github / codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
☆7,709Updated this week
Related projects ⓘ
Alternatives and complementary repositories for codeql
- Actions for running CodeQL analysis☆1,165Updated this week
- Binaries for the CodeQL CLI☆750Updated last week
- Resources related to GitHub Security Lab☆1,415Updated 3 months ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆10,666Updated this week
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆497Updated last week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆4,956Updated this week
- The CodeQL extractor and libraries for Go.☆465Updated last year
- An extension for Visual Studio Code that adds rich language support for CodeQL☆427Updated this week
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆1,741Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,604Updated this week
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,505Updated last year
- ☆2,492Updated last year
- A self-hosted Fuzzing-As-A-Service platform☆2,821Updated last year
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆20,728Updated this week
- Combination of multiple linters to run as a GitHub Action or standalone☆9,517Updated this week
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,277Updated 2 months ago
- OSS-Fuzz - continuous fuzzing for open source software.☆10,557Updated this week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆9,325Updated this week
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆3,929Updated this week
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,345Updated 4 months ago
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,513Updated 3 weeks ago
- Scanning APK file for URIs, endpoints & secrets.☆4,960Updated last month
- Scalar: A set of tools and extensions for Git to allow very large monorepos to run on Git without a virtualization layer☆1,392Updated 2 months ago
- The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…☆5,208Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,259Updated this week
- A vulnerability scanner for container images and filesystems☆8,838Updated this week
- Scalable fuzzing infrastructure.☆5,308Updated this week
- In-depth attack surface mapping and asset discovery☆12,095Updated this week
- A JavaScript Engine Fuzzer☆1,893Updated this week
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,610Updated last month