Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆907Updated this week
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,418Updated last week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,431Updated this week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆2,045Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,547Updated last month
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,836Updated 2 weeks ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,153Updated this week
• github / vscode-codeql-starter
  Starter workspace to use with the CodeQL extension for Visual Studio Code.
  ☆559Updated 2 weeks ago
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,321Updated last week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,639Updated last week
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆484Updated this week
• super-linter / super-linter
  Combination of multiple linters to run as a GitHub Action or standalone
  ☆10,181Updated last week
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,491Updated 5 months ago
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆6,104Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆8,069Updated last week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,723Updated last year
• github / codeql-go
  The CodeQL extractor and libraries for Go.
  ☆464Updated 2 years ago
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,718Updated 2 years ago
• projectdiscovery / nuclei
  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…
  ☆25,614Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,458Updated 3 weeks ago
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,664Updated last year
• google / AFL
  american fuzzy lop - a security-oriented fuzzer
  ☆4,006Updated 4 years ago
• projectdiscovery / nuclei-templates
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆11,376Updated this week
• google / syzkaller
  syzkaller is an unsupervised coverage-guided kernel fuzzer
  ☆5,915Updated this week
• angr / angr
  A powerful and user-friendly binary analysis platform!
  ☆8,329Updated this week
• github / rest-api-description
  An OpenAPI description for GitHub's REST API
  ☆1,542Updated this week
• dependency-check / DependencyCheck
  OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…
  ☆7,319Updated this week
• projectdiscovery / httpx
  httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
  ☆9,197Updated last week
• praetorian-inc / gokart
  A static analysis tool for securing Go code
  ☆2,174Updated last year
• googleprojectzero / fuzzilli
  A JavaScript Engine Fuzzer
  ☆2,123Updated this week