Skip to content
@GitHubSecurityLab

GitHub Security Lab

GitHub Security Lab
README.md

GitHub Security Lab’s mission is to empower developers and secure open source. We do that in a number of ways:

  • by finding and disclosing vulnerabilities in open source. We publish our advisories on our website.
  • reviewing advisories that affect open source projects hosted on GitHub and notifying affected developers and maintainers. See GitHub’s advisory database.
  • educating the community and empowering developers via in-person events (you can meet us during any events listed in the event calendar).
  • scaling the security research community’s work with CodeQL Community Packs. See how to get started.

In this organisation, you will find some of our projects aiming to educate the community and empower developers or security researchers. Check out also our team repository at github/securitylab

Questions? Join us on our Slack server.

Pinned Loading

  1. actions-permissions actions-permissions Public

    GitHub token permissions Monitor and Advisor actions

    Python 350 27

  2. gh-mrva gh-mrva Public

    Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)

    Go 62 4

  3. CodeQL-Community-Packs CodeQL-Community-Packs Public

    Collection of community-driven CodeQL query, library and extension packs

    Java 199 22

  4. codeql-zero-to-hero codeql-zero-to-hero Public

    CodeQL zero to hero blog post series challenges

    CodeQL 163 275

  5. secure-code-challenge secure-code-challenge Public template

    We are excited to present you a code security challenge inspired from real-world code, with which you can feel the thrill of finding a security issue and win a GitHub Shop voucher!

    JavaScript 10

  6. codeql-jupyter-kernel codeql-jupyter-kernel Public

    Jupyter Kernel for CodeQL

    Python 15 1

Repositories

Showing 10 of 15 repositories
  • seclab-taskflow-agent Public

    GitHub Security Lab Taskflow Agent

    GitHubSecurityLab/seclab-taskflow-agent’s past year of commit activity
    Python 42 MIT 8 4 6 Updated Jan 16, 2026
  • seclab-taskflows Public

    Example taskflows to use with the GitHub Security Lab Taskflow Agent (https://github.com/GitHubSecurityLab/seclab-taskflow-agent)

    GitHubSecurityLab/seclab-taskflows’s past year of commit activity
    Python 1 MIT 3 1 2 Updated Jan 14, 2026
  • secure-code-challenge Public template

    We are excited to present you a code security challenge inspired from real-world code, with which you can feel the thrill of finding a security issue and win a GitHub Shop voucher!

    GitHubSecurityLab/secure-code-challenge’s past year of commit activity
    JavaScript 10 MIT 0 0 1 Updated Dec 31, 2025
  • CodeQL-Community-Packs Public

    Collection of community-driven CodeQL query, library and extension packs

    GitHubSecurityLab/CodeQL-Community-Packs’s past year of commit activity
    Java 199 MIT 22 4 9 Updated Dec 15, 2025
  • actions-permissions Public

    GitHub token permissions Monitor and Advisor actions

    GitHubSecurityLab/actions-permissions’s past year of commit activity
    Python 350 MIT 27 3 0 Updated Nov 24, 2025
  • pwn-request-scanner Public
    GitHubSecurityLab/pwn-request-scanner’s past year of commit activity
    JavaScript 0 MIT 0 0 0 Updated Nov 10, 2025
  • codeql-zero-to-hero Public

    CodeQL zero to hero blog post series challenges

    GitHubSecurityLab/codeql-zero-to-hero’s past year of commit activity
    CodeQL 163 275 0 0 Updated Sep 29, 2025
  • codeql-extractor-bicep Public

    CodeQL Extractor for Bicep Configurations

    GitHubSecurityLab/codeql-extractor-bicep’s past year of commit activity
    CodeQL 2 MIT 0 1 1 Updated Sep 8, 2025
  • gh-mrva Public

    Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)

    GitHubSecurityLab/gh-mrva’s past year of commit activity
    Go 62 MIT 4 1 3 Updated Apr 16, 2025
  • gh-qldb Public

    CodeQL database manager

    GitHubSecurityLab/gh-qldb’s past year of commit activity
    Go 49 2 0 2 Updated Apr 16, 2025
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

codeql gh-extension