gand3lf/semgrepper

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/gand3lf/semgrepper)

gand3lf / semgrepper

An extension to use Semgrep inside Burp Suite.

☆88

Alternatives and similar repositories for semgrepper

Users that are interested in semgrepper are comparing it to the libraries listed below

Sorting:

hashicorp-forge / semgrep-rules
View on GitHub
HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
one-iast / practice
View on GitHub
手把手教你写IAST系列
☆24Jan 12, 2024Updated 2 years ago
ethicalhackingplayground / bcaem
View on GitHub
Fast AEM scope gathering tool for all your public and private BugCrowd Programs
☆10Jul 14, 2021Updated 4 years ago
NetSPI / AWSSigner
View on GitHub
Burp Extension for AWS Signing
☆90Jan 10, 2025Updated last year
sunny0day / burp-auto-drop
View on GitHub
Burp extension to automatically drop requests that match a certain regex.
☆10Mar 10, 2023Updated 2 years ago
semgr8ns / semgr8s
View on GitHub
Semgrep-based Policy Controller for Kubernetes
☆47Apr 4, 2025Updated 11 months ago
doyensec / PESD-Exporter-Extension
View on GitHub
PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
☆107Jan 30, 2025Updated last year
dillonfranke / protoburp
View on GitHub
Encode and Fuzz Custom Protobuf Messages in Burp Suite
☆36Mar 4, 2025Updated last year
0xsha / InfoSec-Alfred
View on GitHub
Scrap Latest Information Security Resources
☆35Nov 30, 2020Updated 5 years ago
dsecuredcom / yataf
View on GitHub
yataf extracts secrets and paths from files or urls - its best used against javascript files
☆52Sep 11, 2024Updated last year
elttam / semgrep-rules
View on GitHub
☆228Dec 18, 2025Updated 2 months ago
mazen160 / secrets-patterns-db
View on GitHub
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
☆1,350Aug 6, 2025Updated 7 months ago
mschwager / route-detect
View on GitHub
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆281Sep 11, 2025Updated 5 months ago
alice-dot-io / caterpillar
View on GitHub
Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior
☆33Feb 16, 2026Updated 3 weeks ago
staaldraad / troopers19
View on GitHub
All the content from my Troopers 19 talk
☆12Mar 20, 2019Updated 6 years ago
0xf4n9x / CVE-2022-37042
View on GitHub
CVE-2022-37042 Zimbra Auth Bypass leads to RCE
☆30Dec 9, 2022Updated 3 years ago
redrays-io / WS_RaceCondition_PoC
View on GitHub
Simple PoC for demonstrating Race Conditions on Websockets
☆54Sep 14, 2023Updated 2 years ago
nullenc0de / ChromeAudit
View on GitHub
Nuclei plugins to audit Chrome extensions
☆65Jul 16, 2024Updated last year
usdAG / FlowMate
View on GitHub
FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
☆165Oct 28, 2025Updated 4 months ago
iosifache / semgrep-rules-manager
View on GitHub
Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
☆101Dec 24, 2025Updated 2 months ago
nccgroup / jwt-reauth
View on GitHub
☆105Jan 3, 2023Updated 3 years ago
forteBruno / Token-Tailor
View on GitHub
Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.
☆35Sep 30, 2025Updated 5 months ago
mindedsecurity / semgrep-rules-android-security
View on GitHub
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
☆321Nov 12, 2025Updated 3 months ago
LewisArdern / metasecjs
View on GitHub
MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
☆82Feb 4, 2023Updated 3 years ago
disclose / policymaker
View on GitHub
A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.
☆15May 28, 2025Updated 9 months ago
pingidentity / AuraIntruder
View on GitHub
☆20Sep 6, 2023Updated 2 years ago
vrechson / copy-to-bcheck
View on GitHub
BurpSuite extension to convert requests into bcheck scripts
☆33Jul 18, 2023Updated 2 years ago
owasp-noir / noir
View on GitHub
Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.
☆1,108Mar 1, 2026Updated last week
GovTech-CSG / ProxyAgent
View on GitHub
☆65Dec 9, 2021Updated 4 years ago
OtterHacker / LabS4U2Self
View on GitHub
☆31Sep 23, 2022Updated 3 years ago
Ovi3 / burp-menu-level
View on GitHub
一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.
☆30Feb 4, 2024Updated 2 years ago
talbeerysec / STS-token-decoder
View on GitHub
AWS STS token decoder
☆46Mar 18, 2025Updated 11 months ago
pyn3rd / my-presentation-slide
View on GitHub
☆101Oct 7, 2023Updated 2 years ago
ReversecLabs / encap-attack
View on GitHub
Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
☆23Aug 30, 2024Updated last year
hoodoer / postBasedXSS
View on GitHub
Demo of various ways to exploit post based reflected XSS
☆18Jul 6, 2023Updated 2 years ago
pry0cc / proteus
View on GitHub
A projectdiscovery driven attack surface monitoring bot powered by axiom
☆189Aug 11, 2022Updated 3 years ago
xvnpw / sec-docs
View on GitHub
An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
☆34Feb 28, 2025Updated last year
pry0cc / jf
View on GitHub
A wrapper around jq, to help you parse jq output!
☆30Aug 23, 2020Updated 5 years ago
GitHubSecurityLab / gh-mrva
View on GitHub
Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
☆61Apr 16, 2025Updated 10 months ago