Alternatives and similar repositories for codeql:

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆810Updated 2 weeks ago
• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,247Updated last week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,466Updated 3 months ago
• github / codeql-go
  The CodeQL extractor and libraries for Go.
  ☆464Updated 2 years ago
• github / vscode-codeql
  An extension for Visual Studio Code that adds rich language support for CodeQL
  ☆447Updated this week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,599Updated last year
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,859Updated last week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆1,853Updated this week
• actions / cache
  Cache dependencies and build outputs in GitHub Actions
  ☆4,819Updated last month
• joernio / joern
  Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…
  ☆2,347Updated this week
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,456Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,099Updated this week
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,821Updated last week
• tree-sitter / tree-sitter
  An incremental parsing system for programming tools
  ☆20,291Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆11,499Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆10,982Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,164Updated last month
• google / security-research
  This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…
  ☆3,876Updated this week
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,384Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,634Updated 5 months ago
• OWASP-Benchmark / BenchmarkJava
  OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…
  ☆704Updated this week
• actions / runner
  The Runner for GitHub Actions
  ☆5,249Updated this week
• dependabot / dependabot-core
  🤖 Dependabot's core logic for creating update PRs.
  ☆4,996Updated this week
• VirusTotal / yara
  The pattern matching swiss knife
  ☆8,705Updated 2 weeks ago
• find-sec-bugs / find-sec-bugs
  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…
  ☆2,330Updated last week
• actions / runner-images
  GitHub Actions runner images
  ☆10,997Updated this week
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆895Updated this week
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,610Updated 10 months ago
• github / semantic
  Parsing, analyzing, and comparing source code across many languages
  ☆9,032Updated 3 weeks ago
• googleprojectzero / fuzzilli
  A JavaScript Engine Fuzzer
  ☆1,978Updated 2 months ago