github actions "security" keyword
Top 1.0% on github actions
18 versions - Latest release: 5 months ago - 497 dependent repositories - 337 stars on GitHub
zaproxy/action-baseline v0.15.0 💰
Scans the web application with the ZAP Baseline Scan18 versions - Latest release: 5 months ago - 497 dependent repositories - 337 stars on GitHub
xvnpw/ai-threat-modeling-action v1.3.4
AI featured threat modeling and security review action24 versions - Latest release: almost 2 years ago - 1 dependent repositories - 45 stars on GitHub
secrethub/actions v0.2.1
Load secrets into your GitHub workflows3 versions - Latest release: over 5 years ago - 46 stars on GitHub
Top 3.8% on github actions
16 versions - Latest release: over 1 year ago - 131 dependent repositories - 76 stars on GitHub
pypa/gh-action-pip-audit v1.1.0 💰
Use pip-audit to scan Python dependencies for known vulnerabilities16 versions - Latest release: over 1 year ago - 131 dependent repositories - 76 stars on GitHub
Top 6.7% on github actions
3 versions - Latest release: over 2 years ago - 21 dependent repositories - 21 stars on GitHub
HCL-TECH-SOFTWARE/appscan-codesweep-action v2.1
Scan for security issues in code3 versions - Latest release: over 2 years ago - 21 dependent repositories - 21 stars on GitHub
Top 0.9% on github actions
4 versions - Latest release: almost 6 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rs/audit-check v1.2.0 💰
Run cargo audit and check for security advisories4 versions - Latest release: almost 6 years ago - 2,306 dependent repositories - 157 stars on GitHub
Traceableai/ast-action 0.0.5
GitHub action for Traceable Active Security Testing6 versions - Latest release: about 3 years ago - 1 dependent repositories - 4 stars on GitHub
jetstack/paranoia v0.4.0
Validate the presence or absence of certificate authorities in your container image.9 versions - Latest release: 11 months ago - 195 stars on GitHub
Top 7.0% on github actions
30 versions - Latest release: 6 months ago - 2 dependent repositories - 153 stars on GitHub
hahwul/deadfinder 1.9.1 💰
A GitHub Action to find and report dead (broken) links in files, URLs, or sitemaps.30 versions - Latest release: 6 months ago - 2 dependent repositories - 153 stars on GitHub
hahwul/mzap v1.3.1 💰
Multiple target ZAP Scanning10 versions - Latest release: over 2 years ago - 104 stars on GitHub
jskov/action-nexus-publish v1.2
Publish maven artifacts to Maven Central via Portal Publisher API3 versions - Latest release: 11 months ago - 0 stars on GitHub
Top 1.1% on github actions
41 versions - Latest release: 11 months ago - 211 dependent repositories - 243 stars on GitHub
gitleaks/gitleaks-action v2.3.9
run gitleaks on push and pull-request events41 versions - Latest release: 11 months ago - 211 dependent repositories - 243 stars on GitHub
Top 0.6% on github actions
25 versions - Latest release: over 1 year ago - 11,383 dependent repositories - 277 stars on GitHub
gradle/wrapper-validation-action v3.5.0
Validates Gradle Wrapper JAR Files25 versions - Latest release: over 1 year ago - 11,383 dependent repositories - 277 stars on GitHub
Top 0.8% on github actions
178 versions - Latest release: 18 days ago - 224 dependent repositories - 2,419 stars on GitHub
oxsecurity/megalinter v9.4.0 💰
Combine all available linters to automatically validate your sources without configuration !178 versions - Latest release: 18 days ago - 224 dependent repositories - 2,419 stars on GitHub
Top 1.5% on github actions
30 versions - Latest release: over 1 year ago - 96 dependent repositories - 697 stars on GitHub
MobSF/mobsfscan 0.4.5 💰
mobsfscan is a SAST that can find insecure code patterns in your Android and iOS source code.30 versions - Latest release: over 1 year ago - 96 dependent repositories - 697 stars on GitHub
