hashicorp-forge/semgrep-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hashicorp-forge/semgrep-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hashicorp-forge/semgrep-rules)

Close

hashicorp-forge / semgrep-rulesView on GitHubMore

• External links
• Readme badge

HashiCorp-relevant rules for the Semgrep code analysis tool

☆41Oct 3, 2023Updated 2 years ago

Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• gand3lf / semgrepper

  View on GitHub
  An extension to use Semgrep inside Burp Suite.
  ☆88May 23, 2025Updated 11 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• r3volved / CVEAggregate

  View on GitHub
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Sep 27, 2023Updated 2 years ago
• s0rcy / semgrep-rules

  View on GitHub
  Collection of Semgrep rules for security analysis
  ☆10Mar 30, 2024Updated 2 years ago
• google / localtoast

  View on GitHub
  ☆116Feb 11, 2026Updated 2 months ago
• doyensec / Unsafe-Unpacking

  View on GitHub
  Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
  ☆43Dec 16, 2024Updated last year
• csdev / ezghsa

  View on GitHub
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆36Jan 4, 2026Updated 3 months ago
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆79Mar 9, 2025Updated last year
• mllamazares / STRIDE-vs-ASVS

  View on GitHub
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Aug 22, 2024Updated last year
• nullenc0de / ChromeAudit

  View on GitHub
  Nuclei plugins to audit Chrome extensions
  ☆65Jul 16, 2024Updated last year
• doyensec / PoiEx

  View on GitHub
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆72Feb 2, 2024Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• schubergphilis / terraform-aws-mcaf-securityhub-findings-manager

  View on GitHub
  Terraform module to Automatically suppress findings recorded by the AWS Security Hub service based on a pre-defined and configurable supp…
  ☆19Apr 7, 2026Updated 3 weeks ago
• PortSwigger / paramalyzer

  View on GitHub
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆33Oct 13, 2022Updated 3 years ago
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆868Mar 28, 2025Updated last year
• chainguard-dev / justtrustme

  View on GitHub
  ☆59Apr 20, 2026Updated last week
• elttam / semgrep-rules

  View on GitHub
  ☆233Apr 24, 2026Updated last week
• gradio-app / safehttpx

  View on GitHub
  ☆72Oct 24, 2025Updated 6 months ago
• carta / krang

  View on GitHub
  Knowledge Report Alert & Normalization Generator
  ☆26Apr 23, 2026Updated last week
• Nextdoor / cspm_evaluation_matrix

  View on GitHub
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Sep 7, 2023Updated 2 years ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆231Mar 27, 2026Updated last month
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• semgrep-old / rules-owasp-asvs

  View on GitHub
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Nov 2, 2020Updated 5 years ago
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jp-gouin / multi-cluster-supply-chain

  View on GitHub
  ☆16Jul 17, 2024Updated last year
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• alice-dot-io / caterpillar

  View on GitHub
  Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior
  ☆57Feb 16, 2026Updated 2 months ago
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated 3 months ago
• jatrost / awesome-kubernetes-threat-detection

  View on GitHub
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆408Sep 2, 2023Updated 2 years ago
• blackberry / Falco-bypasses

  View on GitHub
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆89Jan 28, 2024Updated 2 years ago
• jeremylong / malicious-dependencies

  View on GitHub
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆25Aug 11, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• infinite-automations / terramate-all-in-one

  View on GitHub
  Run common terramate commands in a single GitHub action
  ☆17Apr 11, 2026Updated 3 weeks ago
• IBM-Cloud / terraform-opa-ibm

  View on GitHub
  An OPA library to develop IT Control policies, for the IBM Cloud
  ☆17Sep 26, 2022Updated 3 years ago
• OWASP / www-chapter-switzerland

  View on GitHub
  OWASP Foundation Web Respository
  ☆11Apr 16, 2026Updated 2 weeks ago
• Darth-Tech / samwise-cli

  View on GitHub
  A CLI application to accompany on your terraform module journey and sharing your burden of module dependency updates, just as one brave H…
  ☆20Oct 31, 2024Updated last year
• b-b3rn4rd / acmagent

  View on GitHub
  ACMagent - automates ACM certificates approval using cli
  ☆11Mar 25, 2021Updated 5 years ago
• RyanJarv / roles

  View on GitHub
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Apr 18, 2026Updated 2 weeks ago
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆500Nov 12, 2025Updated 5 months ago