Resources to help you get GitHub certified ✨

Prepare for GitHub Certification exams!

A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.

GitHub Advance Security Compliance Action

Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts

GH CLI CodeQL Scan Extension

Recursos meetup LatinXperts

Manage a uniform team of security managers for every organization in your enterprise

Put the power of CodeQL in your pocket, take it with you to any CI 🚀

Optimize the utilization of GHAS licenses in an enterprise (or organization)

A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow

Repository for my GitHub Universe 2023 session SEC1808M

lists code scanning SARIF reports for a given GitHub hosted repository and allows the user to identify and download these reports.

A gh CLI extension to interact with secret scanning alerts for a GHEC or GHES 3.7+ enterprise, organization, or repository

A secret scanner wrapper to aggregate results across multiple secret scanning tools

A script which will return the total number of unique de-deuped active committers across multiple GHES instances

A demo repository of simple OWASP Top 10 type of vulnerabilities in (mostly) Python. Includes an exploration of GHAS features.

GHAS Scan Result Exporter: Simplifies GHAS scan data retrieval into Excel sheets ('Code QL', 'Dependency Scanning', 'Secret Scanning'). With ExcelJS & Nodemailer, enhance security workflow and team collaboration.

Automate repository cloning and pipeline setup across Azure DevOps projects while integrating GitHub Advanced Security (GHAS) for comprehensive code scanning. Simplify cross-project collaboration and ensure robust security measures with this seamless extension.

Security Testing