Top 0.6% on github actions
33 versions - Latest release: 6 months ago - 6,465 dependent repositories - 337 stars on GitHub
ossf/scorecard-action v2.4.3
Run OSSF Scorecard checks and output results in SARIF format33 versions - Latest release: 6 months ago - 6,465 dependent repositories - 337 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: almost 3 years ago - 4 dependent repositories - 7 stars on GitHub
bashofmann/neuvector-image-scan-action
Scans a container image for vulnerabilities with [NeuVector](https://neuvector.com)Latest release: 10 months ago - 1 stars on GitHub
Top 0.3% on github actions
77 versions - Latest release: 14 days ago - 3,327 dependent repositories - 1,226 stars on GitHub
aquasecurity/trivy-action 0.35.0
Scans container images for vulnerabilities with Trivy77 versions - Latest release: 14 days ago - 3,327 dependent repositories - 1,226 stars on GitHub
fortify/github-action v3.0.0
Find and fix vulnerabilities to build secure software with Fortify Code Security.40 versions - Latest release: 22 days ago - 19 stars on GitHub
NeuraLegion/wait-for v1.1
Wait for issues in a Bright scan2 versions - Latest release: 12 months ago - 0 stars on GitHub
Top 8.8% on github actions
41 versions - Latest release: 11 months ago - 397 stars on GitHub
zricethezav/gitleaks-action v2.3.9 💰
run gitleaks on push and pull-request events41 versions - Latest release: 11 months ago - 397 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 6 years ago - 0 stars on GitHub
grolston/guard-action 1.0
Guard ShiftLeft1 version - Latest release: over 3 years ago - 1 dependent repositories - 2 stars on GitHub
Contrast-Security-OSS/integration-verify-github-action v0.6.10
Verify Contrast Application by Job Outcome Policy or Vulnerability Count15 versions - Latest release: 5 months ago - 3 stars on GitHub
NeuraLegion/run-scan v1.3
Run a Bright Security scan right in GitHub Action6 versions - Latest release: 7 months ago - 26 dependent repositories - 2 stars on GitHub
operous/test-ssh-action 0.1.0
SSH server vulnerability and security scanner with Operous5 versions - Latest release: over 4 years ago - 9 stars on GitHub
Top 5.1% on github actions
5 versions - Latest release: over 4 years ago - 48 dependent repositories - 14 stars on GitHub
redhat-actions/crda v1.0.0
Analyse vulnerabilities in application dependencies5 versions - Latest release: over 4 years ago - 48 dependent repositories - 14 stars on GitHub
Top 7.8% on github actions
18 versions - Latest release: over 2 years ago - 17 dependent repositories - 7 stars on GitHub
SAP/fosstars-rating-core-action v1.14.0
The action calculates one of the Fosstars ratings. It outputs a report in Markdown format and an ...18 versions - Latest release: over 2 years ago - 17 dependent repositories - 7 stars on GitHub
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: about 3 years ago - 3 stars on GitHub
GrantBirki/auditor-action-core v3.3.2 💰
The Auditor Action's Core30 versions - Latest release: 11 months ago - 1 dependent repositories - 0 stars on GitHub
Top 4.2% on github actions
8 versions - Latest release: about 6 years ago - 15 dependent repositories - 55 stars on GitHub
lazy-actions/gitrivy v2.0.0
Scan docker image vulnerability using Trivy and create GitHub Issue8 versions - Latest release: about 6 years ago - 15 dependent repositories - 55 stars on GitHub
f-actions/opentype-sanitizer v3.0.0
A GitHub Action for opentype-sanitizer testing of font artifacts8 versions - Latest release: about 2 years ago - 1 dependent repositories - 6 stars on GitHub
fraim-dev/fraim-action v0.7.0
Run Fraim AI-powered workflows on your code and upload results to GitHub Security tab8 versions - Latest release: 6 months ago - 5 stars on GitHub
malice-labs/fork-sentry 1.0
