HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 10 months ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior☆32Feb 16, 2026Updated 2 weeks ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 9 months ago
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated last month
- ☆117Feb 11, 2026Updated 2 weeks ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- Nuclei plugins to audit Chrome extensions☆65Jul 16, 2024Updated last year
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆72Feb 2, 2024Updated 2 years ago
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated 2 weeks ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago
- A ruleset to find potentially malicious code in macOS malware samples☆40Aug 29, 2023Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- OWASP Foundation Web Respository☆11Jan 14, 2026Updated last month
- Unauthenticated enumeration of AWS IAM Roles.☆26Sep 7, 2025Updated 5 months ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Aug 11, 2023Updated 2 years ago
- ☆16Jul 17, 2024Updated last year
- ACMagent - automates ACM certificates approval using cli☆11Mar 25, 2021Updated 4 years ago
- ☆14Jan 8, 2026Updated last month
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Execute a shell command within Cloud Run☆31Jul 7, 2022Updated 3 years ago
- ☆57Feb 9, 2026Updated 3 weeks ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆832Mar 28, 2025Updated 11 months ago
- ☆229Updated this week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Jan 28, 2024Updated 2 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆33Oct 13, 2022Updated 3 years ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Sep 7, 2023Updated 2 years ago
- ☆30Jan 13, 2026Updated last month
- ☆18Jul 30, 2024Updated last year
- Terraform module to Automatically suppress findings recorded by the AWS Security Hub service based on a pre-defined and configurable supp…☆19Feb 23, 2026Updated last week
- ☆72Oct 24, 2025Updated 4 months ago
- ☆227Dec 18, 2025Updated 2 months ago
- A CLI application to accompany on your terraform module journey and sharing your burden of module dependency updates, just as one brave H…☆20Oct 31, 2024Updated last year
- Tool for obfuscating and deobfuscating data.☆76Mar 20, 2024Updated last year