iosifache / semgrep-rules-managerLinks
Manager of third-party sources of Semgrep rules π
β87Updated 11 months ago
Alternatives and similar repositories for semgrep-rules-manager
Users that are interested in semgrep-rules-manager are comparing it to the libraries listed below
Sorting:
- An extension to use Semgrep inside Burp Suite.β89Updated last month
- β196Updated 7 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ105Updated 4 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 2 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.β23Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suiteβ32Updated 3 months ago
- β111Updated 2 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.β21Updated 3 months ago
- A collection of my Semgrep rulesβ49Updated last year
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β39Updated 6 months ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guideβ41Updated 6 months ago
- β115Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β41Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript filesβ52Updated 9 months ago
- Nuclei plugins to audit Chrome extensionsβ64Updated 11 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β162Updated 7 months ago
- boostsecurityio/lotpβ126Updated 2 months ago
- Additional active scan checks for BURPβ27Updated 8 months ago
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representatiβ¦β88Updated last year
- Blogpost series showcasing interesting cloud - web app security bugsβ49Updated 2 years ago
- Proof of Concepts for unsafe deserialization in Rubyβ16Updated 8 months ago
- A GraphQL enumeration and extraction toolβ131Updated 2 years ago
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messagesβ36Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β261Updated 3 months ago
- How GitHub Actions workflows can be hackedβ156Updated 9 months ago
- β64Updated last month
- Semgrep rules corresponding to the OWASP ASVS standardβ27Updated 4 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring partsβ81Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRFβ58Updated last year