Detect and alert on suspicious forks of your repository1 version - Latest release: about 4 years ago - 2 stars on GitHub
Top 6.5% on github actions
11 versions - Latest release: over 1 year ago - 34 dependent repositories - 20 stars on GitHub
Contrast-Security-OSS/contrastscan-action v3.0.2
Perform SAST analysis of a project11 versions - Latest release: over 1 year ago - 34 dependent repositories - 20 stars on GitHub
xen0l/iam-lint v2
Github Action to lint AWS IAM policy document files with parliament from DUo Labs2 versions - Latest release: about 6 years ago - 1 dependent repositories - 33 stars on GitHub
xen0l/dlint-check 0.10.1
Github Action to lint Python code with dlint from Duo Labs2 versions - Latest release: about 6 years ago - 1 dependent repositories - 4 stars on GitHub
rcowsill/workflow-scan-action v3.0.0
Scan GitHub Actions workflow files with CodeQL4 versions - Latest release: about 2 years ago - 2 dependent repositories - 2 stars on GitHub
occmundial/action-cve-clone v2.0.2
Send GitHub vulnerability alerts to multiple platforms like Slack, PagerDuty.6 versions - Latest release: over 3 years ago - 0 stars on GitHub
Checkmarx/dustilock v1.2.0
DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack4 versions - Latest release: over 4 years ago - 28 stars on GitHub
carhartl/talisman-secrets-scan-action v1.4.0
Scan an incoming range of commits for accidentally added secrets and sensitive information7 versions - Latest release: about 3 years ago - 8 dependent repositories - 3 stars on GitHub
edersonbrilhante/vilicus-github-action v0.0.1
Scans container images for vulnerabilities using Vilicus2 versions - Latest release: almost 5 years ago - 1 dependent repositories - 5 stars on GitHub
Top 9.5% on github actions
1 version - Latest release: about 6 years ago - 1 dependent repositories - 16 stars on GitHub
y-mehta/vulnalerts v1
Customized daily Vulnerabilty Alerts straight to your Slack Inbox for Free.1 version - Latest release: about 6 years ago - 1 dependent repositories - 16 stars on GitHub
albuch/sbt-dependency-check-action v1.0
Github action to execute sbt-dependency-check as part of a github workflow1 version - Latest release: almost 5 years ago - 3 dependent repositories - 1 stars on GitHub
hashicorp/setup-signore v3.0.0
setup-signore downloads, installs, and configures the signore signing service client10 versions - Latest release: almost 2 years ago - 9 dependent repositories - 0 stars on GitHub
Top 2.8% on github actions
49 versions - Latest release: about 6 years ago - 14 dependent repositories - 1,987 stars on GitHub
lirantal/is-website-vulnerable 1.15.10
Scans a URL for publicly known JavaScript library vulnerabilities49 versions - Latest release: about 6 years ago - 14 dependent repositories - 1,987 stars on GitHub
google/oss-fuzz/infra/cifuzz/actions/build_fuzzers
Builds an OSS-Fuzz project's fuzzers.Latest release: about 1 month ago
oxsecurity/megalinter/flavors/documentation v9.4.0 💰
[documentation flavor] Combine all available linters to automatically validate your sources witho...178 versions - Latest release: 18 days ago - 2,422 stars on GitHub
oxsecurity/megalinter/flavors/cupcake v9.4.0 💰
[cupcake flavor] Combine all available linters to automatically validate your sources without con...178 versions - Latest release: 18 days ago - 2,422 stars on GitHub
hashicorp/setup-signore-package v1.1.0
installs the signore client from a GitHub Packages docker image5 versions - Latest release: almost 3 years ago - 0 stars on GitHub
google/clusterfuzzlite/actions/run_fuzzers v1
Runs fuzz target binaries.1 version - Latest release: about 4 years ago - 521 stars on GitHub
google/clusterfuzzlite/actions/build_fuzzers v1
Builds project's fuzzers.1 version - Latest release: about 4 years ago - 521 stars on GitHub
