Alternatives and similar repositories for codeql:

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆783Updated 2 weeks ago
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,212Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆10,811Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆11,164Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,447Updated last month
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,741Updated this week
• github / codeql-go
  The CodeQL extractor and libraries for Go.
  ☆466Updated 2 years ago
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆1,809Updated this week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,567Updated last year
• trickest / cve
  Gather and update all available and newest CVEs with their PoC.
  ☆6,745Updated this week
• google / AFL
  american fuzzy lop - a security-oriented fuzzer
  ☆3,815Updated 3 years ago
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,824Updated last year
• projectdiscovery / interactsh
  An OOB interaction gathering server and client library
  ☆3,593Updated this week
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,773Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,589Updated 3 months ago
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆5,617Updated 6 months ago
• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆7,965Updated 10 months ago
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆5,496Updated this week
• ossf / allstar
  GitHub App to set and enforce security policies
  ☆1,278Updated this week
• google / syzkaller
  syzkaller is an unsupervised coverage-guided kernel fuzzer
  ☆5,529Updated this week
• super-linter / super-linter
  Combination of multiple linters to run as a GitHub Action or standalone
  ☆9,635Updated this week
• googleprojectzero / fuzzilli
  A JavaScript Engine Fuzzer
  ☆1,945Updated 2 weeks ago
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,673Updated last week
• analysis-tools-dev / static-analysis
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆13,583Updated this week
• weggli-rs / weggli
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,373Updated 7 months ago
• projectdiscovery / httpx
  httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
  ☆8,114Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,027Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,069Updated 3 months ago
• find-sec-bugs / find-sec-bugs
  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…
  ☆2,312Updated 2 months ago
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,396Updated this week