Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆830Updated 2 weeks ago
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,285Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,492Updated last month
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆11,904Updated this week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆1,902Updated this week
• github / codeql-go
  The CodeQL extractor and libraries for Go.
  ☆463Updated 2 years ago
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆458Updated last week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,640Updated last year
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,110Updated this week
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,480Updated 3 weeks ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,940Updated this week
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,902Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,662Updated 8 months ago
• analysis-tools-dev / static-analysis
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆13,881Updated last month
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,487Updated this week
• OWASP-Benchmark / BenchmarkJava
  OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…
  ☆718Updated last week
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆5,800Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,157Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,243Updated 3 months ago
• google / cel-spec
  Common Expression Language -- specification and binary representation
  ☆3,253Updated last month
• r4j0x00 / exploits
  ☆2,509Updated 2 years ago
• vulhub / vulhub
  Pre-Built Vulnerable Environments Based on Docker-Compose
  ☆19,050Updated last month
• google / fuzzbench
  FuzzBench - Fuzzer benchmarking as a service.
  ☆1,150Updated 4 months ago
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆27,215Updated this week
• yogeshojha / rengine
  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…
  ☆7,978Updated 4 months ago
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,410Updated this week
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,623Updated last year
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆929Updated this week
• nomi-sec / PoC-in-GitHub
  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
  ☆7,001Updated this week
• projectdiscovery / nuclei-templates
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆10,330Updated this week