hashicorp-forge/semgrep-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hashicorp-forge/semgrep-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hashicorp-forge/semgrep-rules)

Close

hashicorp-forge / semgrep-rulesView on GitHubMore

• External links
• Readme badge

HashiCorp-relevant rules for the Semgrep code analysis tool

☆41Oct 3, 2023Updated 2 years ago

Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• gand3lf / semgrepper

  View on GitHub
  An extension to use Semgrep inside Burp Suite.
  ☆88May 23, 2025Updated 10 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• r3volved / CVEAggregate

  View on GitHub
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Sep 27, 2023Updated 2 years ago
• s0rcy / semgrep-rules

  View on GitHub
  Collection of Semgrep rules for security analysis
  ☆10Mar 30, 2024Updated 2 years ago
• google / localtoast

  View on GitHub
  ☆117Feb 11, 2026Updated 2 months ago
• dsecuredcom / yataf

  View on GitHub
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Sep 11, 2024Updated last year
• doyensec / Unsafe-Unpacking

  View on GitHub
  Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
  ☆43Dec 16, 2024Updated last year
• csdev / ezghsa

  View on GitHub
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Jan 4, 2026Updated 3 months ago
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆79Mar 9, 2025Updated last year
• SentineLabs / macos-ttps-yara

  View on GitHub
  A ruleset to find potentially malicious code in macOS malware samples
  ☆41Aug 29, 2023Updated 2 years ago
• mllamazares / STRIDE-vs-ASVS

  View on GitHub
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Aug 22, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• nullenc0de / ChromeAudit

  View on GitHub
  Nuclei plugins to audit Chrome extensions
  ☆66Jul 16, 2024Updated last year
• doyensec / PoiEx

  View on GitHub
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆72Feb 2, 2024Updated 2 years ago
• schubergphilis / terraform-aws-mcaf-securityhub-findings-manager

  View on GitHub
  Terraform module to Automatically suppress findings recorded by the AWS Security Hub service based on a pre-defined and configurable supp…
  ☆19Updated this week
• PortSwigger / paramalyzer

  View on GitHub
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆33Oct 13, 2022Updated 3 years ago
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆841Mar 28, 2025Updated last year
• chainguard-dev / justtrustme

  View on GitHub
  ☆58Updated this week
• elttam / semgrep-rules

  View on GitHub
  ☆231Dec 18, 2025Updated 3 months ago
• gradio-app / safehttpx

  View on GitHub
  ☆72Oct 24, 2025Updated 5 months ago
• Nextdoor / cspm_evaluation_matrix

  View on GitHub
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Sep 7, 2023Updated 2 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ReversecLabs / IAMSpy

  View on GitHub
  ☆230Mar 27, 2026Updated 2 weeks ago
• semgrep-old / rules-owasp-asvs

  View on GitHub
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Nov 2, 2020Updated 5 years ago
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jp-gouin / multi-cluster-supply-chain

  View on GitHub
  ☆16Jul 17, 2024Updated last year
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• alice-dot-io / caterpillar

  View on GitHub
  Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior
  ☆53Feb 16, 2026Updated last month
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated 2 months ago
• jatrost / awesome-kubernetes-threat-detection

  View on GitHub
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆407Sep 2, 2023Updated 2 years ago
• blackberry / Falco-bypasses

  View on GitHub
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆89Jan 28, 2024Updated 2 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• jeremylong / malicious-dependencies

  View on GitHub
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆25Aug 11, 2023Updated 2 years ago
• infinite-automations / terramate-all-in-one

  View on GitHub
  Run common terramate commands in a single GitHub action
  ☆17Updated this week
• RyanJarv / roles

  View on GitHub
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Sep 7, 2025Updated 7 months ago
• pypa / gh-action-pip-audit

  View on GitHub
  A GitHub Action for pip-audit
  ☆87Mar 30, 2026Updated last week
• OWASP / www-chapter-switzerland

  View on GitHub
  OWASP Foundation Web Respository
  ☆11Jan 14, 2026Updated 2 months ago
• Darth-Tech / samwise-cli

  View on GitHub
  A CLI application to accompany on your terraform module journey and sharing your burden of module dependency updates, just as one brave H…
  ☆20Oct 31, 2024Updated last year
• b-b3rn4rd / acmagent

  View on GitHub
  ACMagent - automates ACM certificates approval using cli
  ☆11Mar 25, 2021Updated 5 years ago