github / codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
☆8,146Updated this week
Alternatives and similar repositories for codeql:
Users that are interested in codeql are comparing it to the libraries listed below
- Binaries for the CodeQL CLI☆799Updated last week
- Resources related to GitHub Security Lab☆1,457Updated 2 months ago
- Actions for running CodeQL analysis☆1,232Updated this week
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆1,837Updated this week
- The CodeQL extractor and libraries for Go.☆464Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆11,408Updated this week
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,127Updated 3 weeks ago
- An extension for Visual Studio Code that adds rich language support for CodeQL☆444Updated this week
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,585Updated last year
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,166Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆880Updated this week
- Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock☆6,837Updated last year
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,698Updated 2 weeks ago
- A self-hosted Fuzzing-As-A-Service platform☆2,826Updated last year
- OSS-Fuzz - continuous fuzzing for open source software.☆10,918Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,830Updated this week
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,414Updated this week
- ☆1,453Updated 9 months ago
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆2,313Updated this week
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,388Updated 8 months ago
- american fuzzy lop - a security-oriented fuzzer☆3,849Updated 3 years ago
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,069Updated this week
- syzkaller is an unsupervised coverage-guided kernel fuzzer☆5,587Updated last week
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,616Updated 5 months ago
- Scalable fuzzing infrastructure.☆5,369Updated this week
- 🤖 Dependabot's core logic for creating update PRs.☆4,953Updated this week
- A fast, simple, recursive content discovery tool written in Rust.☆6,349Updated last week
- GitHub App to set and enforce security policies☆1,292Updated this week
- The Runner for GitHub Actions☆5,201Updated this week
- ☆2,497Updated 2 years ago