HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 10 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- ☆117Feb 11, 2026Updated last month
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated 2 months ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- A ruleset to find potentially malicious code in macOS malware samples☆41Aug 29, 2023Updated 2 years ago
- Nuclei plugins to audit Chrome extensions☆65Jul 16, 2024Updated last year
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior☆41Feb 16, 2026Updated last month
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆72Feb 2, 2024Updated 2 years ago
- Terraform module to Automatically suppress findings recorded by the AWS Security Hub service based on a pre-defined and configurable supp…☆19Mar 10, 2026Updated last week
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆33Oct 13, 2022Updated 3 years ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆836Mar 28, 2025Updated 11 months ago
- ☆72Oct 24, 2025Updated 4 months ago
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated last month
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Sep 7, 2023Updated 2 years ago
- ☆229Mar 10, 2026Updated last week
- Semgrep rules corresponding to the OWASP ASVS standard☆27Nov 2, 2020Updated 5 years ago
- SCP management tool☆135Oct 23, 2023Updated 2 years ago
- ☆16Jul 17, 2024Updated last year
- ☆114Jun 8, 2023Updated 2 years ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆407Sep 2, 2023Updated 2 years ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆89Jan 28, 2024Updated 2 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Aug 11, 2023Updated 2 years ago
- Run common terramate commands in a single GitHub action☆17Mar 14, 2026Updated last week
- Unauthenticated enumeration of AWS IAM Roles.☆26Sep 7, 2025Updated 6 months ago
- A GitHub Action for pip-audit☆86Updated this week
- OWASP Foundation Web Respository☆11Jan 14, 2026Updated 2 months ago
- A CLI application to accompany on your terraform module journey and sharing your burden of module dependency updates, just as one brave H…☆20Oct 31, 2024Updated last year
- Semgrep queries developed by Trail of Bits.☆485Nov 12, 2025Updated 4 months ago
- ACMagent - automates ACM certificates approval using cli☆11Mar 25, 2021Updated 4 years ago
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆101Dec 24, 2025Updated 2 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆181Dec 11, 2025Updated 3 months ago
- Nessus Cheat Sheet in HTML, PDF, PNG, ADOC☆12Apr 10, 2022Updated 3 years ago