyn is a .NET development platform based on Roslyn workspaces. It provides project dependencies and language syntax to various IDE and plugins. OmniSharp-Roslyn is built with the .NET Core SDK on Windows and Mono on OSX/Linux. It targets the net461 target framework. OmniSharp requires mono (>=5.2.0) if it is run on a platform other than Windows.

puma-scan - Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code

  •    CSharp

Puma Scan is a .NET software secure code analysis tool providing real time, continuous source code analysis as development teams write code. In Visual Studio, vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications. Puma Scan also integrates into the build to provide security analysis at compile time. The Puma Scan Community Edition is licensed under the Mozilla Public License (MPL) version 2.0.

cloudformation-guard - Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules

  •    Rust

AWS CloudFormation Guard is an open-source general-purpose policy-as-code evaluation tool. It provides developers with a simple-to-use, yet powerful and expressive domain-specific language (DSL) to define policies and enables developers to validate JSON- or YAML- formatted structured data with those policies. NOTE: If you are using Guard 1.0, we highly recommend adopting Guard 2.0 because Guard 2.0 is a major release that introduces multiple features to simplify your current policy-as-code experience. Guard 2.0 is backward incompatible with your Guard 1.0 rules and can result in breaking changes. To migrate from Guard 1.0 to Guard 2.0, 1) use migrate command to transition your existing 1.0 rules to 2.0 rules and 2) read all new Guard 2.0 features.

codeformatter - Tool that uses Roslyn to automatically rewrite the source to follow our coding styles

  •    CSharp

CodeFormatter is a tool that uses Roslyn to automatically rewrite the source to follow our coding styles, which are documented here.In order to build or run this tool you will need to have Microsoft Build Tools 2015 installed. This comes as a part of Visual Studio 2015.

scriptcs - Write C# apps with a text editor, nuget and the power of Roslyn!

  •    CSharp

scriptcs makes it easy to write and execute C# with a simple text editor.While Visual Studio, and other IDEs, are powerful tools, they can sometimes hinder productivity more than they promote it. You don’t always need, or want, the overhead of a creating a new solution or project. Sometimes you want to just type away in your favorite text editor.

MEAnalyzer - Intel Engine Firmware Analysis Tool

  •    Python

ME Analyzer is a tool which parses Intel Engine & PMC firmware images from the (Converged Security) Management Engine, (Converged Security) Trusted Execution Engine, (Converged Security) Server Platform Services & Power Management Controller families. It can be used by end-users who are looking for all relevant firmware information such as Family, Version, Release, Type, Date, SKU, Platform etc. It is capable of detecting new/unknown firmware, checking firmware health, Updated/Outdated status and many more. ME Analyzer is also a powerful Engine firmware research analysis tool with multiple structures which allow, among others, full parsing and unpacking of Converged Security Engine (CSE) code & file system, Flash Partition Table (FPT), Boot Partition Descriptor Table (BPDT/IFWI), CSE Layout Table (LT), advanced Size detection etc. Moreover, with the help of its extensive database, ME Analyzer is capable of uniquely categorizing all supported Engine firmware as well as check for any firmware which have not been stored at the Intel Engine Firmware Repositories yet. ME Analyzer allows end-users and/or researchers to quickly analyze and/or report new firmware versions without the use of special Intel tools (FIT/FITC, FWUpdate) or Hex Editors. To do that effectively, a database had to be built. The Intel Engine Firmware Repositories is a collection of every (CS)ME, (CS)TXE & (CS)SPS firmware we have found. Its existence is very important for ME Analyzer as it allows us to continue doing research, find new types of firmware, compare same major version releases for similarities, check for updated firmware etc. Bundled with ME Analyzer is a file called MEA.dat which is required for the program to run. It includes entries for all Engine firmware that are available to us. This accommodates primarily three actions: a) Detect each firmware's Family via unique identifier keys, b) Check whether the imported firmware is up to date and c) Help find new Engine firmware sooner by reporting them at the Intel Management Engine: Drivers, Firmware & System Tools or Intel Trusted Execution Engine: Drivers, Firmware & System Tools threads respectively.

Open Source Security Network

  •    Ruby

Guard Stone is an Open Source Security Platform, which enables to integrate and deploy open source security tools. Some of Guard Stone's focus areas include Firewall, VPN, Mail Gateway Filters, Web Filters, Web Application Security, Routing etc;

Scripty - Tools to let you use Roslyn-powered C# scripts for code generation

  •    CSharp

Please note: it's been a while since a Scripty release. Rest assured, this project is not dead - it's just taking a little rest while other bits fall into place in supporting projects. When work here resumes the focus will be on full .NET Core compatibility. Also note that the Scripty Visual Studio extension has been removed from the Visual Studio Extension Gallery due to reports of incompatibilities with the most recent versions of Visual Studio. It will be replaced when the next release comes out, but in the meantime you can download it directly from the GitHub version 0.7.4 release page.

ApplicationInspector - A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine

  •    CSharp

Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third party software components based on well-known library/API calls and is helpful in security and non-security use cases. It uses hundreds of rules and regex patterns to surface interesting characteristics of source code to aid in determining what the software is or what it does from what file operations it uses, encryption, shell operations, cloud API's, frameworks and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security such as the use of cryptography and more. This can be extremely helpful in reducing the time needed to determine what Open Source or other components do by examining the source directly rather than trusting to limited documentation or recommendations.

codeql - CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM

  •    CodeQL

This open source repository contains the standard CodeQL libraries and queries that power LGTM and the other CodeQL products that GitHub makes available to its customers worldwide. For the queries, libraries, and extractor that power Go analysis, visit the CodeQL for Go repository. There is extensive documentation on getting started with writing CodeQL. You can use the interactive query console on LGTM.com or the CodeQL for Visual Studio Code extension to try out your queries on any open source project that's currently being analyzed.

PeachPie - The open-source PHP compiler to .NET

  •    CSharp

PeachPie is a modern PHP compiler based on the Microsoft Roslyn compiler platform and drawing from our popular Phalanger project. It allows PHP to be executed within the .NET framework, thereby opening the door for PHP developers into the world of .NET – and vice versa. The project allows for hybrid applications, where parts are written in C# and others in PHP. The parts will be entirely compatible and can communicate seamlessly, all within the .NET framework.

dawnscanner - Dawn is a static analysis security scanner for ruby written web applications

  •    Ruby

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner version 1.6.6 has 235 security checks loaded in its knowledge base. Most of them are CVE bulletins applying to gems or the ruby interpreter itself. There are also some check coming from Owasp Ruby on Rails cheatsheet.

brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications

  •    Ruby

Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. Check out Brakeman Pro if you are looking for a commercially-supported version with a GUI and advanced features.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.