Aptori-dev/sift-action v1.0.3
Find business logic and security bugs in your application with Aptori Autonomous API Security Tes...5 versions - Latest release: 6 months ago - 6 stars on GitHub
tenable/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 3 years ago - 12 stars on GitHub
georgealton/iam-sarif-report v2.3.4
Generate SARIF from AWS IAM Access Analyzer findings15 versions - Latest release: 8 months ago - 6 stars on GitHub
alcideio/advisor-action v1.1.2
Security Scan Kubernetes Cluster11 versions - Latest release: almost 6 years ago - 1 dependent repositories - 13 stars on GitHub
Threagile/run-threagile-action v1
Threat model analysis via open-source toolkit Threagile1 version - Latest release: over 5 years ago - 13 stars on GitHub
sammcj/github-app-installation-token v2.17.0 💰
Run a GitHub Action as a GitHub App Installation instead of using secrets.GITHUB_TOKEN or a perso...131 versions - Latest release: almost 2 years ago - 2 dependent repositories - 4 stars on GitHub
DIVD-NL/cna-bot v1.5.1
A Bot that validates CVE records and (optionally) submits them to the CVE database.37 versions - Latest release: almost 2 years ago - 1 dependent repositories - 5 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 3 years ago - 6 dependent repositories - 10 stars on GitHub
dopplerhq/secrets-fetch-action v1.3.1
Fetch Doppler secrets for a specific Project and Config8 versions - Latest release: 4 months ago
nuwaycloud/trivy-action v0.0.3
GitHub action to scan docker images for vulnerability issues using trivy.3 versions - Latest release: over 1 year ago - 1 stars on GitHub
reposaur/repo-audit-action v0.1.0
Audit your organization's repositories using Reposaur.1 version - Latest release: almost 4 years ago - 1 stars on GitHub
Top 3.2% on github actions
51 versions - Latest release: over 2 years ago - 23 dependent repositories - 343 stars on GitHub
tonybaloney/pycharm-security 1.29.0 💰
Scan your Python Code for security issues51 versions - Latest release: over 2 years ago - 23 dependent repositories - 343 stars on GitHub
sysdiglabs/k8s-security-configwatch v1.0.0
Run security lint check against Kubernetes workloads when a PR is open.1 version - Latest release: about 6 years ago - 29 stars on GitHub
CrowdStrike/container-image-scan-action v1.4.0
Scan your container image for vulnerabilities and malware14 versions - Latest release: over 1 year ago - 1 dependent repositories - 15 stars on GitHub
Top 5.5% on github actions
2 versions - Latest release: over 5 years ago - 19 dependent repositories - 14 stars on GitHub
andrewmcodes/bundler-audit-action v0.1.0 💰
GitHub Action for running bundler-audit2 versions - Latest release: over 5 years ago - 19 dependent repositories - 14 stars on GitHub
Top 4.1% on github actions
8 versions - Latest release: almost 3 years ago - 114 dependent repositories - 23 stars on GitHub
apisec-inc/apisec-run-scan v1.0.7
Continuous, automated, comprehensive API Security Testing8 versions - Latest release: almost 3 years ago - 114 dependent repositories - 23 stars on GitHub
trendmicro/cloudone-container-security-github-action 1.0.11
Scan container images with Vision One Container Security12 versions - Latest release: over 1 year ago - 7 stars on GitHub
hoeg/semgrep-report v1.0.2
Report Semgrep findimgs to PRs with suggested changes5 versions - Latest release: over 2 years ago - 0 stars on GitHub
bullfrogsec/bullfrog v0.8.4
Block unauthorized outbound traffic (egress) in your Github workflows23 versions - Latest release: 10 months ago - 110 stars on GitHub
Top 2.6% on github actions
5 versions - Latest release: over 3 years ago - 162 dependent repositories - 162 stars on GitHub
symfonycorp/security-checker-action v5 💰
Checks composer.json for known vulnerabilities in your package dependencies5 versions - Latest release: over 3 years ago - 162 dependent repositories - 162 stars on GitHub
