ligurio / semgrep-rules

Related projects ⓘ

Alternatives and complementary repositories for semgrep-rules

• kondukto-io / semgrep-rules
  Custom semgrep rules registry
  ☆12Updated 2 years ago
• vmnguyen / semgrep-rules
  My custom semgrep rules
  ☆18Updated 4 years ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆19Updated last year
• owenrumney / go-sarif
  Go library for sarif - Static Analysis Results Interchange Format
  ☆66Updated 3 months ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆71Updated 3 weeks ago
• fxamacker / cbor-fuzz
  Old coverage-guided fuzz testing for fxamacker/cbor. A newer version is used by fxamacker/cbor for fuzzing.
  ☆11Updated last year
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆37Updated last year
• ozonru / cyclonedx-go
  Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…
  ☆21Updated 4 years ago
• in-toto / supply-chain-compromises
  ☆22Updated 2 years ago
• catenacyber / ngolo-fuzzing
  Automatic fuzz targets generation for Golang packages
  ☆53Updated 4 months ago
• picatz / taint
  🚰 Static taint analysis for Go programs.
  ☆57Updated 3 months ago
• renatahodovan / picire
  Parallel Delta Debugging Framework
  ☆47Updated this week
• jlauinger / go-geiger
  Static code analysis tool to find unsafe usages in Go packages and their dependencies
  ☆41Updated 4 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• s-index / go-cve-search
  lightweight CVE search
  ☆21Updated last year
• trailofbits / codeql-queries
  CodeQL queries developed by Trail of Bits
  ☆76Updated this week
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 4 years ago
• SatelliteApplicationsCatapult / tribble
  Coverage based JVM Fuzz testing tool.
  ☆19Updated 5 years ago
• ancat / egrets
  egrets monitors egress
  ☆45Updated 4 years ago
• inetrg / spoki
  Artifacts of the USENIX Security 2022 paper "Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope"
  ☆17Updated 2 years ago
• semgrep / semgrep-vscode
  Semgrep extension for Visual Studio Code
  ☆54Updated this week
• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆133Updated this week
• AdamKorcz / go-118-fuzz-build
  ☆24Updated last month
• adamdoupe / enemy-of-the-state
  This novel black-box web vulnerability scanner attempts to infer the state machine of the web application.
  ☆19Updated 4 years ago
• ttarvis / glasgo
  A Security Scanner for Go
  ☆26Updated 5 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆71Updated last week
• AlexAkulov / hungryfox
  Monitoring for leaks of sensitive information in git repositories
  ☆43Updated 11 months ago
• usnistgov / swid-tools
  ☆13Updated last month
• aquasecurity / binfinder
  Find binary files not installed through package manager
  ☆11Updated last year