Tools used for development
Recommended tools to use during development
Name | Description | Category |
---|---|---|
snyk open source | Snyk open source is a tool used to scan dependencies in a project | Dependencies |
pip-audit | Scanner for vulnerable dependencies in Python-prosjects. Also supports automatic patching. | Dependencies,Python |
npm audit | Scanner for vulnerable dependencies in Node-prosjects. Also supports automatic patching. | Dependencies,Node |
Dependabot | Monitors dependencies for vulnerabilities. Also supports automatic patching. | Dependencies,GitHub |
snyk code | Snyk code is a SAST (Static Application Testing) tool for source code. | Source Code |
CodeQL | Identifies vulnerabilities and errors in source code | Source Code,GitHub |
Secret scanning | Scans for passwords, keys and other secrets to avoid exposing them in repositories. | Source Code,GitHub |
bandit | Detect common security issues in Python | Source Code,Python |
semgrep | SAST-tool with a custom rule set based on YAML | Source Code |
burp | A platform containing multiple tools for dynamic web application security testing. | Application |
ZAP | A platform containing multiple tools for dynamic web application security testing. | Application |
nuclei | A tool used for dynamic application security testing (DAST). | Application |
XSStrike | Scanner for XSS (Cross-site scripting) vulnerabilities in web applications | Application |