搜索结果
全部能力
找到 882 个相关结果 / 前端体验
安全与治理 / 审核评估
semgrep-rule-creator
semgrep-rule-creator
Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static…
安全与治理 / 审核评估
fuzzing-obstacles
fuzzing-obstacles
Techniques for patching code to overcome fuzzing obstacles. Use when checksums, global state, or other barriers block fuzzer progress.
安全与治理 / 审核评估
coverage-analysis
coverage-analysis
Coverage analysis measures code exercised during fuzzing. Use when assessing harness effectiveness or identifying fuzzing blockers.
安全与治理 / 审核评估
firebase-apk-scanner
firebase-apk-scanner
Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use…
安全与治理 / 审核评估
Search and retrieve content from Reddit. Get posts, comments, subreddit info, and user profiles via the public JSON API. Use when user mentions Reddit, a…
安全与治理 / 审核评估
constant-time-analysis
constant-time-analysis
Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets,…
安全与治理 / 审核评估
fuzzing-dictionary
fuzzing-dictionary
Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-specific code.
安全与治理 / 审核评估
semgrep-rule-variant-creator
semgrep-rule-variant-creator
Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target languages. Takes an existing rule and target languages…
安全与治理 / 审核评估
cosmos-vulnerability-scanner
cosmos-vulnerability-scanner
Scans Cosmos SDK blockchain modules and CosmWasm contracts for consensus-critical vulnerabilities — chain halts, fund loss, state divergence. 25 core + 16 IBC…
安全与治理 / 审核评估
substrate-vulnerability-scanner
substrate-vulnerability-scanner
Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when…
安全与治理 / 审核评估
constant-time-testing
constant-time-testing
Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementations for timing vulnerabilities.
安全与治理 / 审核评估
libfuzzer
libfuzzer
Coverage-guided fuzzer built into LLVM for C/C++ projects. Use for fuzzing C/C++ code that can be compiled with Clang.
安全与治理 / 审核评估
linear
linear
Manage issues, projects & team workflows in Linear. Use when the user wants to read, create or updates tickets in Linear.
安全与治理 / 审核评估
secure-code-guardian
secure-code-guardian
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations…
安全与治理 / 审核评估
libafl
libafl
LibAFL is a modular fuzzing library for building custom fuzzers. Use for advanced fuzzing needs, custom mutators, or non-standard fuzzing targets.
安全与治理 / 审核评估
asc-xcode-build
asc-xcode-build
Build, archive, export, upload, and manage Xcode version/build numbers with the current asc xcode helpers before App Store Connect upload or submission. Use…
安全与治理 / 审核评估
查找缺陷
find-bugs
查找本地分支更改中的 Bug、安全漏洞和代码质量问题。在要求审查更改、查找 Bug、安全审查或代码审计时使用……
安全与治理 / 审核评估
cairo-vulnerability-scanner
cairo-vulnerability-scanner
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems,…
安全与治理 / 审核评估
atheris
atheris
Atheris is a coverage-guided Python fuzzer based on libFuzzer. Use for fuzzing pure Python code and Python C extensions.
安全与治理 / 审核评估
ruzzy
ruzzy
Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.