Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆929Updated this week
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,453Updated last week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,810Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,820Updated this week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆2,095Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,570Updated last month
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,493Updated 7 months ago
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,740Updated last year
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,227Updated this week
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆6,219Updated this week
• projectdiscovery / nuclei-templates
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆11,768Updated this week
• google / AFL
  american fuzzy lop - a security-oriented fuzzer
  ☆4,039Updated 4 years ago
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,854Updated 2 months ago
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆2,443Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,528Updated 2 months ago
• fossas / fossa-cli
  Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…
  ☆1,456Updated last week
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,054Updated this week
• analysis-tools-dev / static-analysis
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆14,298Updated this week
• dependabot / dependabot-core
  🤖 Dependabot's core logic for creating update PRs.
  ☆5,343Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,376Updated this week
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,827Updated 2 years ago
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,743Updated 2 years ago
• projectdiscovery / nuclei
  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…
  ☆26,445Updated this week
• actions / runner-images
  GitHub Actions runner images
  ☆12,321Updated this week
• dstotijn / hetty
  An HTTP toolkit for security research.
  ☆9,052Updated 11 months ago
• projectdiscovery / interactsh
  An OOB interaction gathering server and client library
  ☆4,121Updated this week
• google / cel-spec
  Common Expression Language -- specification and binary representation
  ☆3,588Updated last month
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆8,323Updated this week
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,666Updated last year
• rizinorg / cutter
  Free and Open Source Reverse Engineering Platform powered by rizin
  ☆18,237Updated last week