FOSS: Comprehensive Application Security Skills and Tools for claude-code (SAST/DAST/Secrets/Active Testing)

The post presents a set of open-source tools (FOSS) developed by Ghost Security to enhance application security. These tools include Poltergeist (a scanner for secrets in source code), Wraith (a scanner for vulnerabilities in dependencies), and Reaper (a real-time validation proxy for testing web vulnerabilities). They are integrated into a GitHub project called skills, designed to automate security tests (SAST, DAST, secret detection, and active testing). All three tools are written in Go and available on GitHub.