Top 2.7% on github actions
14 versions - Latest release: over 1 year ago - 42 dependent repositories - 107 stars on GitHub
microsoft/security-devops-action v1.12.0
Run security analyzers.14 versions - Latest release: over 1 year ago - 42 dependent repositories - 107 stars on GitHub
standardnotes/brakeman-action v1.0.0 💰
A GitHub action to run Brakeman, a static analysis security vulnerability scanner for Ruby on Rai...1 version - Latest release: almost 5 years ago - 2 dependent repositories - 4 stars on GitHub
dlint-py/dlint-action 1.0.0
A tool for encouraging best coding practices and helping ensure we're writing secure Python code.1 version - Latest release: about 6 years ago - 1 dependent repositories - 0 stars on GitHub
DVKunion/CollieTrickster v1.1.1
Use Collie to get an free host3 versions - Latest release: almost 3 years ago - 38 stars on GitHub
fabasoad/setup-graudit-action v0.3.1 💰
This action installs graudit CLI tool.12 versions - Latest release: about 1 year ago - 1 stars on GitHub
sudo-bot/action-docker-sign latest
Sign docker images1 version - Latest release: almost 5 years ago - 10 dependent repositories - 6 stars on GitHub
Top 6.6% on github actions
34 versions - Latest release: over 1 year ago - 1 dependent repositories - 815 stars on GitHub
Legit-Labs/legitify v1.0.11
Legitify GitHub Action34 versions - Latest release: over 1 year ago - 1 dependent repositories - 815 stars on GitHub
gacts/gitleaks v1.3.1
Installs and runs GitLeaks in your actions workflow18 versions - Latest release: 4 months ago - 70 dependent repositories - 16 stars on GitHub
Top 8.9% on github actions
13 versions - Latest release: over 2 years ago - 23 dependent repositories - 10 stars on GitHub
ossillate-inc/packj-github-action v0.0.12-beta
Use Packj to avoid malicious and other "risky" open-source software dependencies13 versions - Latest release: over 2 years ago - 23 dependent repositories - 10 stars on GitHub
hahwul/zest-env v1.1.5 💰
Zest CLI in Github action8 versions - Latest release: 6 months ago - 8 stars on GitHub
lnavarrocarter/actions-rules-repository 1.1.4
Add rules repository labels to issues and pull requests.7 versions - Latest release: almost 3 years ago - 1 dependent repositories - 1 stars on GitHub
Top 4.1% on github actions
95 versions - Latest release: 4 months ago - 82 dependent repositories - 24 stars on GitHub
reviewdog/action-detect-secrets v0.29.6 💰
🐶 Run detect-secrets with reviewdog on pull requests to improve code review experience.95 versions - Latest release: 4 months ago - 82 dependent repositories - 24 stars on GitHub
Top 5.9% on github actions
18 versions - Latest release: over 2 years ago - 88 dependent repositories - 24 stars on GitHub
ForAllSecure/mapi-action v2.0.0
Automatically test your REST APIs with your OpenAPI specs and Postman collections18 versions - Latest release: over 2 years ago - 88 dependent repositories - 24 stars on GitHub
Pwd9000-ML/azure-vm-password-rotate v1.1.0
Rotate AZURE virtual machines local administrator Passwords, using AZURE key vault4 versions - Latest release: about 4 years ago - 1 dependent repositories - 3 stars on GitHub
HCL-TECH-SOFTWARE/appscan-dast-action v1.0.7
Scan for security issues in web applications8 versions - Latest release: 11 months ago - 4 dependent repositories - 2 stars on GitHub
operatorequals/gitsign-action v0.3.0
Uses `gitsign` to verify commit signatures of a branch3 versions - Latest release: over 3 years ago - 1 dependent repositories - 4 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 4 years ago - 1 dependent repositories - 9 stars on GitHub
Top 2.2% on github actions
1,100 versions - Latest release: over 2 years ago - 114 dependent repositories - 71 stars on GitHub
