Skip to content
@Checkmarx

Checkmarx

Pinned Loading

  1. kics kics Public

    Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

    Open Policy Agent 2.4k 335

  2. 2ms 2ms Public

    Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

    Go 99 25

  3. capital capital Public

    A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

    CSS 298 80

  4. ci-cd-integrations ci-cd-integrations Public

    If you are using a CI/CD platform that doesn’t yet have a dedicated Checkmarx plugin, please check this repository.

    Groovy 11 19

Repositories

Showing 10 of 56 repositories
  • ast-vscode-extension Public

    The Checkmarx One Visual Studio Code plugin (extension) enables you to import results from a Checkmarx One scan directly into your VS Code console. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.

    Checkmarx/ast-vscode-extension’s past year of commit activity
    TypeScript 15 Apache-2.0 8 4 33 Updated Aug 14, 2025
  • kics Public

    Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

    Checkmarx/kics’s past year of commit activity
    Open Policy Agent 2,440 Apache-2.0 335 140 122 Updated Aug 14, 2025
  • 2ms Public

    Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

    Checkmarx/2ms’s past year of commit activity
    Go 99 Apache-2.0 25 9 (2 issues need help) 6 Updated Aug 14, 2025
  • ast-cli Public

    A CLI project wrapping application security testing (AST) APIs

    Checkmarx/ast-cli’s past year of commit activity
    Go 55 Apache-2.0 26 1 28 Updated Aug 14, 2025
  • kics-cdk-validator-plugin Public

    A KICS plugin for AWS CDK

    Checkmarx/kics-cdk-validator-plugin’s past year of commit activity
    TypeScript 8 Apache-2.0 3 1 5 Updated Aug 14, 2025
  • sast-to-ast-export Public

    CLI tool to export data from CxSAST and import into AST CxOne

    Checkmarx/sast-to-ast-export’s past year of commit activity
    Go 3 Apache-2.0 5 3 0 Updated Aug 13, 2025
  • ast-github-action Public

    Checkmarx application security testing (AST) GitHub action

    Checkmarx/ast-github-action’s past year of commit activity
    Shell 21 Apache-2.0 29 3 9 Updated Aug 13, 2025
  • capital Public

    A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

    Checkmarx/capital’s past year of commit activity
    CSS 298 AGPL-3.0 80 4 13 Updated Aug 13, 2025
  • ast-visual-studio-extension Public

    The CxAST Visual Studio plugin enables you to import results from a CxAST scan directly into your IDE

    Checkmarx/ast-visual-studio-extension’s past year of commit activity
    C# 2 Apache-2.0 6 1 13 Updated Aug 12, 2025
  • kics-github-action Public

    GitHub actions of KICS scan - Keeping Infrastructure as Code Secure

    Checkmarx/kics-github-action’s past year of commit activity
    JavaScript 51 GPL-3.0 40 13 4 Updated Aug 12, 2025
View all repositories