Skip to content
@advanced-security

GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world
README.md

Welcome to the GitHub Advanced Security Organisation! 👋

This organisation contains open source initiatives created by developers at GitHub (and around the world) to show the art of the possible with advanced security. :octocat: 💻

GitHub Advanced Security consists of CodeQL, Code Scanning, Secret Scanning, Security Overview and Dependency Review. A core principle of each of these solutions is being automated and integrable via API's and Webhooks. In this organisation, you will find starter kits, actions, custom queries and bundles, scripts and full-blown solutions that show off how you can integrate into GitHub Advanced Security (GHAS).

In comparison to the official GitHub organisation, a lot of the software you find here is developed as a best effort. These are open-source solutions developed outside of core responsibilities but with the aim for you to leverage and consume as you would any standard open-source software. 👐

We love contributions and feedback from you! So please feel free to open pull requests and issues as you can! 💕

Welcome and we hope what you find here useful 🙇

Pinned Loading

  1. awesome-codeql awesome-codeql Public

    A curated list of awesome CodeQL resources.

    45 4

  2. secret-scanning-custom-patterns secret-scanning-custom-patterns Public

    Examples of Custom Secret Scanning Patterns

    HTML 163 25

  3. advanced-security-material advanced-security-material Public

    Shell 72 26

  4. awesome-secret-scanning awesome-secret-scanning Public

    A curated list of awesome GitHub Advanced Security secret scanning resources.

    10 2

  5. awesome-dependabot awesome-dependabot Public

    A curated list of awesome Dependabot (and related software supply chain) resources.

    5 2

Repositories

Showing 10 of 88 repositories
  • teams-secret-scanning-notifier-azure-function Public

    Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function

    advanced-security/teams-secret-scanning-notifier-azure-function’s past year of commit activity
    TypeScript 7 MIT 1 1 1 Updated Jul 22, 2025
  • GSSAR Public

    GitHub Secret Scanning Auto Remediator (GSSAR)

    advanced-security/GSSAR’s past year of commit activity
    TypeScript 45 MIT 11 2 1 Updated Jul 22, 2025
  • codeql-qtil Public

    A library with a wide variety of handy CodeQL utilities, from simple to complex.

    advanced-security/codeql-qtil’s past year of commit activity
    CodeQL 3 MIT 0 0 4 Updated Jul 22, 2025
  • SARIF-viewer Public

    JetBrains IDE plugin for displaying SARIF from GHAS or from a local file

    advanced-security/SARIF-viewer’s past year of commit activity
    Kotlin 8 MIT 4 3 5 Updated Jul 21, 2025
  • component-detection-dependency-submission-action Public
    advanced-security/component-detection-dependency-submission-action’s past year of commit activity
    TypeScript 18 MIT 13 2 2 Updated Jul 21, 2025
  • secret-scanning-notifications Public

    A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency

    advanced-security/secret-scanning-notifications’s past year of commit activity
    TypeScript 1 MIT 3 0 7 Updated Jul 21, 2025
  • secret-scanning-tools Public

    Testing Suite for GitHub Secret Scanning Custom Patterns

    advanced-security/secret-scanning-tools’s past year of commit activity
    Python 8 MIT 2 0 8 Updated Jul 21, 2025
  • codeql-extractor-iac Public

    CodeQL Extractor, Library, and Queries for Infrastructure as Code

    advanced-security/codeql-extractor-iac’s past year of commit activity
    CodeQL 50 MIT 6 16 3 Updated Jul 19, 2025
  • ghas-to-csv Public

    Play with GHAS API to provide posture data over time

    advanced-security/ghas-to-csv’s past year of commit activity
    Python 38 MIT 16 4 3 Updated Jul 19, 2025
  • crypto-bill-of-materials-data Public

    Generate a Crypto Bill of Materials using CodeQL

    advanced-security/crypto-bill-of-materials-data’s past year of commit activity
    TypeScript 1 MIT 3 0 1 Updated Jul 18, 2025
View all repositories