bridgecrewio/bridgecrew-action v1.2343.0
Find and fix security and compliance issues in infrastructure as code, open source packages, cont...1,100 versions - Latest release: over 2 years ago - 114 dependent repositories - 71 stars on GitHub
parasoft/run-dottest-action 2.0.2
A GitHub Action for running Parasoft dotTEST analysis.9 versions - Latest release: 11 months ago - 1 dependent repositories - 3 stars on GitHub
lfreleng-actions/sonatype-lifecycle-scan-action v0.1.2
Runs a Sonatype Lifecycle (Nexus IQ) scan3 versions - Latest release: 6 months ago - 0 stars on GitHub
mnavarrocarter/authorize-aws-security-group-ingress-action v1.1.0
Creates a inbound rule in an AWS Security Group and deletes it when the job finishes2 versions - Latest release: almost 2 years ago - 9 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 3 years ago - 48 dependent repositories - 4 stars on GitHub
Top 9.9% on github actions
5 versions - Latest release: about 4 years ago - 13 dependent repositories - 22 stars on GitHub
SecureStackCo/actions-secrets v0.1.3
Scan your source code for sensitive data like API keys, passwords, server host strings, config an...5 versions - Latest release: about 4 years ago - 13 dependent repositories - 22 stars on GitHub
Top 8.5% on github actions
6 versions - Latest release: almost 3 years ago - 7 dependent repositories - 11 stars on GitHub
federacy/scan-action 0.1.5
SAST and Dependency Scanning6 versions - Latest release: almost 3 years ago - 7 dependent repositories - 11 stars on GitHub
Top 4.7% on github actions
115 versions - Latest release: over 1 year ago - 3 dependent repositories - 1,913 stars on GitHub
pyupio/safety 3.12.13 💰
Runs the Safety CLI dependency scanner against your project115 versions - Latest release: over 1 year ago - 3 dependent repositories - 1,913 stars on GitHub
Top 2.5% on github actions
11 versions - Latest release: over 2 years ago - 59 dependent repositories - 155 stars on GitHub
kitabisa/sonarqube-action v1.2.1
Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more tha...11 versions - Latest release: over 2 years ago - 59 dependent repositories - 155 stars on GitHub
Top 2.6% on github actions
22 versions - Latest release: over 1 year ago - 54 dependent repositories - 105 stars on GitHub
triat/terraform-security-scan v3.2.0
Scan your terraform code with tfsec22 versions - Latest release: over 1 year ago - 54 dependent repositories - 105 stars on GitHub
Related Keywords
github-actions
81
security-tools
33
devsecops
32
actions
28
static-analysis
22
security-automation
22
action
22
continuous-integration
16
python
16
ci
14
hacktoberfest
13
security-audit
12
github-action
12
cicd
10
vulnerability-detection
10
scanning
10
sast
10
github
10
secrets
10
vulnerabilities
9
linter
9
security-scanner
9
golang
9
sarif-report
9
devops
9
code-quality
9
analysis
8
terraform
8
docker
8
compliance
8
aws
8
java
7
kotlin
7
vulnerability
7
lint
7
megalinter
6
linters
6
scan
6
formatter
5
gitlab-ci
5
best-practices
5
azure-pipelines
5
autofix
5
apex
5
testing
5
groovy
5
jenkins
5
markdown
5
appsec
5
workflow
5
vulnerability-scanners
5
security-vulnerability
5
dast
5
deployment
5
kubernetes
5
secret-management
5
container
5
vulnerability-scanner
5
supply-chain-security
5
cve
4
software-composition-analysis
4
frida
4
security-testing
4
containers
4
code-scanning
4
static-code-analysis
4
automation
4
security-scan
4
deployment-automation
4
secrets-management
4
nowsecure
4
fuzz-testing
4
fuzzing
4
dependency
3
npm
3
dependabot
3
secrets-detection
3
sca
3
iam
3
checkmarx
3
test
3
code
3
marketplace
3
nodejs
3
code-review
3
dynamic-analysis
3
azure
3
review
3
php
3
ruby
3
rails
3
secrets-manager
3
sbom
3
sarif
3
appscan
3
scanner
3
supply-chain
3
audit
3
continuous-testing
2
openapi
2