elttam/semgrep-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/elttam/semgrep-rules)

elttam / semgrep-rules

☆229

Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

kondukto-io / semgrep-rules
View on GitHub
Custom semgrep rules registry
☆14Aug 23, 2022Updated 3 years ago
federicodotta / semgrep-rules
View on GitHub
A collection of my Semgrep rules
☆51Jul 4, 2023Updated 2 years ago
vmnguyen / semgrep-rules
View on GitHub
My custom semgrep rules
☆23Sep 13, 2020Updated 5 years ago
semgrep / semgrep-rules
View on GitHub
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
☆1,099Updated this week
trailofbits / semgrep-rules
View on GitHub
Semgrep queries developed by Trail of Bits.
☆486Nov 12, 2025Updated 4 months ago
tuannq2299 / semgrep-rules
View on GitHub
A collection of Semgrep rules which followed security guidelines for .NET and Java.
☆24Oct 4, 2021Updated 4 years ago
0xdea / semgrep-rules
View on GitHub
A collection of my Semgrep rules to facilitate vulnerability research.
☆799Mar 9, 2026Updated 2 weeks ago
s0rcy / semgrep-rules
View on GitHub
Collection of Semgrep rules for security analysis
☆10Mar 30, 2024Updated last year
mandiant / route-sixty-sink
View on GitHub
Link sources to sinks in C# applications.
☆150Apr 10, 2023Updated 2 years ago
wahyuhadi / semgrep-server-rules
View on GitHub
☆18Dec 20, 2025Updated 3 months ago
iosifache / semgrep-rules-manager
View on GitHub
Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
☆101Dec 24, 2025Updated 3 months ago
hashicorp-forge / semgrep-rules
View on GitHub
HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
gand3lf / semgrepper
View on GitHub
An extension to use Semgrep inside Burp Suite.
☆88May 23, 2025Updated 10 months ago
doyensec / Unsafe-Unpacking
View on GitHub
Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
☆43Dec 16, 2024Updated last year
mindedsecurity / semgrep-rules-android-security
View on GitHub
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
☆322Nov 12, 2025Updated 4 months ago
akabe1 / OAUTHScan
View on GitHub
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆176Oct 26, 2024Updated last year
assetnote / batchql
View on GitHub
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
☆408Dec 24, 2022Updated 3 years ago
BishopFox / GadgetProbe
View on GitHub
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
☆612Mar 4, 2021Updated 5 years ago
qtc-de / beanshooter
View on GitHub
JMX enumeration and attacking tool.
☆499Jun 26, 2025Updated 8 months ago
mschwager / route-detect
View on GitHub
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆281Sep 11, 2025Updated 6 months ago
BishopFox / rmiscout
View on GitHub
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
☆447Sep 7, 2022Updated 3 years ago
silentsignal / SemGWT
View on GitHub
Semgrep rules to identify GWT attack surface
☆12Apr 28, 2022Updated 3 years ago
GrrrDog / Java-Deserialization-Cheat-Sheet
View on GitHub
The cheat sheet about Java Deserialization vulnerabilities
☆3,173May 26, 2023Updated 2 years ago
mlr0p / CVE-2021-33564
View on GitHub
Argument Injection in Dragonfly Ruby Gem
☆16May 26, 2021Updated 4 years ago
iflody / codeql-workshop
View on GitHub
☆12Aug 5, 2021Updated 4 years ago
dgryski / semgrep-go
View on GitHub
Go rules for semgrep and go-ruleguard
☆479Nov 17, 2024Updated last year
BishopFox / sj
View on GitHub
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
☆795Updated this week
justmorpheus / very-vulnerable-serverless
View on GitHub
Welcome to the Very Vulnerable Lambda Application repository! This repository contains an intentionally vulnerable serverless applicatio…
☆11Jul 22, 2024Updated last year
wdeilim / Audit-Rules
View on GitHub
A curated list of audit rules which extract from Source Code Auditing tools.
☆15Feb 19, 2020Updated 6 years ago
mazen160 / secrets-patterns-db
View on GitHub
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
☆1,363Aug 6, 2025Updated 7 months ago
BishopFox / json-interop-vuln-labs
View on GitHub
Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
☆210Mar 9, 2023Updated 3 years ago
synacktiv / mojarragadget
View on GitHub
☆15Oct 25, 2021Updated 4 years ago
nccgroup / raccoon
View on GitHub
Salesforce object access auditor
☆118Jan 30, 2023Updated 3 years ago
PalindromeLabs / WebSockets-Playground
View on GitHub
Jumpstart multiple WebSocket servers quickly
☆32Nov 23, 2021Updated 4 years ago
Zeetaz / FancyTracker-FF
View on GitHub
A modern postMessage tracker including additional features, inspired by Frans Rosens postmessage tracker. A port of chrome Manifest V3 "F…
☆56Sep 12, 2025Updated 6 months ago
wireghoul / graudit
View on GitHub
grep rough audit - source code auditing tool
☆1,682Dec 19, 2025Updated 3 months ago
gsmith257-cyber / GraphCrawler
View on GitHub
GraphQL automated security testing toolkit
☆334Feb 20, 2024Updated 2 years ago
assetnote / ghostbuster
View on GitHub
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
☆278Sep 20, 2024Updated last year
qtc-de / remote-method-guesser
View on GitHub
Java RMI Vulnerability Scanner
☆915Jul 3, 2024Updated last year