Skip to content



Find, fix, and prevent security vulnerabilities before they can be exploited.

712 results filtered by Security ×


Rewind Backups for GitHub (Formerly BackHub)

By backhub

Daily, automatic backups of your repos and metadata. Restore your backups with metadata in seconds + Sync to your S3 or Azure

Recommended Backup

By xoperosoftware

Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support

1.3k installs


By guardrailsio

GuardRails provides continuous security feedback for modern development teams

2.4k installs

Cloudback Backup

By cloudback

Automatic backups of your repos, metadata and even LFS. Backup to AWS, Azure, OneDrive, GCP, and more. Instant restores

419 installs


By returntocorp

Code scanning at ludicrous speed. Find bugs and enforce code standards

2.7k installs


By debricked

Automatically identify, fix and prevent vulnerabilities in your open source dependencies

1.2k installs

Scantist SCA

By scantist

Proactive vulnerability management and license compliance for your third-party components

513 installs


By NeuraLegion

NeuraLegion is a powerful dynamic App and API security testing (DAST) platform that security teams trust and developers love

392 installs

Nightfall DLP: GitHub Secrets Scanner

By nightfallai

Nightfall automatically detects PII, credentials, secrets, and more in GitHub repos via machine learning. Free tier

317 installs

BluBracket Community Edition

By BluBracket

BluBracket is like Clippy for code security, but—you know—not as annoying and a lot more effective

717 installs
View all



Psalm – Security Scanner for PHP

By psalm

Find security vulnerabilities in your PHP codebase with Psalm, a free and open-source tool created by Vimeo

14 stars

CodeGuru Reviewer

By aws-actions

AWS CodeGuru Reviewer Action

18 stars

Export Fortify vulnerability data

By fortify

Export Fortify vulnerability data to various targets


SonarCloud Scan

By SonarSource

Scan your code with SonarCloud to detect bugs, vulnerabilities and code smells in more than 25 programming languages.

322 stars

GP Security Scan

By whitesource

Scan packages and Docker images uploaded to GitHub Packages

53 stars

Gradle Wrapper Validation

By gradle

Validates Gradle Wrapper JAR Files

131 stars


By snyk

Check your applications for vulnerabilties using Snyk

148 stars
sysdiglabs image/svg+xml sysdig_Vert_Color_Logo_RGB_MED

Kubernetes Security Config Watch

By sysdiglabs

Run security privilege comparison against Kubernetes workloads when a PR is open

19 stars
sysdiglabs image/svg+xml sysdig_Vert_Color_Logo_RGB_MED

Sysdig CIS Dockerfile Benchmark

By sysdiglabs

Run CIS Dockerfile benchmark against dockerfiles in repository (CIS 4.1, 4.2, 4.3, 4.6, 4.7, 4.9, 4.10)

8 stars

Secrets Sync Action

By google

Copies secrets from the action's environment to many other repos

195 stars
View all

List your tool on GitHub Marketplace

Read the documentation
Learn how you can build tools to extend and improve developers' workflows.
Submit your tool for review
Share your app or GitHub Action with millions of developers.