Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,471Updated this week
• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆935Updated last week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆2,134Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆14,010Updated last week
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆503Updated last week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,862Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,578Updated 2 months ago
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆11,469Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,407Updated this week
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,070Updated this week
• joernio / joern
  Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…
  ☆2,915Updated this week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,751Updated 2 years ago
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,867Updated 3 weeks ago
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,748Updated last year
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,492Updated 8 months ago
• github / rest-api-description
  An OpenAPI description for GitHub's REST API
  ☆1,556Updated last week
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆2,468Updated this week
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,255Updated last week
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,339Updated 9 months ago
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆8,331Updated this week
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,517Updated last week
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,830Updated 2 years ago
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,560Updated 3 months ago
• fossas / fossa-cli
  Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…
  ☆1,465Updated this week
• weggli-rs / weggli
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,474Updated last year
• ossf / allstar
  GitHub App to set and enforce security policies
  ☆1,391Updated last week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆8,634Updated this week
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,668Updated last year
• r4j0x00 / exploits
  ☆2,511Updated 3 years ago
• google / fuzzbench
  FuzzBench - Fuzzer benchmarking as a service.
  ☆1,182Updated last week