Tools used for development

Recommended tools to use during development

Name	Description	Category
snyk open source	Snyk open source is a tool used to scan dependencies in a project	Dependencies
pip-audit	Scanner for vulnerable dependencies in Python-prosjects. Also supports automatic patching.	Dependencies,Python
npm audit	Scanner for vulnerable dependencies in Node-prosjects. Also supports automatic patching.	Dependencies,Node
Dependabot	Monitors dependencies for vulnerabilities. Also supports automatic patching.	Dependencies,GitHub
snyk code	Snyk code is a SAST (Static Application Testing) tool for source code.	Source Code
CodeQL	Identifies vulnerabilities and errors in source code	Source Code,GitHub
Secret scanning	Scans for passwords, keys and other secrets to avoid exposing them in repositories.	Source Code,GitHub
bandit	Detect common security issues in Python	Source Code,Python
semgrep	SAST-tool with a custom rule set based on YAML	Source Code
burp	A platform containing multiple tools for dynamic web application security testing.	Application
ZAP	A platform containing multiple tools for dynamic web application security testing.	Application
nuclei	A tool used for dynamic application security testing (DAST).	Application
XSStrike	Scanner for XSS (Cross-site scripting) vulnerabilities in web applications	Application