github / codeqlLinks
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
☆8,763Updated this week
Alternatives and similar repositories for codeql
Users that are interested in codeql are comparing it to the libraries listed below
Sorting:
- Binaries for the CodeQL CLI☆883Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆12,926Updated this week
- Resources related to GitHub Security Lab☆1,532Updated last month
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆2,006Updated this week
- OSS-Fuzz - continuous fuzzing for open source software.☆11,358Updated this week
- Open source vulnerability DB and triage service.☆1,995Updated this week
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆2,651Updated last week
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆548Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,811Updated this week
- An extension for Visual Studio Code that adds rich language support for CodeQL☆476Updated this week
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,488Updated 4 months ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,403Updated 6 months ago
- 🤖 Dependabot's core logic for creating update PRs.☆5,235Updated this week
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,812Updated 3 weeks ago
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,258Updated this week
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,683Updated last year
- A self-hosted Fuzzing-As-A-Service platform☆2,826Updated last year
- OpenSSF Scorecard - Security health metrics for Open Source☆5,084Updated this week
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,711Updated 11 months ago
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,225Updated this week
- An OpenAPI description for GitHub's REST API☆1,530Updated this week
- Parsing, analyzing, and comparing source code across many languages☆9,059Updated 6 months ago
- american fuzzy lop - a security-oriented fuzzer☆3,973Updated 4 years ago
- Scalable fuzzing infrastructure.☆5,478Updated this week
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,445Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆990Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,383Updated 3 months ago
- BinAbsInspector: Vulnerability Scanner for Binaries☆1,645Updated last year
- A JavaScript Engine Fuzzer☆2,083Updated 2 weeks ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆4,212Updated this week