ligurio / semgrep-rulesLinks
semgrep rules for flakiness, missed error handling, Lua antipatterns and pitfalls.
β16Updated 10 months ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- Automatic fuzz targets generation for Golang packagesβ53Updated last month
- π° Static taint analysis for Go programs.β73Updated 3 weeks ago
- This is a go-protobuf-mutator library for random value mutations. This is a Go equivalent of libprotobuf-mutator, which is implemented inβ¦β35Updated last week
- Go library for SARIF - Static Analysis Results Interchange Formatβ80Updated 3 weeks ago
- Docker Secure Computing Profile Generatorβ48Updated 3 years ago
- CLI to integrate continuous fuzzing with Fuzzit (no longer available)β222Updated 5 years ago
- eBPF based syscalls, files and network events tracing frameworkβ93Updated 5 years ago
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.β90Updated 5 years ago
- A project to run fuzzing jobs at scale with Kubernetes.β148Updated 4 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.β21Updated 2 years ago
- Corpus for github.com/dvyukov/go-fuzz examplesβ202Updated 4 years ago
- Fuzzing Go cryptoβ74Updated 6 years ago
- Detect compiler names and versions from ELF filesβ27Updated 4 months ago
- Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues iβ¦β22Updated 5 years ago
- egrets monitors egressβ46Updated 5 years ago
- A tool for interacting with live processes/containersβ22Updated 3 years ago
- β22Updated 3 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β78Updated this week
- Static code analysis tool to find unsafe usages in Go packages and their dependenciesβ44Updated 5 years ago
- A place to systematically store software bill of materials (SBOM) documents.β46Updated 2 years ago
- Parallel Delta Debugging Frameworkβ53Updated 2 weeks ago
- β29Updated 7 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β151Updated last year
- β26Updated 9 years ago
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systemsβ13Updated last year
- OWASP Dependency Track API client for intergration into CI/CD pipelineβ55Updated last year
- β20Updated 2 years ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.β74Updated 2 years ago
- Function callpath mapping analysis tool for Goβ34Updated 6 months ago
- Feed parsing for language package manager updatesβ78Updated 9 months ago