☆243Jun 3, 2026Updated last week
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of my Semgrep rules☆52Jul 4, 2023Updated 2 years ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,182Updated this week
- Semgrep queries developed by Trail of Bits.☆514May 7, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆24Oct 4, 2021Updated 4 years ago
- A collection of my Semgrep rules to facilitate vulnerability research.☆823Updated this week
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated 2 years ago
- Link sources to sinks in C# applications.☆151Apr 10, 2023Updated 3 years ago
- An extension to use Semgrep inside Burp Suite.☆90May 23, 2025Updated last year
- ☆18Dec 20, 2025Updated 5 months ago
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆115Dec 24, 2025Updated 5 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆42Oct 3, 2023Updated 2 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆44Dec 16, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.☆329Jun 5, 2026Updated last week
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆178Oct 26, 2024Updated last year
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆411Dec 24, 2022Updated 3 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- JMX enumeration and attacking tool.☆505Jun 26, 2025Updated 11 months ago
- Burp extension to log requests and responses to PostgreSQL☆15Jun 30, 2025Updated 11 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆280Sep 11, 2025Updated 9 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆449Sep 7, 2022Updated 3 years ago
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The cheat sheet about Java Deserialization vulnerabilities☆3,177May 26, 2023Updated 3 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- Argument Injection in Dragonfly Ruby Gem☆16May 26, 2021Updated 5 years ago
- ☆12Aug 5, 2021Updated 4 years ago
- Go rules for semgrep and go-ruleguard☆477Nov 17, 2024Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆850May 13, 2026Updated last month
- Welcome to the Very Vulnerable Lambda Application repository! This repository contains an intentionally vulnerable serverless applicatio…☆12Jul 22, 2024Updated last year
- A curated list of audit rules which extract from Source Code Auditing tools.☆15Feb 19, 2020Updated 6 years ago
- Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.☆1,498Aug 6, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆15Oct 25, 2021Updated 4 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆210Mar 9, 2023Updated 3 years ago
- Salesforce object access auditor☆118Jan 30, 2023Updated 3 years ago
- Jumpstart multiple WebSocket servers quickly☆33Nov 23, 2021Updated 4 years ago
- grep rough audit - source code auditing tool☆1,684Dec 19, 2025Updated 5 months ago
- GraphQL automated security testing toolkit☆335Feb 20, 2024Updated 2 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆278Sep 20, 2024Updated last year