Repositories list

• ast-cli

  Public
  A CLI project wrapping application security testing (AST) APIs

  astcheckmarxcheckmarx-ast+ 1cli

  Go

  •

  Apache License 2.0

  •25•46•2•5•Updated Mar 23, 2025Mar 23, 2025

• ast-vscode-extension

  Public
  The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.

  securityvscode-extensioncheckmarx+ 1checkmarx-ast

  Hack

  •

  Apache License 2.0

  •6•13•1•19•Updated Mar 23, 2025Mar 23, 2025

• ast-eclipse-plugin

  Public
  The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.

  securityeclipse-plugincheckmarx+ 1checkmarx-ast

  Java

  •

  Apache License 2.0

  •11•4•0•2•Updated Mar 23, 2025Mar 23, 2025

• sast-to-ast-export

  Public
  CLI tool to export data from CxSAST and import into AST CxOne

  securityapplicationast+ 1sast

  Go

  •

  Apache License 2.0

  •5•3•2•0•Updated Mar 22, 2025Mar 22, 2025

• secret-detection

  Public
  Go

  •0•0•0•2•Updated Mar 21, 2025Mar 21, 2025

• 2ms

  Public
  Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

  securitysecret-managementsecrets+ 3appsecsecret-keysapi-keys

  Go

  •

  Apache License 2.0

  •19•89•32•2•Updated Mar 21, 2025Mar 21, 2025

• kics

  Public
  Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

  securityiacinfrastructure-as-code+ 9cloudnativeappsecvulnerability-detectionhacktoberfestvulnerability-scannerssecurity-toolsopen-policy-agent+ 2

  Open Policy Agent

  •

  Apache License 2.0

  •322•2.3k•130•85•Updated Mar 20, 2025Mar 20, 2025

• Vulnerabilities-Proofs-of-Concept

  Public
  JavaScript

  •0•0•0•0•Updated Mar 20, 2025Mar 20, 2025

• kics-cdk-validator-plugin

  Public
  A KICS plugin for AWS CDK

  TypeScript

  •

  Apache License 2.0

  •3•7•1•5•Updated Mar 20, 2025Mar 20, 2025

• Checkmarx-CVE-2025-30066-Detection-Tool

  Public
  Python

  •

  MIT License

  •0•1•0•0•Updated Mar 19, 2025Mar 19, 2025

• ci-cd-integrations

  Public
  If you are using a CI/CD platform that doesn’t yet have a dedicated Checkmarx plugin, please check this repository.

  circlecimavenbitbucket+ 6ci-cdsonarbamboo-plugincheckmarxsecurtiycheckmarx-ast

  Groovy

  •

  Apache License 2.0

  •17•9•0•2•Updated Mar 19, 2025Mar 19, 2025

• kics-github-action

  Public
  GitHub actions of KICS scan - Keeping Infrastructure as Code Secure

  JavaScript

  •

  GNU General Public License v3.0

  •33•47•11•1•Updated Mar 18, 2025Mar 18, 2025

• ast-jetbrains-plugin

  Public
  The CxAST JetBrains plugin enables you to import results from a CxAST scan directly into your IDE.

  securityjetbrains-plugincheckmarx+ 1checkmarx-ast

  Java

  •

  Apache License 2.0

  •3•3•0•14•Updated Mar 18, 2025Mar 18, 2025

• ast-azure-plugin

  Public
  The CxAST Azure DevOps plugin enables you to trigger SAST, SCA, and KICS scans directly from an Azure DevOps pipeline.

  securitysecurity-toolsazure-devops-extension+ 2checkmarxcheckmarx-ast

  TypeScript

  •

  Apache License 2.0

  •5•4•5•14•Updated Mar 18, 2025Mar 18, 2025

• vorpal-reviewdog-github-action

  Public
  Run Vorpal with reviewdog 🐶

  Shell

  •

  Apache License 2.0

  •0•3•0•0•Updated Mar 18, 2025Mar 18, 2025

• ast-teamcity-plugin

  Public
  The CxAST TeamCity plugin enables you to trigger SAST, SCA, and KICS scans directly from a TeamCity project.

  securityteamcity-plugincheckmarx+ 1checkmarx-ast

  Java

  •

  Apache License 2.0

  •2•3•1•8•Updated Mar 11, 2025Mar 11, 2025

• ast-github-action

  Public
  Checkmarx application security testing (AST) GitHub action

  securitygithub-actionscheckmarx+ 1checkmarx-ast

  Shell

  •

  Apache License 2.0

  •26•16•5•1•Updated Mar 11, 2025Mar 11, 2025

• ast-visual-studio-extension

  Public
  The CxAST Visual Studio plugin enables you to import results from a CxAST scan directly into your IDE

  securityvisual-studio-extensioncheckmarx+ 2visual-studio-2022checkmarx-ast

  C#

  •

  Apache License 2.0

  •6•2•1•8•Updated Mar 11, 2025Mar 11, 2025

• plugins-release-workflow

  Public
  Automates the release workflow across all components, starting with the CLI, followed by the Wrappers, and concluding with the Plugins. This streamlined process ensures consistent and efficient deployment across the entire ecosystem.

  0•0•25•0•Updated Mar 11, 2025Mar 11, 2025

• homebrew-ast-cli

  Public
  Ruby

  •0•2•0•0•Updated Mar 10, 2025Mar 10, 2025

• containers-resolver

  Public
  Go

  •0•0•0•0•Updated Feb 25, 2025Feb 25, 2025

• containers-syft-packages-extractor

  Public
  Go

  •0•0•0•0•Updated Feb 25, 2025Feb 25, 2025

• containers-types

  Public
  Go

  •0•0•0•0•Updated Feb 25, 2025Feb 25, 2025

• containers-images-extractor

  Public
  Go

  •0•0•0•0•Updated Feb 25, 2025Feb 25, 2025

• Phoenix-WebGoat

  Public
  Project with vulnerabilities for plugins team tests

  Other

  •0•0•0•2•Updated Feb 9, 2025Feb 9, 2025

• gen-ai-prompts

  Public
  Remediate SAST results using AI

  Go

  •1•3•2•1•Updated Jan 28, 2025Jan 28, 2025

• gen-ai-wrapper

  Public
  Go

  •

  Apache License 2.0

  •0•0•1•6•Updated Dec 30, 2024Dec 30, 2024

• ast-cli-maven-plugin

  Public
  A Maven plugin for using the AST CLI in Maven lifecycle phases

  Java

  •

  Apache License 2.0

  •0•0•0•9•Updated Dec 9, 2024Dec 9, 2024

• dast-github-action

  Public
  Shell

  •

  GNU General Public License v3.0

  •2•2•0•1•Updated Sep 23, 2024Sep 23, 2024

• terraform-aws-cxone

  Public
  HCL

  •5•0•1•2•Updated Aug 20, 2024Aug 20, 2024