Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆915Updated last week
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,434Updated this week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆2,066Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,559Updated this week
• joernio / joern
  Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…
  ☆2,752Updated last week
• github / vscode-codeql-starter
  Starter workspace to use with the CodeQL extension for Visual Studio Code.
  ☆560Updated last week
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆488Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆24,232Updated this week
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆2,405Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,715Updated this week
• actions / runner
  The Runner for GitHub Actions
  ☆5,730Updated this week
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,849Updated last month
• google / AFL
  american fuzzy lop - a security-oriented fuzzer
  ☆4,019Updated 4 years ago
• projectdiscovery / nuclei-templates
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆11,649Updated this week
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,491Updated 6 months ago
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,733Updated last year
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,667Updated last year
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,489Updated last month
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,825Updated 2 years ago
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆8,088Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆11,155Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,353Updated this week
• weggli-rs / weggli
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,466Updated last year
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,727Updated 2 years ago
• probot / probot
  🤖 A framework for building GitHub Apps to automate and improve your workflow
  ☆9,386Updated this week
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆6,139Updated 2 weeks ago
• projectdiscovery / proxify
  A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.
  ☆2,956Updated last week
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,178Updated this week
• WebGoat / WebGoat
  WebGoat is a deliberately insecure application
  ☆8,750Updated this week
• dstotijn / hetty
  An HTTP toolkit for security research.
  ☆9,028Updated 10 months ago