Checkmarx

All

60 repositories

ast-cli
Public
A CLI project wrapping application security testing (AST) APIs
cli ast checkmarx checkmarx-ast
Go
•
Apache License 2.0
•28•58•3•12•Updated Jan 5, 2026Jan 5, 2026
ast-cli-java-wrapper
Public
Java SDK to access AST
cli
Java
•
Apache License 2.0
•1•1•1•17•Updated Jan 5, 2026Jan 5, 2026
kics
Public
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
golang security iac infrastructure-as-code cloudnative appsec vulnerability-detection hacktoberfest vulnerability-scanners security-tools
Open Policy Agent
•
Apache License 2.0
•354•2.6k•138•127•Updated Jan 5, 2026Jan 5, 2026
gen-ai-wrapper
Public
Go
•
Apache License 2.0
•0•0•1•7•Updated Jan 5, 2026Jan 5, 2026
2ms
Public
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
security secret-management secrets appsec secret-keys api-keys
Go
•
Apache License 2.0
•28•138•10•2•Updated Jan 5, 2026Jan 5, 2026
ast-jetbrains-plugin
Public
The CxAST JetBrains plugin enables you to import results from a CxAST scan directly into your IDE.
security jetbrains-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•3•3•0•10•Updated Jan 5, 2026Jan 5, 2026
ast-vscode-extension
Public
The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
security vscode-extension checkmarx checkmarx-ast
TypeScript
•
Apache License 2.0
•8•18•8•14•Updated Jan 5, 2026Jan 5, 2026
ast-cli-javascript-wrapper-runtime-cli
Public
Java Script Wrapper that uses the CLI by runtime Download
cli
TypeScript
•9•1•1•7•Updated Jan 1, 2026Jan 1, 2026
ast-cli-javascript-wrapper
Public
cli
TypeScript
•0•1•0•19•Updated Dec 31, 2025Dec 31, 2025
ast-github-action
Public
Checkmarx application security testing (AST) GitHub action
security github-actions checkmarx checkmarx-ast
Shell
•
Apache License 2.0
•35•26•8•5•Updated Dec 30, 2025Dec 30, 2025
ast-azure-plugin
Public
The CxAST Azure DevOps plugin enables you to trigger SAST, SCA, and KICS scans directly from an Azure DevOps pipeline.
security security-tools azure-devops-extension checkmarx checkmarx-ast
TypeScript
•
Apache License 2.0
•5•7•7•17•Updated Dec 30, 2025Dec 30, 2025
ast-visual-studio-extension
Public
The CxAST Visual Studio plugin enables you to import results from a CxAST scan directly into your IDE
security visual-studio-extension checkmarx visual-studio-2022 checkmarx-ast
C#
•
Apache License 2.0
•6•2•3•10•Updated Dec 30, 2025Dec 30, 2025
ast-teamcity-plugin
Public
The CxAST TeamCity plugin enables you to trigger SAST, SCA, and KICS scans directly from a TeamCity project.
security teamcity-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•2•3•1•25•Updated Dec 30, 2025Dec 30, 2025
homebrew-ast-cli
Public
Ruby
•0•2•1•0•Updated Dec 30, 2025Dec 30, 2025
ci-cd-integrations
Public
If you are using a CI/CD platform that doesn’t yet have a dedicated Checkmarx plugin, please check this repository.
circleci maven bitbucket ci-cd sonar bamboo-plugin checkmarx securtiy checkmarx-ast
Groovy
•
Apache License 2.0
•21•13•0•2•Updated Dec 30, 2025Dec 30, 2025
kics-github-action
Public
GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
JavaScript
•
GNU General Public License v3.0
•38•52•14•4•Updated Dec 30, 2025Dec 30, 2025
sspi
Public
Go
•
BSD 3-Clause "New" or "Revised" License
•0•0•0•0•Updated Dec 29, 2025Dec 29, 2025
kics-cdk-validator-plugin
Public
A KICS plugin for AWS CDK
TypeScript
•
Apache License 2.0
•3•8•1•5•Updated Dec 25, 2025Dec 25, 2025
ast-eclipse-plugin
Public
The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
security eclipse-plugin checkmarx checkmarx-ast
Java
•
Apache License 2.0
•12•4•2•1•Updated Dec 15, 2025Dec 15, 2025
containers-resolver
Public
Go
•1•1•0•0•Updated Dec 10, 2025Dec 10, 2025
containers-syft-packages-extractor
Public
Go
•1•0•0•3•Updated Dec 9, 2025Dec 9, 2025
containers-images-extractor
Public
Go
•0•0•0•2•Updated Dec 9, 2025Dec 9, 2025
plugins-release-workflow
Public
Automates the release workflow across all components, starting with the CLI, followed by the Wrappers, and concluding with the Plugins. This streamlined process ensures consistent and efficient deployment across the entire ecosystem.
0•0•25•0•Updated Nov 20, 2025Nov 20, 2025
sast-to-ast-export
Public
CLI tool to export data from CxSAST and import into AST CxOne
security application ast sast
Go
•
Apache License 2.0
•6•5•3•0•Updated Nov 14, 2025Nov 14, 2025
secret-detection
Public
Go
•0•1•0•4•Updated Oct 16, 2025Oct 16, 2025
Vulnerabilities-Proofs-of-Concept
Public
JavaScript
•0•1•0•0•Updated Sep 8, 2025Sep 8, 2025
ast-cli-maven-plugin
Public
A Maven plugin for using the AST CLI in Maven lifecycle phases
Java
•
Apache License 2.0
•0•0•0•10•Updated Aug 24, 2025Aug 24, 2025
manifest-parser
Public
Go
•0•0•0•0•Updated Aug 20, 2025Aug 20, 2025
capital
Public
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
ctf vulnerable-web-app apisecurity
CSS
•
GNU Affero General Public License v3.0
•86•315•4•13•Updated Aug 13, 2025Aug 13, 2025
containers-types
Public
Go
•0•0•0•0•Updated Jul 22, 2025Jul 22, 2025