Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below

• ozonru / cyclonedx-go
  Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…
  ☆21Updated 5 years ago
• picatz / taint
  🚰 Static taint analysis for Go programs.
  ☆64Updated last month
• raesene / eathar
  ☆27Updated 3 weeks ago
• catenacyber / ngolo-fuzzing
  Automatic fuzz targets generation for Golang packages
  ☆53Updated 4 months ago
• ancat / egrets
  egrets monitors egress
  ☆46Updated 5 years ago
• uchi-mata / dostainer
  ☆29Updated 4 months ago
• owenrumney / go-sarif
  Go library for SARIF - Static Analysis Results Interchange Format
  ☆78Updated 2 weeks ago
• xyproto / ainur
  Detect compiler names and versions from ELF files
  ☆27Updated 3 weeks ago
• inetrg / spoki
  Artifacts of the USENIX Security 2022 paper "Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope"
  ☆17Updated 5 months ago
• fxamacker / cbor-fuzz
  Old coverage-guided fuzz testing for fxamacker/cbor. A newer version is used by fxamacker/cbor for fuzzing.
  ☆11Updated last year
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• bookingcom / bpfink
  BPF based FIM solution
  ☆42Updated 2 years ago
• dustin-decker / threatseer
  efficient linux security monitoring
  ☆26Updated 6 years ago
• aquasecurity / binfinder
  Find binary files not installed through package manager
  ☆11Updated last year
• hex0punk / wally
  Function callpath mapping analysis tool for Go
  ☆33Updated 3 months ago
• knqyf263 / remic
  Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies
  ☆23Updated 5 years ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆20Updated last year
• blackberry / UBCIS
  Ultimate Benchmark for Container Image Scanners
  ☆12Updated 4 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated last month
• ShiftLeftSecurity / traceleft
  eBPF based syscalls, files and network events tracing framework
  ☆92Updated 4 years ago
• ttarvis / glasgo
  A Security Scanner for Go
  ☆26Updated 6 years ago
• ozontech / dtrack-audit
  OWASP Dependency Track API client for intergration into CI/CD pipeline
  ☆53Updated 10 months ago
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆36Updated 2 years ago
• blacktop / seccomp-gen
  Docker Secure Computing Profile Generator
  ☆48Updated 3 years ago
• buglloc / rip
  Wildcard DNS with few features
  ☆13Updated last month
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 5 years ago
• puerco / bomshell
  An query language and interactive tooling to work with SBOM data.
  ☆14Updated 8 months ago
• dirtyharrycallahan / pystrace
  ☆27Updated 8 years ago
• gravitational / rbac-linter
  ☆29Updated last year
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago