hashicorp-forge/semgrep-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hashicorp-forge/semgrep-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hashicorp-forge/semgrep-rules)

Close

hashicorp-forge / semgrep-rulesView on GitHubMore

• External links
• Readme badge

HashiCorp-relevant rules for the Semgrep code analysis tool

☆41Oct 3, 2023Updated 2 years ago

Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• gand3lf / semgrepper

  View on GitHub
  An extension to use Semgrep inside Burp Suite.
  ☆89May 23, 2025Updated 11 months ago
• r3volved / CVEAggregate

  View on GitHub
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆29Sep 27, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• s0rcy / semgrep-rules

  View on GitHub
  Collection of Semgrep rules for security analysis
  ☆10Mar 30, 2024Updated 2 years ago
• google / localtoast

  View on GitHub
  ☆116Feb 11, 2026Updated 3 months ago
• dsecuredcom / yataf

  View on GitHub
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Sep 11, 2024Updated last year
• csdev / ezghsa

  View on GitHub
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆36Jan 4, 2026Updated 4 months ago
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆79Mar 9, 2025Updated last year
• SentineLabs / macos-ttps-yara

  View on GitHub
  A ruleset to find potentially malicious code in macOS malware samples
  ☆41Aug 29, 2023Updated 2 years ago
• mllamazares / STRIDE-vs-ASVS

  View on GitHub
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Aug 22, 2024Updated last year
• nullenc0de / ChromeAudit

  View on GitHub
  Nuclei plugins to audit Chrome extensions
  ☆65Jul 16, 2024Updated last year
• doyensec / PoiEx

  View on GitHub
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆71Feb 2, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• schubergphilis / terraform-aws-mcaf-securityhub-findings-manager

  View on GitHub
  Terraform module to Automatically suppress findings recorded by the AWS Security Hub service based on a pre-defined and configurable supp…
  ☆19May 11, 2026Updated last week
• PortSwigger / paramalyzer

  View on GitHub
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆33Oct 13, 2022Updated 3 years ago
• Legit-Labs / legitify

  View on GitHub
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆869Mar 28, 2025Updated last year
• chainguard-dev / justtrustme

  View on GitHub
  ☆59May 5, 2026Updated 2 weeks ago
• elttam / semgrep-rules

  View on GitHub
  ☆232Apr 24, 2026Updated 3 weeks ago
• gradio-app / safehttpx

  View on GitHub
  ☆72Oct 24, 2025Updated 6 months ago
• carta / krang

  View on GitHub
  Knowledge Report Alert & Normalization Generator
  ☆26May 11, 2026Updated last week
• Nextdoor / cspm_evaluation_matrix

  View on GitHub
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Sep 7, 2023Updated 2 years ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆231Mar 27, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆136Oct 23, 2023Updated 2 years ago
• jp-gouin / multi-cluster-supply-chain

  View on GitHub
  ☆16Jul 17, 2024Updated last year
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated 4 months ago
• jatrost / awesome-kubernetes-threat-detection

  View on GitHub
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆407Sep 2, 2023Updated 2 years ago
• blackberry / Falco-bypasses

  View on GitHub
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆89Jan 28, 2024Updated 2 years ago
• jeremylong / malicious-dependencies

  View on GitHub
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆26Aug 11, 2023Updated 2 years ago
• infinite-automations / terramate-all-in-one

  View on GitHub
  Run common terramate commands in a single GitHub action
  ☆17May 13, 2026Updated last week
• alice-dot-io / caterpillar

  View on GitHub
  Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior
  ☆60Feb 16, 2026Updated 3 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• IBM-Cloud / terraform-opa-ibm

  View on GitHub
  An OPA library to develop IT Control policies, for the IBM Cloud
  ☆17Sep 26, 2022Updated 3 years ago
• pypa / gh-action-pip-audit

  View on GitHub
  A GitHub Action for pip-audit
  ☆88May 12, 2026Updated last week
• OWASP / www-chapter-switzerland

  View on GitHub
  OWASP Foundation Web Respository
  ☆11Apr 16, 2026Updated last month
• Darth-Tech / samwise-cli

  View on GitHub
  A CLI application to accompany on your terraform module journey and sharing your burden of module dependency updates, just as one brave H…
  ☆20Oct 31, 2024Updated last year
• b-b3rn4rd / acmagent

  View on GitHub
  ACMagent - automates ACM certificates approval using cli
  ☆11Mar 25, 2021Updated 5 years ago
• RyanJarv / roles

  View on GitHub
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Apr 18, 2026Updated last month
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆508May 7, 2026Updated 2 weeks ago