ASTTeam/Semgrep

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ASTTeam/Semgrep)

ASTTeam / Semgrep

《深入理解Semgrep》Finding vulnerabilities with Semgrep.

☆59

Alternatives and similar repositories for Semgrep

Users that are interested in Semgrep are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

ax1sX / Automation-in-Java-Security
View on GitHub
☆10Jul 21, 2022Updated 3 years ago
p1n93r / javasec
View on GitHub
Java安全相关，目前主要是CC链研究
☆10Sep 1, 2022Updated 3 years ago
l3yx / Choccy
View on GitHub
GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)
☆469Jan 19, 2025Updated last year
hluwa / AndSecCxQL
View on GitHub
Android Security Bug Queries for CheckMarx
☆20Sep 13, 2022Updated 3 years ago
ax1sX / SpringSecurity
View on GitHub
A list for Spring Security
☆128Jan 16, 2024Updated 2 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
Ovi3 / extract-react-router
View on GitHub
Extract React router info from React based website within browser
☆44Mar 29, 2024Updated 2 years ago
Lya0 / Choccy_LLM_Demo
View on GitHub
大模型辅助SAST静态代码分析的Demo系统
☆13Feb 19, 2025Updated last year
amakerlee / javaweb-vuls
View on GitHub
☆14Aug 4, 2021Updated 4 years ago
ASTTeam / CodeQL
View on GitHub
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
☆1,765Nov 21, 2023Updated 2 years ago
ffkkaq / fuzzingbook
View on GitHub
一本用代码写出来的Fuzzing书籍：The Fuzzing Book
☆14Sep 30, 2023Updated 2 years ago
ASTTeam / SAST
View on GitHub
《深入理解SAST静态应用安全测试》Static Application Security Testing.
☆394Sep 28, 2025Updated 6 months ago
gandalf4a / crash_report
View on GitHub
☆14Updated this week
evilpan / audit.vim
View on GitHub
Code audit (code review) with VIM.
☆17Jan 3, 2025Updated last year
gand3lf / semgrepper
View on GitHub
An extension to use Semgrep inside Burp Suite.
☆88May 23, 2025Updated 10 months ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
jiashaoxiong1998 / fernflower
View on GitHub
☆10May 17, 2023Updated 2 years ago
ice-doom / codeql_compile
View on GitHub
自动反编译闭源应用，创建codeql数据库
☆318Mar 2, 2022Updated 4 years ago
suizhibo / Tao
View on GitHub
Tao（道）一款用于java语言函数调用关系生成的工具，致力于提高java代码审计效率。
☆11Jul 2, 2024Updated last year
BytecodeDL / ByteCodeDL
View on GitHub
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
☆345Jan 6, 2024Updated 2 years ago
yhy0 / sqlilab-Jsp
View on GitHub
jsp版sqlilab 1-21关
☆20Jun 21, 2022Updated 3 years ago
tabby-sec / tabby
View on GitHub
A CAT called tabby ( Code Analysis Tool )
☆1,642Jan 17, 2026Updated 2 months ago
absholi7ly / Microsoft-Edge-Information-Disclosure
View on GitHub
CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
☆17May 27, 2024Updated last year
qwert419 / Ai_SATS-tools
View on GitHub
专注AI大模型代码审计工具，一款专业的代码安全分析软件，旨在帮助开发者和安全工程师识别代码中的潜在安全漏洞。该工具支持多种编程语言，集成了先进的AI分析技术，能够进行静态代码分析和智能漏洞检测。
☆79Dec 9, 2025Updated 4 months ago
Cryin / JavaID
View on GitHub
java source code static code analysis and danger function identify prog
☆536Feb 18, 2019Updated 7 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
BytecodeDL / graphdb-intellij-plugin
View on GitHub
neo4j plugin of ByteCodeDL for the IntelliJ Platform. ByteCodeDL-Neo4j-IDEA-Plugin
☆16Dec 28, 2023Updated 2 years ago
semgrep / semgrep-rules
View on GitHub
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
☆1,123Updated this week
WAY29 / javaGGC
View on GitHub
javaGGC for generate commons.collections gadget chain
☆12Nov 10, 2021Updated 4 years ago
guguyu1 / IDOR-bypass-fuzz
View on GitHub
IDOR bypass fuzz 权限绕过burp 插件 fuzz （shiro 等）
☆27Sep 1, 2021Updated 4 years ago
N1etzsche0 / GOAD
View on GitHub
☆23Aug 20, 2023Updated 2 years ago
tntC4stl3 / POC
View on GitHub
poc or exp of some famous vulnerability
☆14Mar 5, 2014Updated 12 years ago
alipay / ant-application-security-testing-benchmark
View on GitHub
xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
☆468Jan 15, 2026Updated 2 months ago
ttonys / CodeQLAnalyseJar
View on GitHub
CodeQL分析闭源Jar包脚本，基于Apache Ant构建CodeQL数据库
☆41Aug 19, 2022Updated 3 years ago
appsecco / json-flash-csrf-poc
View on GitHub
This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
☆78Feb 5, 2018Updated 8 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
luelueking / Deserial_Sink_With_JDBC
View on GitHub
Some ReadObject Sink With JDBC
☆245May 8, 2024Updated last year
yhy0 / nucleiY
View on GitHub
承影用的 nuclei 漏扫模板
☆15Jun 11, 2023Updated 2 years ago
Firebasky / CodeqlLearn
View on GitHub
记录学习codeql的过程
☆397Jun 9, 2023Updated 2 years ago
iQingshan / ARL
View on GitHub
灯塔v2.6.2_docker版本
☆15Oct 13, 2025Updated 5 months ago
tthtlc / source-sink-ghidra
View on GitHub
Collections of student projects to find execution path in binary program via taint analysis using Ghidra
☆18Sep 25, 2022Updated 3 years ago
waderwu / extractor-java
View on GitHub
CodeQL extractor for java, which don't need to compile java source
☆349Nov 25, 2022Updated 3 years ago
BobTheShoplifter / CVE-2023-52251-POC
View on GitHub
CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.
☆21Jan 23, 2024Updated 2 years ago