Checkov is a static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA). It scans cloud infrastructure provisioned using various tools like Terraform, Cloudformation, Kubernetes, Dockerfile, and more to detect security and compliance misconfigurations. It also performs Software Composition Analysis (SCA) scanning for open source packages and images to identify Common Vulnerabilities and Exposures (CVEs). Checkov powers Prisma Cloud Application Security, a platform that streamlines cloud security throughout the development lifecycle by identifying, fixing, and preventing misconfigurations in cloud resources and infrastructure-as-code files.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
A webshell manager via terminal for controlling web servers running PHP or MySQL.
A tool for automated HTTP header injection
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.