github / codeqlLinks
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
☆8,525Updated this week
Alternatives and similar repositories for codeql
Users that are interested in codeql are comparing it to the libraries listed below
Sorting:
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆12,022Updated this week
- Binaries for the CodeQL CLI☆848Updated 2 weeks ago
- Actions for running CodeQL analysis☆1,300Updated last week
- OSS-Fuzz - continuous fuzzing for open source software.☆11,147Updated this week
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆1,910Updated this week
- Resources related to GitHub Security Lab☆1,505Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,980Updated this week
- An extension for Visual Studio Code that adds rich language support for CodeQL☆459Updated this week
- Open source vulnerability DB and triage service.☆1,920Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,516Updated this week
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,266Updated 4 months ago
- A self-hosted Fuzzing-As-A-Service platform☆2,834Updated last year
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,749Updated 3 months ago
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,670Updated 8 months ago
- ☆3,552Updated 6 months ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆4,089Updated this week
- 🤖 Dependabot's core logic for creating update PRs.☆5,119Updated this week
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,646Updated last year
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,481Updated last month
- The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…☆5,839Updated this week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆10,414Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,327Updated last year
- An enterprise friendly way of detecting and preventing secrets in code.☆4,138Updated 3 months ago
- american fuzzy lop - a security-oriented fuzzer☆3,916Updated 4 years ago
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,170Updated this week
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,048Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,295Updated this week
- A vulnerability scanner for container images and filesystems☆10,219Updated this week
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆2,486Updated this week
- BinAbsInspector: Vulnerability Scanner for Binaries☆1,627Updated last year