Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆872Updated last week
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,342Updated last week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,288Updated last week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,525Updated last week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆12,710Updated this week
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,489Updated 3 months ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,053Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,695Updated 10 months ago
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆470Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,695Updated last week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,227Updated this week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,677Updated last year
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,830Updated last year
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,786Updated 3 weeks ago
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,367Updated 6 months ago
• google / syzkaller
  syzkaller is an unsupervised coverage-guided kernel fuzzer
  ☆5,808Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆23,165Updated 3 weeks ago
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆975Updated this week
• projectdiscovery / nuclei-templates
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆10,865Updated this week
• github / roadmap
  GitHub public roadmap
  ☆8,367Updated 10 months ago
• weggli-rs / weggli
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,443Updated last year
• mbechler / marshalsec
  ☆3,592Updated 8 months ago
• super-linter / super-linter
  Combination of multiple linters to run as a GitHub Action or standalone
  ☆10,084Updated this week
• trickest / cve
  Gather and update all available and newest CVEs with their PoC.
  ☆7,215Updated this week
• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆4,227Updated 5 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆5,436Updated this week
• AFLplusplus / LibAFL
  Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_st…
  ☆2,332Updated last week
• trufflesecurity / trufflehog
  Find, verify, and analyze leaked credentials
  ☆21,393Updated this week
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,069Updated 4 months ago
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆28,781Updated this week