A fast, zero-config CLI tool that scans your project dependencies and Dockerfiles for known security vulnerabilities — across 8 ecosystems, powered by free public vulnerability databases, with AI-powered analysis and scheduled scanning.

End-to-End Automated CI/CD DevSecOps pipeline using GitHub Actions — security scanning, testing, containerisation, and deployment to AWS EC2 via Docker Hub.

Enterprise-style DevSecOps CI/CD pipeline demo using GitHub Actions, Semgrep, CodeQL, TruffleHog, pip-audit, and pre-commit.

VS Code extension : Real-time dependency health monitoring across 10+ ecosystems. Replaces npm audit, composer audit, pip audit.

Block the attack before it lands.

Enterprise-grade DevSecOps CI/CD pipeline — Gitleaks, pip-audit, Bandit, SonarCloud, OWASP ZAP, Trivy, SBOM, 3-environment deploy with manual approval gate

Jenkins CI pipeline for a Python Playwright web-scraper that performs dependency vulnerability scanning, static security analysis, and code-quality checks before optionally running the scraper and archiving results.

pip audit

A template FastAPI server with production-ready configuration.

A GitHub Action that runs bandit (static code analysis) and pip-audit (dependency vulnerability scanning) on a Python repository, then puts the results in one PR comment, the workflow step summary, and a downloadable artifact.

A template repository for Python applications with code checking tools configured.