Alternatives and similar repositories for codeql

Users that are interested in codeql are comparing it to the libraries listed below

• github / codeql-action
  Actions for running CodeQL analysis
  ☆1,357Updated this week
• github / codeql-cli-binaries
  Binaries for the CodeQL CLI
  ☆872Updated last week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆12,710Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,313Updated this week
• github / securitylab
  Resources related to GitHub Security Lab
  ☆1,529Updated last week
• github / advisory-database
  Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
  ☆1,987Updated this week
• github / vscode-codeql-starter
  Starter workspace to use with the CodeQL extension for Visual Studio Code.
  ☆544Updated last week
• joernio / joern
  Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…
  ☆2,612Updated this week
• r4j0x00 / exploits
  ☆2,508Updated 2 years ago
• CVEProject / cvelist
  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
  ☆1,489Updated 3 months ago
• actions / toolkit
  The GitHub ToolKit for developing GitHub Actions.
  ☆5,450Updated this week
• AFLplusplus / AFLplusplus
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆5,965Updated last week
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,791Updated this week
• ASTTeam / CodeQL
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,678Updated last year
• dependabot / dependabot-core
  🤖 Dependabot's core logic for creating update PRs.
  ☆5,209Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,694Updated 10 months ago
• github / rest-api-description
  An OpenAPI description for GitHub's REST API
  ☆1,527Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,382Updated 6 months ago
• actions / runner
  The Runner for GitHub Actions
  ☆5,513Updated this week
• microsoft / onefuzz
  A self-hosted Fuzzing-As-A-Service platform
  ☆2,830Updated last year
• weggli-rs / weggli
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,443Updated last year
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,053Updated this week
• knownsec / pocsuite3
  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  ☆3,770Updated 6 months ago
• tree-sitter / tree-sitter
  An incremental parsing system for programming tools
  ☆21,970Updated this week
• vulhub / vulhub
  Pre-Built Vulnerable Environments Based on Docker-Compose
  ☆19,461Updated last month
• analysis-tools-dev / dynamic-analysis
  ⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
  ☆1,030Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,732Updated this week
• KeenSecurityLab / BinAbsInspector
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,643Updated last year
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,456Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,234Updated this week