Alternatives and similar repositories for semgrepper

Users that are interested in semgrepper are comparing it to the libraries listed below

• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• one-iast / practice

  View on GitHub
  手把手教你写IAST系列
  ☆24Jan 12, 2024Updated 2 years ago
• ethicalhackingplayground / bcaem

  View on GitHub
  Fast AEM scope gathering tool for all your public and private BugCrowd Programs
  ☆10Jul 14, 2021Updated 4 years ago
• NetSPI / AWSSigner

  View on GitHub
  Burp Extension for AWS Signing
  ☆90Jan 10, 2025Updated last year
• sunny0day / burp-auto-drop

  View on GitHub
  Burp extension to automatically drop requests that match a certain regex.
  ☆10Mar 10, 2023Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 10 months ago
• doyensec / PESD-Exporter-Extension

  View on GitHub
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆106Jan 30, 2025Updated last year
• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆36Mar 4, 2025Updated 11 months ago
• 0xsha / InfoSec-Alfred

  View on GitHub
  Scrap Latest Information Security Resources
  ☆34Nov 30, 2020Updated 5 years ago
• dsecuredcom / yataf

  View on GitHub
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Sep 11, 2024Updated last year
• elttam / semgrep-rules

  View on GitHub
  ☆226Dec 18, 2025Updated last month
• mazen160 / secrets-patterns-db

  View on GitHub
  Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
  ☆1,330Aug 6, 2025Updated 6 months ago
• mschwager / route-detect

  View on GitHub
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆282Sep 11, 2025Updated 5 months ago
• staaldraad / troopers19

  View on GitHub
  All the content from my Troopers 19 talk
  ☆12Mar 20, 2019Updated 6 years ago
• 0xf4n9x / CVE-2022-37042

  View on GitHub
  CVE-2022-37042 Zimbra Auth Bypass leads to RCE
  ☆30Dec 9, 2022Updated 3 years ago
• redrays-io / WS_RaceCondition_PoC

  View on GitHub
  Simple PoC for demonstrating Race Conditions on Websockets
  ☆55Sep 14, 2023Updated 2 years ago
• nullenc0de / ChromeAudit

  View on GitHub
  Nuclei plugins to audit Chrome extensions
  ☆65Jul 16, 2024Updated last year
• usdAG / FlowMate

  View on GitHub
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆165Oct 28, 2025Updated 3 months ago
• iosifache / semgrep-rules-manager

  View on GitHub
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆100Dec 24, 2025Updated last month
• nccgroup / jwt-reauth

  View on GitHub
  ☆106Jan 3, 2023Updated 3 years ago
• forteBruno / Token-Tailor

  View on GitHub
  Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.
  ☆35Sep 30, 2025Updated 4 months ago
• mindedsecurity / semgrep-rules-android-security

  View on GitHub
  A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
  ☆317Nov 12, 2025Updated 3 months ago
• LewisArdern / metasecjs

  View on GitHub
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆82Feb 4, 2023Updated 3 years ago
• disclose / policymaker

  View on GitHub
  A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.
  ☆15May 28, 2025Updated 8 months ago
• pingidentity / AuraIntruder

  View on GitHub
  ☆20Sep 6, 2023Updated 2 years ago
• vrechson / copy-to-bcheck

  View on GitHub
  BurpSuite extension to convert requests into bcheck scripts
  ☆33Jul 18, 2023Updated 2 years ago
• owasp-noir / noir

  View on GitHub
  Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.
  ☆1,097Updated this week
• GovTech-CSG / ProxyAgent

  View on GitHub
  ☆65Dec 9, 2021Updated 4 years ago
• OtterHacker / LabS4U2Self

  View on GitHub
  ☆31Sep 23, 2022Updated 3 years ago
• Ovi3 / burp-menu-level

  View on GitHub
  一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.
  ☆30Feb 4, 2024Updated 2 years ago
• talbeerysec / STS-token-decoder

  View on GitHub
  AWS STS token decoder
  ☆46Mar 18, 2025Updated 10 months ago
• pyn3rd / my-presentation-slide

  View on GitHub
  ☆101Oct 7, 2023Updated 2 years ago
• ReversecLabs / encap-attack

  View on GitHub
  Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.
  ☆23Aug 30, 2024Updated last year
• hoodoer / postBasedXSS

  View on GitHub
  Demo of various ways to exploit post based reflected XSS
  ☆18Jul 6, 2023Updated 2 years ago
• pry0cc / proteus

  View on GitHub
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆190Aug 11, 2022Updated 3 years ago
• pry0cc / jf

  View on GitHub
  A wrapper around jq, to help you parse jq output!
  ☆30Aug 23, 2020Updated 5 years ago
• xvnpw / sec-docs

  View on GitHub
  An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
  ☆34Feb 28, 2025Updated 11 months ago
• C0DEbrained / Burp-Montoya-Utilities

  View on GitHub
  A collection of utilities for building extensions using Burp's Montoya API
  ☆52Nov 8, 2025Updated 3 months ago
• GitHubSecurityLab / gh-mrva

  View on GitHub
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆61Apr 16, 2025Updated 9 months ago